Vault

vault
REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/18.0/vault
VERSION
VERSION 1.0.4
CATEGORY
CATEGORYVault
LICENSE
LICENSEAGPL-3
APPLICATION
APPLICATIONYes
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), initOS GmbH
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), initOS GmbH
COMMITTERS
COMMITTERSWeblate, OCA-git-bot, oca-ci, Carlos Roca, CarlosRoca13
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 19:30:10
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - base_setup
    - base
    - web
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION
This module implements a vault for secrets and files using
end-to-end-encryption. The encryption and decryption happens in the
browser using a vault specific shared master key. The master keys are
encrypted using asymmetrically. For this the user has to enter a second
password on the first login or if he needs to access data in a vault.
The asymmetric keys are stored for a certain time in the browser
storage.

The server can never access the secrets with the information available.
Only people registered in the vault can decrypt or encrypt values in a
vault. The meta data isn't encrypted to be able to search/filter for
entries more easily.

This modules requires a secure context for the browser to work properly
and therefore HTTPS support is required.

The [vault-recovery](https://github.com/fkantelberg/vault-recovery)
project focuses on disaster recovery in case of an incident to recover
secrets from old database backups or old exports.

Code Analysis

Views touched (28)
XML IDNameModelTypeStatus
inbox inbox ir.ui.view qweb New
res_config_settings_view_form res.config.settings.view.form res.config.settings block Inherits base_setup.res_config_settings_view_form
view_res_users_key_form res.users.key form New
view_res_users_key_tree res.users.key list New
view_right_form vault.right form New
view_right_tree vault.right list New
view_users_form_keys_modif res.users form New
view_vault_entry_form vault.entry form New
view_vault_entry_full_tree vault.entry list New
view_vault_entry_overview_form vault.entry field Inherits view_vault_entry_form
view_vault_entry_search vault.entry.search vault.entry search New
view_vault_entry_tree vault.entry list New
view_vault_export_wizard vault.export.wizard form New
view_vault_field_form vault.field form New
view_vault_field_tree vault.field list New
view_vault_file_form vault.file form New
view_vault_file_tree vault.file list New
view_vault_form vault form New
view_vault_import_wizard vault.import.wizard form New
view_vault_inbox_form vault.inbox form New
view_vault_inbox_tree vault.inbox list New
view_vault_log_tree vault.log list New
view_vault_right_overview_search vault.right.overview.search vault.right search New
view_vault_right_overview_tree vault.right list New
view_vault_search vault.search vault search New
view_vault_send_wizard vault.send.wizard form New
view_vault_store_wizard vault.store.wizard form New
view_vault_tree vault list New
Models touched (19)

New fields (3)
  • group_vault_export Boolean
    implied_group='vault.group_vault_export' args: 'Export Vaults'
  • group_vault_import Boolean
    implied_group='vault.group_vault_import' args: 'Import Vaults'
  • module_vault_share Boolean
Public methods (0)

No public methods.

New fields (7)
  • active_key Many2one → res.users.key
    compute='_compute_active_key' store=False args: 'res.users.key'
  • inbox_enabled Boolean
    default=True
  • inbox_ids One2many → vault.inbox
    args: 'vault.inbox', 'user_id'
  • inbox_link Char
    compute='_compute_inbox_link' readonly=True store=False
  • inbox_token Char
    default=<expr> readonly=True
  • keys One2many → res.users.key
    readonly=True args: 'res.users.key', 'user_id'
  • vault_right_ids One2many → vault.right
    readonly=True args: 'vault.right', 'user_id'
Public methods (5)
  • action_get_vault(self)
    @api.model
  • action_invalidate_key(self)
    Disable the current key and remove all accesses to the vaults
  • action_new_inbox_token(self)
  • find_user_of_inbox(self, token)
    @api.model
  • get_vault_keys(self)

New fields (10)
  • current Boolean
    default=True readonly=True
  • fingerprint Char
    compute='_compute_fingerprint' store=True
  • iterations Integer
    readonly=True required=True
  • iv Char
    readonly=True required=True
  • private Char
    readonly=True required=True
  • public Char
    readonly=True required=True
  • salt Char
    readonly=True required=True
  • user_id Many2one → res.users
    required=True args: 'res.users'
  • uuid Char
    default=<expr> readonly=True required=True
  • version Integer
    readonly=True
Public methods (2)
  • extract_public_key(self, user)
  • store(self, iterations, iv, private, public, salt, version)

New fields (17)
  • allowed_create Boolean
    compute='_compute_access' store=False
  • allowed_delete Boolean
    compute='_compute_access' store=False
  • allowed_read Boolean
    compute='_compute_access' store=False
  • allowed_share Boolean
    compute='_compute_access' store=False
  • allowed_write Boolean
    compute='_compute_access' store=False
  • entry_ids One2many → vault.entry
    args: 'vault.entry', 'vault_id', 'Entries'
  • field_ids One2many → vault.field
    args: 'vault.field', 'vault_id', 'Fields'
  • file_ids One2many → vault.file
    args: 'vault.file', 'vault_id', 'Files'
  • log_ids One2many → vault.log
    readonly=True args: 'vault.log', 'vault_id', 'Log'
  • master_key Char
    compute='_compute_master_key' inverse='_inverse_master_key' store=False
  • name Char
    required=True
  • note Text
  • perm_user Many2one → res.users
    compute='_compute_access' store=False args: 'res.users'
  • reencrypt_required Boolean
    default=False
  • right_ids One2many → vault.right
    default=<expr> args: 'vault.right', 'vault_id', 'Rights'
  • user_id Many2one → res.users
    default=<expr> readonly=True required=True args: 'res.users', 'Owner'
  • uuid Char
    default=<expr> readonly=True required=True
Public methods (3)
  • action_open_export_wizard(self)
  • action_open_import_wizard(self)
  • share_public_keys(self)

New fields (0)

No new fields.

Public methods (6)
  • check_access(self, operation)
  • log_entry(self, msg)
  • log_error(self, msg)
  • log_info(self, msg)
  • log_warn(self, msg)
  • raise_access_error(self)
    @api.model

New fields (12)
  • allowed_create Boolean
    related='vault_id.allowed_create' store=False
  • allowed_delete Boolean
    related='vault_id.allowed_delete' store=False
  • allowed_read Boolean
    related='vault_id.allowed_read' store=False
  • allowed_share Boolean
    related='vault_id.allowed_share' store=False
  • allowed_write Boolean
    related='vault_id.allowed_write' store=False
  • entry_id Many2one → vault.entry
    ondelete='cascade' required=True args: 'vault.entry'
  • entry_name Char
    related='entry_id.complete_name'
  • iv Char
  • master_key Char
    compute='_compute_master_key' store=False
  • name Char
    required=True
  • perm_user Many2one
    related='vault_id.perm_user' store=False
  • vault_id Many2one
    related='entry_id.vault_id'
Public methods (4)
  • create(self, vals_list)
    @api.model_create_multi
  • log_change(self, action)
  • unlink(self)
  • write(self, values)

New fields (21)
  • allowed_create Boolean
    related='vault_id.allowed_create' store=False
  • allowed_delete Boolean
    related='vault_id.allowed_delete' store=False
  • allowed_read Boolean
    related='vault_id.allowed_read' store=False
  • allowed_share Boolean
    related='vault_id.allowed_share' store=False
  • allowed_write Boolean
    related='vault_id.allowed_write' store=False
  • child_ids One2many → vault.entry
    args: 'vault.entry', 'parent_id', 'Child'
  • complete_name Char
    compute='_compute_complete_name' readonly=True recursive=True store=True
  • expire_date Datetime
    default=False args: 'Expires on'
  • expired Boolean
    compute='_compute_expired' search='_search_expired' store=False
  • field_ids One2many → vault.field
    args: 'vault.field', 'entry_id', 'Fields'
  • file_ids One2many → vault.file
    args: 'vault.file', 'entry_id', 'Files'
  • log_ids One2many → vault.log
    readonly=True args: 'vault.log', 'entry_id', 'Log'
  • name Char
    required=True
  • note Text
  • parent_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" ondelete='cascade' args: 'vault.entry', 'Parent'
  • perm_user Many2one
    related='vault_id.perm_user' store=False
  • tags Many2many → vault.tag
    args: 'vault.tag'
  • url Char
  • user_id Many2one
    related='vault_id.user_id'
  • uuid Char
    copy=False default=<expr> required=True
  • vault_id Many2one → vault
    ondelete='cascade' required=True args: 'vault', 'Vault'
Public methods (8)
  • action_open_export_wizard(self)
  • action_open_import_wizard(self)
  • copy_data(self, default=None)
  • create(self, vals_list)
    @api.model_create_multi
  • log_change(self, action)
  • search_panel_select_range(self, field_name, **kwargs)
    @api.model
    We add the following contexts related to searchpanel: - entry_short_name: Show just the name instead of full path. - from_search_panel: It will be used to overwrite domain. Remove the limit of records (default is 200).
  • search_read(self, domain=None, fields=None, offset=0, limit=None, order=None)
    Changes related to searchpanel: - Add a domain to only show records with children.
  • unlink(self)

New fields (6)
  • content Binary
    attachment=False args: 'Download'
  • entry_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" args: 'vault.entry', 'Entries'
  • include_childs Boolean
    default=True
  • master_key Char
    related='vault_id.master_key'
  • name Char
    default=<expr>
  • vault_id Many2one → vault
    args: 'vault', 'Vault'
Public methods (0)

No public methods.

New fields (1)
  • value Char
    required=True
Public methods (0)

No public methods.

New fields (1)
  • value Binary
    attachment=False
Public methods (1)
  • search_read(self, *args, **kwargs)
    @api.model

New fields (8)
  • content Binary
    attachment=False args: 'Database'
  • crypted_content Char
  • master_key Char
    related='vault_id.master_key'
  • name Char
  • parent_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" args: 'vault.entry', 'Parent Entry'
  • path Many2one → vault.import.wizard.path
    default='' domain="[('uuid', '=', uuid)]" args: 'vault.import.wizard.path', 'Path to import'
  • uuid Char
    default=<expr>
  • vault_id Many2one → vault
    args: 'vault', 'Vault'
Public methods (1)
  • action_import(self)

New fields (2)
  • name Char
    required=True
  • uuid Char
    required=True
Public methods (0)

No public methods.

New fields (12)
  • accesses Integer
    default=1 help="If this is 0 the inbox can't be written using the link" args: 'Access counter'
  • expiration Datetime
    default=<expr> help="If expired the inbox can't be written using the link"
  • filename Char
  • inbox_link Char
    compute='_compute_inbox_link' help='Using this link you can write to the current inbox. If you want people to create new inboxes you should give them your inbox link from your key management.' readonly=True
  • iv Char
    required=True
  • key Char
    required=True
  • log_ids One2many → vault.inbox.log
    readonly=True args: 'vault.inbox.log', 'inbox_id', 'Log'
  • name Char
    required=True
  • secret Char
    readonly=True
  • secret_file Binary
    attachment=False readonly=True
  • token Char
    copy=False default=<expr> readonly=True
  • user_id Many2one → res.users
    required=True args: 'res.users', 'Vault'
Public methods (3)
  • find_inbox(self, token)
    @api.model
  • read(self, *args, **kwargs)
  • store_in_inbox(self, name, secret, secret_file, iv, key, user, filename, ip=None)

New fields (2)
  • inbox_id Many2one → vault.inbox
    ondelete='cascade' readonly=True required=True args: 'vault.inbox'
  • name Char
    readonly=True
Public methods (0)

No public methods.

New fields (5)
  • entry_id Many2one → vault.entry
    ondelete='cascade' readonly=True args: 'vault.entry', 'Entry'
  • message Char
    readonly=True required=True
  • state Selection
    readonly=True args: <expr>
  • user_id Many2one → res.users
    readonly=True required=True args: 'res.users', 'User'
  • vault_id Many2one → vault
    ondelete='cascade' readonly=True required=True args: 'vault', 'Vault'
Public methods (1)
  • create(self, vals_list)
    @api.model_create_multi

New fields (15)
  • allowed_create Boolean
    related='vault_id.allowed_create' store=False
  • allowed_delete Boolean
    related='vault_id.allowed_delete' store=False
  • allowed_read Boolean
    related='vault_id.allowed_read' store=False
  • allowed_share Boolean
    related='vault_id.allowed_share' store=False
  • allowed_write Boolean
    related='vault_id.allowed_write' store=False
  • key Char
  • master_key Char
    readonly=True related='vault_id.master_key' store=False
  • perm_create Boolean
    default=<expr> help='Allow to create in the vault' args: 'Create'
  • perm_delete Boolean
    default=<expr> help='Allow to delete a vault' args: 'Delete'
  • perm_share Boolean
    default=<expr> help='Allow to share a vault with new users' args: 'Share'
  • perm_user Many2one
    related='vault_id.perm_user' store=False
  • perm_write Boolean
    default=<expr> help='Allow to write to the vault' args: 'Write'
  • public_key Char
    compute='_compute_public_key' readonly=True store=False
  • user_id Many2one → res.users
    domain=[('keys', '!=', False)] required=True args: 'res.users', 'User'
  • vault_id Many2one → vault
    ondelete='cascade' readonly=True required=True args: 'vault', 'Vault'
Public methods (4)
  • create(self, vals_list)
    @api.model_create_multi
  • log_access(self)
  • unlink(self)
  • write(self, values)

New fields (9)
  • filename Char
  • iv Char
    required=True
  • key Char
    required=True
  • key_user Char
    required=True
  • name Char
    required=True
  • public Char
    related='user_id.active_key.public'
  • secret Char
  • secret_file Char
  • user_id Many2one → res.users
    domain=[('keys', '!=', False), ('inbox_enabled', '=', True)] required=True args: 'res.users', 'User'
Public methods (1)
  • action_send(self)

New fields (9)
  • entry_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" required=True args: 'vault.entry', 'Entry'
  • iv Char
    required=True
  • key Char
    required=True
  • master_key Char
    compute='_compute_master_key' store=False
  • model Char
    required=True
  • name Char
    required=True
  • secret Char
    required=True
  • secret_temporary Char
    required=True
  • vault_id Many2one → vault
    required=True args: 'vault', 'Vault'
Public methods (1)
  • action_store(self)

New fields (1)
  • name Char
    required=True
Public methods (0)

No public methods.

REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/16.0/vault
VERSION
VERSION 1.0.3
CATEGORY
CATEGORYVault
LICENSE
LICENSEAGPL-3
APPLICATION
APPLICATIONYes
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), initOS GmbH
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), initOS GmbH
COMMITTERS
COMMITTERSWeblate, OCA-git-bot, oca-ci, fkantelberg, Carlos Roca
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:53:43
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - base_setup
    - base
    - web
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (28)
XML IDNameModelTypeStatus
inbox inbox ir.ui.view qweb New
res_config_settings_view_form res.config.settings.view.form res.config.settings div Inherits base_setup.res_config_settings_view_form
view_res_users_key_form res.users.key form New
view_res_users_key_tree res.users.key tree New
view_right_form vault.right form New
view_right_tree vault.right tree New
view_users_form_keys_modif res.users form New
view_vault_entry_form vault.entry form New
view_vault_entry_full_tree vault.entry tree New
view_vault_entry_overview_form vault.entry field Inherits view_vault_entry_form
view_vault_entry_search vault.entry.search vault.entry search New
view_vault_entry_tree vault.entry tree New
view_vault_export_wizard vault.export.wizard form New
view_vault_field_form vault.field form New
view_vault_field_tree vault.field tree New
view_vault_file_form vault.file form New
view_vault_file_tree vault.file tree New
view_vault_form vault form New
view_vault_import_wizard vault.import.wizard form New
view_vault_inbox_form vault.inbox form New
view_vault_inbox_tree vault.inbox tree New
view_vault_log_tree vault.log tree New
view_vault_right_overview_search vault.right.overview.search vault.right search New
view_vault_right_overview_tree vault.right tree New
view_vault_search vault.search vault search New
view_vault_send_wizard vault.send.wizard form New
view_vault_store_wizard vault.store.wizard form New
view_vault_tree vault tree New
Models touched (19)

New fields (3)
  • group_vault_export Boolean
    implied_group='vault.group_vault_export' args: 'Export Vaults'
  • group_vault_import Boolean
    implied_group='vault.group_vault_import' args: 'Import Vaults'
  • module_vault_share Boolean
Public methods (0)

No public methods.

New fields (7)
  • active_key Many2one → res.users.key
    compute='_compute_active_key' store=False args: 'res.users.key'
  • inbox_enabled Boolean
    default=True
  • inbox_ids One2many → vault.inbox
    args: 'vault.inbox', 'user_id'
  • inbox_link Char
    compute='_compute_inbox_link' readonly=True store=False
  • inbox_token Char
    default=<expr> readonly=True
  • keys One2many → res.users.key
    readonly=True args: 'res.users.key', 'user_id'
  • vault_right_ids One2many → vault.right
    readonly=True args: 'vault.right', 'user_id'
Public methods (5)
  • action_get_vault(self)
    @api.model
  • action_invalidate_key(self)
    Disable the current key and remove all accesses to the vaults
  • action_new_inbox_token(self)
  • find_user_of_inbox(self, token)
    @api.model
  • get_vault_keys(self)

New fields (10)
  • current Boolean
    default=True readonly=True
  • fingerprint Char
    compute='_compute_fingerprint' store=True
  • iterations Integer
    readonly=True required=True
  • iv Char
    readonly=True required=True
  • private Char
    readonly=True required=True
  • public Char
    readonly=True required=True
  • salt Char
    readonly=True required=True
  • user_id Many2one → res.users
    required=True args: 'res.users'
  • uuid Char
    default=<expr> readonly=True required=True
  • version Integer
    readonly=True
Public methods (2)
  • extract_public_key(self, user)
  • store(self, iterations, iv, private, public, salt, version)

New fields (17)
  • allowed_create Boolean
    compute='_compute_access' store=False
  • allowed_delete Boolean
    compute='_compute_access' store=False
  • allowed_read Boolean
    compute='_compute_access' store=False
  • allowed_share Boolean
    compute='_compute_access' store=False
  • allowed_write Boolean
    compute='_compute_access' store=False
  • entry_ids One2many → vault.entry
    args: 'vault.entry', 'vault_id', 'Entries'
  • field_ids One2many → vault.field
    args: 'vault.field', 'vault_id', 'Fields'
  • file_ids One2many → vault.file
    args: 'vault.file', 'vault_id', 'Files'
  • log_ids One2many → vault.log
    readonly=True args: 'vault.log', 'vault_id', 'Log'
  • master_key Char
    compute='_compute_master_key' inverse='_inverse_master_key' store=False
  • name Char
    required=True
  • note Text
  • perm_user Many2one → res.users
    compute='_compute_access' store=False args: 'res.users'
  • reencrypt_required Boolean
    default=False
  • right_ids One2many → vault.right
    default=<expr> args: 'vault.right', 'vault_id', 'Rights'
  • user_id Many2one → res.users
    default=<expr> readonly=True required=True args: 'res.users', 'Owner'
  • uuid Char
    default=<expr> readonly=True required=True
Public methods (3)
  • action_open_export_wizard(self)
  • action_open_import_wizard(self)
  • share_public_keys(self)

New fields (0)

No new fields.

Public methods (6)
  • check_access_rule(self, operation)
  • log_entry(self, msg)
  • log_error(self, msg)
  • log_info(self, msg)
  • log_warn(self, msg)
  • raise_access_error(self)
    @api.model

New fields (12)
  • allowed_create Boolean
    related='vault_id.allowed_create' store=False
  • allowed_delete Boolean
    related='vault_id.allowed_delete' store=False
  • allowed_read Boolean
    related='vault_id.allowed_read' store=False
  • allowed_share Boolean
    related='vault_id.allowed_share' store=False
  • allowed_write Boolean
    related='vault_id.allowed_write' store=False
  • entry_id Many2one → vault.entry
    ondelete='cascade' required=True args: 'vault.entry'
  • entry_name Char
    related='entry_id.complete_name'
  • iv Char
  • master_key Char
    compute='_compute_master_key' store=False
  • name Char
    required=True
  • perm_user Many2one
    related='vault_id.perm_user' store=False
  • vault_id Many2one
    related='entry_id.vault_id'
Public methods (4)
  • create(self, vals_list)
    @api.model_create_multi
  • log_change(self, action)
  • unlink(self)
  • write(self, values)

New fields (21)
  • allowed_create Boolean
    related='vault_id.allowed_create' store=False
  • allowed_delete Boolean
    related='vault_id.allowed_delete' store=False
  • allowed_read Boolean
    related='vault_id.allowed_read' store=False
  • allowed_share Boolean
    related='vault_id.allowed_share' store=False
  • allowed_write Boolean
    related='vault_id.allowed_write' store=False
  • child_ids One2many → vault.entry
    args: 'vault.entry', 'parent_id', 'Child'
  • complete_name Char
    compute='_compute_complete_name' readonly=True recursive=True store=True
  • expire_date Datetime
    default=False args: 'Expires on'
  • expired Boolean
    compute='_compute_expired' search='_search_expired' store=False
  • field_ids One2many → vault.field
    args: 'vault.field', 'entry_id', 'Fields'
  • file_ids One2many → vault.file
    args: 'vault.file', 'entry_id', 'Files'
  • log_ids One2many → vault.log
    readonly=True args: 'vault.log', 'entry_id', 'Log'
  • name Char
    required=True
  • note Text
  • parent_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" ondelete='cascade' args: 'vault.entry', 'Parent'
  • perm_user Many2one
    related='vault_id.perm_user' store=False
  • tags Many2many → vault.tag
    args: 'vault.tag'
  • url Char
  • user_id Many2one
    related='vault_id.user_id'
  • uuid Char
    copy=False default=<expr> required=True
  • vault_id Many2one → vault
    ondelete='cascade' required=True args: 'vault', 'Vault'
Public methods (8)
  • action_open_export_wizard(self)
  • action_open_import_wizard(self)
  • copy_data(self, default=None)
  • create(self, vals_list)
    @api.model_create_multi
  • log_change(self, action)
  • search_panel_select_range(self, field_name, **kwargs)
    @api.model
    We add the following contexts related to searchpanel: - entry_short_name: Show just the name instead of full path. - from_search_panel: It will be used to overwrite domain. Remove the limit of records (default is 200).
  • search_read(self, domain=None, fields=None, offset=0, limit=None, order=None)
    Changes related to searchpanel: - Add a domain to only show records with children.
  • unlink(self)

New fields (6)
  • content Binary
    attachment=False args: 'Download'
  • entry_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" args: 'vault.entry', 'Entries'
  • include_childs Boolean
    default=True
  • master_key Char
    related='vault_id.master_key'
  • name Char
    default=<expr>
  • vault_id Many2one → vault
    args: 'vault', 'Vault'
Public methods (0)

No public methods.

New fields (1)
  • value Char
    required=True
Public methods (0)

No public methods.

New fields (1)
  • value Binary
    attachment=False
Public methods (1)
  • search_read(self, *args, **kwargs)
    @api.model

New fields (8)
  • content Binary
    attachment=False args: 'Database'
  • crypted_content Char
  • master_key Char
    related='vault_id.master_key'
  • name Char
  • parent_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" args: 'vault.entry', 'Parent Entry'
  • path Many2one → vault.import.wizard.path
    default='' domain="[('uuid', '=', uuid)]" args: 'vault.import.wizard.path', 'Path to import'
  • uuid Char
    default=<expr>
  • vault_id Many2one → vault
    args: 'vault', 'Vault'
Public methods (1)
  • action_import(self)

New fields (2)
  • name Char
    required=True
  • uuid Char
    required=True
Public methods (0)

No public methods.

New fields (12)
  • accesses Integer
    default=1 help="If this is 0 the inbox can't be written using the link" args: 'Access counter'
  • expiration Datetime
    default=<expr> help="If expired the inbox can't be written using the link"
  • filename Char
  • inbox_link Char
    compute='_compute_inbox_link' help='Using this link you can write to the current inbox. If you want people to create new inboxes you should give them your inbox link from your key management.' readonly=True
  • iv Char
    required=True
  • key Char
    required=True
  • log_ids One2many → vault.inbox.log
    readonly=True args: 'vault.inbox.log', 'inbox_id', 'Log'
  • name Char
    required=True
  • secret Char
    readonly=True
  • secret_file Binary
    attachment=False readonly=True
  • token Char
    copy=False default=<expr> readonly=True
  • user_id Many2one → res.users
    required=True args: 'res.users', 'Vault'
Public methods (3)
  • find_inbox(self, token)
    @api.model
  • read(self, *args, **kwargs)
  • store_in_inbox(self, name, secret, secret_file, iv, key, user, filename, ip=None)

New fields (2)
  • inbox_id Many2one → vault.inbox
    ondelete='cascade' readonly=True required=True args: 'vault.inbox'
  • name Char
    readonly=True
Public methods (0)

No public methods.

New fields (5)
  • entry_id Many2one → vault.entry
    ondelete='cascade' readonly=True args: 'vault.entry', 'Entry'
  • message Char
    readonly=True required=True
  • state Selection
    readonly=True args: <expr>
  • user_id Many2one → res.users
    readonly=True required=True args: 'res.users', 'User'
  • vault_id Many2one → vault
    ondelete='cascade' readonly=True required=True args: 'vault', 'Vault'
Public methods (1)
  • create(self, vals_list)
    @api.model_create_multi

New fields (15)
  • allowed_create Boolean
    related='vault_id.allowed_create' store=False
  • allowed_delete Boolean
    related='vault_id.allowed_delete' store=False
  • allowed_read Boolean
    related='vault_id.allowed_read' store=False
  • allowed_share Boolean
    related='vault_id.allowed_share' store=False
  • allowed_write Boolean
    related='vault_id.allowed_write' store=False
  • key Char
  • master_key Char
    readonly=True related='vault_id.master_key' store=False
  • perm_create Boolean
    default=<expr> help='Allow to create in the vault' args: 'Create'
  • perm_delete Boolean
    default=<expr> help='Allow to delete a vault' args: 'Delete'
  • perm_share Boolean
    default=<expr> help='Allow to share a vault with new users' args: 'Share'
  • perm_user Many2one
    related='vault_id.perm_user' store=False
  • perm_write Boolean
    default=<expr> help='Allow to write to the vault' args: 'Write'
  • public_key Char
    compute='_compute_public_key' readonly=True store=False
  • user_id Many2one → res.users
    domain=[('keys', '!=', False)] required=True args: 'res.users', 'User'
  • vault_id Many2one → vault
    ondelete='cascade' readonly=True required=True args: 'vault', 'Vault'
Public methods (4)
  • create(self, vals_list)
    @api.model_create_multi
  • log_access(self)
  • unlink(self)
  • write(self, values)

New fields (9)
  • filename Char
  • iv Char
    required=True
  • key Char
    required=True
  • key_user Char
    required=True
  • name Char
    required=True
  • public Char
    related='user_id.active_key.public'
  • secret Char
  • secret_file Char
  • user_id Many2one → res.users
    domain=[('keys', '!=', False), ('inbox_enabled', '=', True)] required=True args: 'res.users', 'User'
Public methods (1)
  • action_send(self)

New fields (9)
  • entry_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" required=True args: 'vault.entry', 'Entry'
  • iv Char
    required=True
  • key Char
    required=True
  • master_key Char
    compute='_compute_master_key' store=False
  • model Char
    required=True
  • name Char
    required=True
  • secret Char
    required=True
  • secret_temporary Char
    required=True
  • vault_id Many2one → vault
    required=True args: 'vault', 'Vault'
Public methods (1)
  • action_store(self)

New fields (1)
  • name Char
    required=True
Public methods (0)

No public methods.

REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/15.0/vault
VERSION
VERSION 2.1.0
CATEGORY
CATEGORYVault
LICENSE
LICENSEAGPL-3
APPLICATION
APPLICATIONYes
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), initOS GmbH
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), initOS GmbH
COMMITTERS
COMMITTERSWeblate, OCA-git-bot, oca-ci, fkantelberg, Carlos Roca
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:46:32
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - base_setup
    - base
    - web
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (28)
XML IDNameModelTypeStatus
inbox inbox ir.ui.view qweb New
res_config_settings_view_form res.config.settings.view.form res.config.settings div Inherits base_setup.res_config_settings_view_form
view_res_users_key_form res.users.key form New
view_res_users_key_tree res.users.key tree New
view_right_form vault.right form New
view_right_tree vault.right tree New
view_users_form_keys_modif res.users form New
view_vault_entry_form vault.entry form New
view_vault_entry_full_tree vault.entry tree New
view_vault_entry_overview_form vault.entry field Inherits view_vault_entry_form
view_vault_entry_search vault.entry.search vault.entry search New
view_vault_entry_tree vault.entry tree New
view_vault_export_wizard vault.export.wizard form New
view_vault_field_form vault.field form New
view_vault_field_tree vault.field tree New
view_vault_file_form vault.file form New
view_vault_file_tree vault.file tree New
view_vault_form vault form New
view_vault_import_wizard vault.import.wizard form New
view_vault_inbox_form vault.inbox form New
view_vault_inbox_tree vault.inbox tree New
view_vault_log_tree vault.log tree New
view_vault_right_overview_search vault.right.overview.search vault.right search New
view_vault_right_overview_tree vault.right tree New
view_vault_search vault.search vault search New
view_vault_send_wizard vault.send.wizard form New
view_vault_store_wizard vault.store.wizard form New
view_vault_tree vault tree New
Models touched (19)

New fields (3)
  • group_vault_export Boolean
    implied_group='vault.group_vault_export' args: 'Export Vaults'
  • group_vault_import Boolean
    implied_group='vault.group_vault_import' args: 'Import Vaults'
  • module_vault_share Boolean
Public methods (0)

No public methods.

New fields (7)
  • active_key Many2one → res.users.key
    compute='_compute_active_key' store=False args: 'res.users.key'
  • inbox_enabled Boolean
    default=True
  • inbox_ids One2many → vault.inbox
    args: 'vault.inbox', 'user_id'
  • inbox_link Char
    compute='_compute_inbox_link' readonly=True store=False
  • inbox_token Char
    default=<expr> readonly=True
  • keys One2many → res.users.key
    readonly=True args: 'res.users.key', 'user_id'
  • vault_right_ids One2many → vault.right
    readonly=True args: 'vault.right', 'user_id'
Public methods (5)
  • action_get_vault(self)
    @api.model
  • action_invalidate_key(self)
    Disable the current key and remove all accesses to the vaults
  • action_new_inbox_token(self)
  • find_user_of_inbox(self, token)
    @api.model
  • get_vault_keys(self)

New fields (10)
  • current Boolean
    default=True readonly=True
  • fingerprint Char
    compute='_compute_fingerprint' store=True
  • iterations Integer
    readonly=True required=True
  • iv Char
    readonly=True required=True
  • private Char
    readonly=True required=True
  • public Char
    readonly=True required=True
  • salt Char
    readonly=True required=True
  • user_id Many2one → res.users
    required=True args: 'res.users'
  • uuid Char
    default=<expr> readonly=True required=True
  • version Integer
    readonly=True
Public methods (2)
  • extract_public_key(self, user)
  • store(self, iterations, iv, private, public, salt, version)

New fields (17)
  • allowed_create Boolean
    compute='_compute_access' store=False
  • allowed_delete Boolean
    compute='_compute_access' store=False
  • allowed_read Boolean
    compute='_compute_access' store=False
  • allowed_share Boolean
    compute='_compute_access' store=False
  • allowed_write Boolean
    compute='_compute_access' store=False
  • entry_ids One2many → vault.entry
    args: 'vault.entry', 'vault_id', 'Entries'
  • field_ids One2many → vault.field
    args: 'vault.field', 'vault_id', 'Fields'
  • file_ids One2many → vault.file
    args: 'vault.file', 'vault_id', 'Files'
  • log_ids One2many → vault.log
    readonly=True args: 'vault.log', 'vault_id', 'Log'
  • master_key Char
    compute='_compute_master_key' inverse='_inverse_master_key' store=False
  • name Char
    required=True
  • note Text
  • perm_user Many2one → res.users
    compute='_compute_access' store=False args: 'res.users'
  • reencrypt_required Boolean
    default=False
  • right_ids One2many → vault.right
    default=<expr> args: 'vault.right', 'vault_id', 'Rights'
  • user_id Many2one → res.users
    default=<expr> readonly=True required=True args: 'res.users', 'Owner'
  • uuid Char
    default=<expr> readonly=True required=True
Public methods (3)
  • action_open_export_wizard(self)
  • action_open_import_wizard(self)
  • share_public_keys(self)

New fields (0)

No new fields.

Public methods (6)
  • check_access_rule(self, operation)
  • log_entry(self, msg)
  • log_error(self, msg)
  • log_info(self, msg)
  • log_warn(self, msg)
  • raise_access_error(self)
    @api.model

New fields (12)
  • allowed_create Boolean
    related='vault_id.allowed_create' store=False
  • allowed_delete Boolean
    related='vault_id.allowed_delete' store=False
  • allowed_read Boolean
    related='vault_id.allowed_read' store=False
  • allowed_share Boolean
    related='vault_id.allowed_share' store=False
  • allowed_write Boolean
    related='vault_id.allowed_write' store=False
  • entry_id Many2one → vault.entry
    ondelete='cascade' required=True args: 'vault.entry'
  • entry_name Char
    related='entry_id.complete_name'
  • iv Char
  • master_key Char
    compute='_compute_master_key' store=False
  • name Char
    required=True
  • perm_user Many2one
    related='vault_id.perm_user' store=False
  • vault_id Many2one
    related='entry_id.vault_id'
Public methods (4)
  • create(self, values)
    @api.model_create_single
  • log_change(self, action)
  • unlink(self)
  • write(self, values)

New fields (21)
  • allowed_create Boolean
    related='vault_id.allowed_create' store=False
  • allowed_delete Boolean
    related='vault_id.allowed_delete' store=False
  • allowed_read Boolean
    related='vault_id.allowed_read' store=False
  • allowed_share Boolean
    related='vault_id.allowed_share' store=False
  • allowed_write Boolean
    related='vault_id.allowed_write' store=False
  • child_ids One2many → vault.entry
    args: 'vault.entry', 'parent_id', 'Child'
  • complete_name Char
    compute='_compute_complete_name' readonly=True recursive=True store=True
  • expire_date Datetime
    default=False args: 'Expires on'
  • expired Boolean
    compute='_compute_expired' search='_search_expired' store=False
  • field_ids One2many → vault.field
    args: 'vault.field', 'entry_id', 'Fields'
  • file_ids One2many → vault.file
    args: 'vault.file', 'entry_id', 'Files'
  • log_ids One2many → vault.log
    readonly=True args: 'vault.log', 'entry_id', 'Log'
  • name Char
    required=True
  • note Text
  • parent_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" ondelete='cascade' args: 'vault.entry', 'Parent'
  • perm_user Many2one
    related='vault_id.perm_user' store=False
  • tags Many2many → vault.tag
    args: 'vault.tag'
  • url Char
  • user_id Many2one
    related='vault_id.user_id'
  • uuid Char
    copy=False default=<expr> required=True
  • vault_id Many2one → vault
    ondelete='cascade' required=True args: 'vault', 'Vault'
Public methods (8)
  • action_open_export_wizard(self)
  • action_open_import_wizard(self)
  • copy_data(self, default=None)
  • create(self, values)
    @api.model_create_single
  • log_change(self, action)
  • search_panel_select_range(self, field_name, **kwargs)
    @api.model
    We add the following contexts related to searchpanel: - entry_short_name: Show just the name instead of full path. - from_search_panel: It will be used to overwrite domain. Remove the limit of records (default is 200).
  • search_read(self, domain=None, fields=None, offset=0, limit=None, order=None)
    Changes related to searchpanel: - Add a domain to only show records with children.
  • unlink(self)

New fields (6)
  • content Binary
    attachment=False args: 'Download'
  • entry_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" args: 'vault.entry', 'Entries'
  • include_childs Boolean
    default=True
  • master_key Char
    related='vault_id.master_key'
  • name Char
    default=<expr>
  • vault_id Many2one → vault
    args: 'vault', 'Vault'
Public methods (0)

No public methods.

New fields (1)
  • value Char
    required=True
Public methods (0)

No public methods.

New fields (1)
  • value Binary
    attachment=False
Public methods (1)
  • search_read(self, *args, **kwargs)
    @api.model

New fields (8)
  • content Binary
    attachment=False args: 'Database'
  • crypted_content Char
  • master_key Char
    related='vault_id.master_key'
  • name Char
  • parent_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" args: 'vault.entry', 'Parent Entry'
  • path Many2one → vault.import.wizard.path
    default='' domain="[('uuid', '=', uuid)]" args: 'vault.import.wizard.path', 'Path to import'
  • uuid Char
    default=<expr>
  • vault_id Many2one → vault
    args: 'vault', 'Vault'
Public methods (1)
  • action_import(self)

New fields (2)
  • name Char
    required=True
  • uuid Char
    required=True
Public methods (0)

No public methods.

New fields (12)
  • accesses Integer
    default=1 help="If this is 0 the inbox can't be written using the link" args: 'Access counter'
  • expiration Datetime
    default=<expr> help="If expired the inbox can't be written using the link"
  • filename Char
  • inbox_link Char
    compute='_compute_inbox_link' help='Using this link you can write to the current inbox. If you want people to create new inboxes you should give them your inbox link from your key management.' readonly=True
  • iv Char
    required=True
  • key Char
    required=True
  • log_ids One2many → vault.inbox.log
    readonly=True args: 'vault.inbox.log', 'inbox_id', 'Log'
  • name Char
    required=True
  • secret Char
    readonly=True
  • secret_file Binary
    attachment=False readonly=True
  • token Char
    copy=False default=<expr> readonly=True
  • user_id Many2one → res.users
    required=True args: 'res.users', 'Vault'
Public methods (3)
  • find_inbox(self, token)
    @api.model
  • read(self, *args, **kwargs)
  • store_in_inbox(self, name, secret, secret_file, iv, key, user, filename, ip=None)

New fields (2)
  • inbox_id Many2one → vault.inbox
    ondelete='cascade' readonly=True required=True args: 'vault.inbox'
  • name Char
    readonly=True
Public methods (0)

No public methods.

New fields (5)
  • entry_id Many2one → vault.entry
    ondelete='cascade' readonly=True args: 'vault.entry', 'Entry'
  • message Char
    readonly=True required=True
  • state Selection
    readonly=True args: <expr>
  • user_id Many2one → res.users
    readonly=True required=True args: 'res.users', 'User'
  • vault_id Many2one → vault
    ondelete='cascade' readonly=True required=True args: 'vault', 'Vault'
Public methods (1)
  • create(self, values)
    @api.model

New fields (15)
  • allowed_create Boolean
    related='vault_id.allowed_create' store=False
  • allowed_delete Boolean
    related='vault_id.allowed_delete' store=False
  • allowed_read Boolean
    related='vault_id.allowed_read' store=False
  • allowed_share Boolean
    related='vault_id.allowed_share' store=False
  • allowed_write Boolean
    related='vault_id.allowed_write' store=False
  • key Char
  • master_key Char
    readonly=True related='vault_id.master_key' store=False
  • perm_create Boolean
    default=<expr> help='Allow to create in the vault' args: 'Create'
  • perm_delete Boolean
    default=<expr> help='Allow to delete a vault' args: 'Delete'
  • perm_share Boolean
    default=<expr> help='Allow to share a vault with new users' args: 'Share'
  • perm_user Many2one
    related='vault_id.perm_user' store=False
  • perm_write Boolean
    default=<expr> help='Allow to write to the vault' args: 'Write'
  • public_key Char
    compute='_compute_public_key' readonly=True store=False
  • user_id Many2one → res.users
    domain=[('keys', '!=', False)] required=True args: 'res.users', 'User'
  • vault_id Many2one → vault
    ondelete='cascade' readonly=True required=True args: 'vault', 'Vault'
Public methods (4)
  • create(self, values)
    @api.model
  • log_access(self)
  • unlink(self)
  • write(self, values)

New fields (9)
  • filename Char
  • iv Char
    required=True
  • key Char
    required=True
  • key_user Char
    required=True
  • name Char
    required=True
  • public Char
    related='user_id.active_key.public'
  • secret Char
    required=True
  • secret_file Char
  • user_id Many2one → res.users
    domain=[('keys', '!=', False), ('inbox_enabled', '=', True)] required=True args: 'res.users', 'User'
Public methods (1)
  • action_send(self)

New fields (9)
  • entry_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" required=True args: 'vault.entry', 'Entry'
  • iv Char
    required=True
  • key Char
    required=True
  • master_key Char
    compute='_compute_master_key' store=False
  • model Char
    required=True
  • name Char
    required=True
  • secret Char
    required=True
  • secret_temporary Char
    required=True
  • vault_id Many2one → vault
    required=True args: 'vault', 'Vault'
Public methods (1)
  • action_store(self)

New fields (1)
  • name Char
    required=True
Public methods (0)

No public methods.

REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/14.0/vault
VERSION
VERSION 1.9.0
CATEGORY
CATEGORYVault
LICENSE
LICENSEAGPL-3
APPLICATION
APPLICATIONYes
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), initOS GmbH
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), initOS GmbH
COMMITTERS
COMMITTERSVíctor Martínez, oca-travis, Weblate, OCA-git-bot, oca-ci, fkantelberg, CarlosRoca13, aromera, oca-git-bot
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:40:55
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - base_setup
    - base
    - web
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (31)
XML IDNameModelTypeStatus
assets_backend assets_backend ir.ui.view qweb Inherits web.assets_backend
inbox inbox ir.ui.view qweb New
inbox_frontend inbox_frontend ir.ui.view qweb New
res_config_settings_view_form res.config.settings.view.form res.config.settings div Inherits base_setup.res_config_settings_view_form
tests_assets tests_assets ir.ui.view qweb Inherits web.tests_assets
view_res_users_key_form res.users.key form New
view_res_users_key_tree res.users.key tree New
view_right_form vault.right form New
view_right_tree vault.right tree New
view_users_form_keys_modif res.users form New
view_vault_entry_form vault.entry form New
view_vault_entry_full_tree vault.entry tree New
view_vault_entry_overview_form vault.entry field Inherits view_vault_entry_form
view_vault_entry_search vault.entry.search vault.entry search New
view_vault_entry_tree vault.entry tree New
view_vault_export_wizard vault.export.wizard form New
view_vault_field_form vault.field form New
view_vault_field_tree vault.field tree New
view_vault_file_form vault.file form New
view_vault_file_tree vault.file tree New
view_vault_form vault form New
view_vault_import_wizard vault.import.wizard form New
view_vault_inbox_form vault.inbox form New
view_vault_inbox_tree vault.inbox tree New
view_vault_log_tree vault.log tree New
view_vault_right_overview_search vault.right.overview.search vault.right search New
view_vault_right_overview_tree vault.right tree New
view_vault_search vault.search vault search New
view_vault_send_wizard vault.send.wizard form New
view_vault_store_wizard vault.store.wizard form New
view_vault_tree vault tree New
Models touched (19)

New fields (1)
  • module_vault_share Boolean
Public methods (0)

No public methods.

New fields (7)
  • active_key Many2one → res.users.key
    compute='_compute_active_key' store=False args: 'res.users.key'
  • inbox_enabled Boolean
    default=True
  • inbox_ids One2many → vault.inbox
    args: 'vault.inbox', 'user_id'
  • inbox_link Char
    compute='_compute_inbox_link' readonly=True store=False
  • inbox_token Char
    default=<expr> readonly=True
  • keys One2many → res.users.key
    readonly=True args: 'res.users.key', 'user_id'
  • vault_right_ids One2many → vault.right
    readonly=True args: 'vault.right', 'user_id'
Public methods (5)
  • action_get_vault(self)
    @api.model
  • action_invalidate_key(self)
    Disable the current key and remove all accesses to the vaults
  • action_new_inbox_token(self)
  • find_user_of_inbox(self, token)
    @api.model
  • get_vault_keys(self)

New fields (10)
  • current Boolean
    default=True readonly=True
  • fingerprint Char
    compute='_compute_fingerprint' store=True
  • iterations Integer
    readonly=True required=True
  • iv Char
    readonly=True required=True
  • private Char
    readonly=True required=True
  • public Char
    readonly=True required=True
  • salt Char
    readonly=True required=True
  • user_id Many2one → res.users
    required=True args: 'res.users'
  • uuid Char
    default=<expr> readonly=True required=True
  • version Integer
    readonly=True
Public methods (2)
  • extract_public_key(self, user)
  • store(self, iterations, iv, private, public, salt, version)

New fields (17)
  • allowed_create Boolean
    compute='_compute_access' store=False
  • allowed_delete Boolean
    compute='_compute_access' store=False
  • allowed_read Boolean
    compute='_compute_access' store=False
  • allowed_share Boolean
    compute='_compute_access' store=False
  • allowed_write Boolean
    compute='_compute_access' store=False
  • entry_ids One2many → vault.entry
    args: 'vault.entry', 'vault_id', 'Entries'
  • field_ids One2many → vault.field
    args: 'vault.field', 'vault_id', 'Fields'
  • file_ids One2many → vault.file
    args: 'vault.file', 'vault_id', 'Files'
  • log_ids One2many → vault.log
    readonly=True args: 'vault.log', 'vault_id', 'Log'
  • master_key Char
    compute='_compute_master_key' inverse='_inverse_master_key' store=False
  • name Char
    required=True
  • note Text
  • perm_user Many2one → res.users
    compute='_compute_access' store=False args: 'res.users'
  • reencrypt_required Boolean
    default=False
  • right_ids One2many → vault.right
    default=<expr> args: 'vault.right', 'vault_id', 'Rights'
  • user_id Many2one → res.users
    default=<expr> readonly=True required=True args: 'res.users', 'Owner'
  • uuid Char
    default=<expr> readonly=True required=True
Public methods (3)
  • action_open_export_wizard(self)
  • action_open_import_wizard(self)
  • share_public_keys(self)

New fields (0)

No new fields.

Public methods (6)
  • check_access_rule(self, operation)
  • log_entry(self, msg)
  • log_error(self, msg)
  • log_info(self, msg)
  • log_warn(self, msg)
  • raise_access_error(self)
    @api.model

New fields (12)
  • allowed_create Boolean
    related='vault_id.allowed_create' store=False
  • allowed_delete Boolean
    related='vault_id.allowed_delete' store=False
  • allowed_read Boolean
    related='vault_id.allowed_read' store=False
  • allowed_share Boolean
    related='vault_id.allowed_share' store=False
  • allowed_write Boolean
    related='vault_id.allowed_write' store=False
  • entry_id Many2one → vault.entry
    ondelete='cascade' required=True args: 'vault.entry'
  • entry_name Char
    related='entry_id.complete_name'
  • iv Char
  • master_key Char
    compute='_compute_master_key' store=False
  • name Char
    required=True
  • perm_user Many2one
    related='vault_id.perm_user' store=False
  • vault_id Many2one
    related='entry_id.vault_id'
Public methods (4)
  • create(self, values)
    @api.model_create_single
  • log_change(self, action)
  • unlink(self)
  • write(self, values)

New fields (21)
  • allowed_create Boolean
    related='vault_id.allowed_create' store=False
  • allowed_delete Boolean
    related='vault_id.allowed_delete' store=False
  • allowed_read Boolean
    related='vault_id.allowed_read' store=False
  • allowed_share Boolean
    related='vault_id.allowed_share' store=False
  • allowed_write Boolean
    related='vault_id.allowed_write' store=False
  • child_ids One2many → vault.entry
    args: 'vault.entry', 'parent_id', 'Child'
  • complete_name Char
    compute='_compute_complete_name' readonly=True store=True
  • expire_date Datetime
    default=False args: 'Expires on'
  • expired Boolean
    compute='_compute_expired' search='_search_expired' store=False
  • field_ids One2many → vault.field
    args: 'vault.field', 'entry_id', 'Fields'
  • file_ids One2many → vault.file
    args: 'vault.file', 'entry_id', 'Files'
  • log_ids One2many → vault.log
    readonly=True args: 'vault.log', 'entry_id', 'Log'
  • name Char
    required=True
  • note Text
  • parent_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" ondelete='cascade' args: 'vault.entry', 'Parent'
  • perm_user Many2one
    related='vault_id.perm_user' store=False
  • tags Many2many → vault.tag
    args: 'vault.tag'
  • url Char
  • user_id Many2one
    related='vault_id.user_id'
  • uuid Char
    copy=False default=<expr> required=True
  • vault_id Many2one → vault
    ondelete='cascade' required=True args: 'vault', 'Vault'
Public methods (8)
  • action_open_export_wizard(self)
  • action_open_import_wizard(self)
  • copy_data(self, default=None)
  • create(self, values)
    @api.model_create_single
  • log_change(self, action)
  • search_panel_select_range(self, field_name, **kwargs)
    @api.model
    We add the following contexts related to searchpanel: - entry_short_name: Show just the name instead of full path. - from_search_panel: It will be used to overwrite domain. Remove the limit of records (default is 200).
  • search_read(self, domain=None, fields=None, offset=0, limit=None, order=None)
    Changes related to searchpanel: - Add a domain to only show records with children.
  • unlink(self)

New fields (6)
  • content Binary
    attachment=False args: 'Download'
  • entry_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" args: 'vault.entry', 'Entries'
  • include_childs Boolean
    default=True
  • master_key Char
    related='vault_id.master_key'
  • name Char
    default=<expr>
  • vault_id Many2one → vault
    args: 'vault', 'Vault'
Public methods (0)

No public methods.

New fields (1)
  • value Char
    required=True
Public methods (0)

No public methods.

New fields (1)
  • value Binary
    attachment=False
Public methods (1)
  • search_read(self, *args, **kwargs)
    @api.model

New fields (8)
  • content Binary
    attachment=False args: 'Database'
  • crypted_content Char
  • master_key Char
    related='vault_id.master_key'
  • name Char
  • parent_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" args: 'vault.entry', 'Parent Entry'
  • path Many2one → vault.import.wizard.path
    default='' domain="[('uuid', '=', uuid)]" args: 'vault.import.wizard.path', 'Path to import'
  • uuid Char
    default=<expr>
  • vault_id Many2one → vault
    args: 'vault', 'Vault'
Public methods (1)
  • action_import(self)

New fields (2)
  • name Char
    required=True
  • uuid Char
    required=True
Public methods (0)

No public methods.

New fields (12)
  • accesses Integer
    default=1 help="If this is 0 the inbox can't be written using the link" args: 'Access counter'
  • expiration Datetime
    default=<expr> help="If expired the inbox can't be written using the link"
  • filename Char
  • inbox_link Char
    compute='_compute_inbox_link' help='Using this link you can write to the current inbox. If you want people to create new inboxes you should give them your inbox link from your key management.' readonly=True
  • iv Char
    required=True
  • key Char
    required=True
  • log_ids One2many → vault.inbox.log
    readonly=True args: 'vault.inbox.log', 'inbox_id', 'Log'
  • name Char
    required=True
  • secret Char
    readonly=True
  • secret_file Binary
    attachment=False readonly=True
  • token Char
    copy=False default=<expr> readonly=True
  • user_id Many2one → res.users
    required=True args: 'res.users', 'Vault'
Public methods (3)
  • find_inbox(self, token)
    @api.model
  • read(self, *args, **kwargs)
  • store_in_inbox(self, name, secret, secret_file, iv, key, user, filename, ip=None)

New fields (2)
  • inbox_id Many2one → vault.inbox
    ondelete='cascade' readonly=True required=True args: 'vault.inbox'
  • name Char
    readonly=True
Public methods (0)

No public methods.

New fields (5)
  • entry_id Many2one → vault.entry
    ondelete='cascade' readonly=True args: 'vault.entry', 'Entry'
  • message Char
    readonly=True required=True
  • state Selection
    readonly=True args: <expr>
  • user_id Many2one → res.users
    readonly=True required=True args: 'res.users', 'User'
  • vault_id Many2one → vault
    ondelete='cascade' readonly=True required=True args: 'vault', 'Vault'
Public methods (1)
  • create(self, values)
    @api.model

New fields (15)
  • allowed_create Boolean
    related='vault_id.allowed_create' store=False
  • allowed_delete Boolean
    related='vault_id.allowed_delete' store=False
  • allowed_read Boolean
    related='vault_id.allowed_read' store=False
  • allowed_share Boolean
    related='vault_id.allowed_share' store=False
  • allowed_write Boolean
    related='vault_id.allowed_write' store=False
  • key Char
  • master_key Char
    readonly=True related='vault_id.master_key' store=False
  • perm_create Boolean
    default=<expr> help='Allow to create in the vault' args: 'Create'
  • perm_delete Boolean
    default=<expr> help='Allow to delete a vault' args: 'Delete'
  • perm_share Boolean
    default=<expr> help='Allow to share a vault with new users' args: 'Share'
  • perm_user Many2one
    related='vault_id.perm_user' store=False
  • perm_write Boolean
    default=<expr> help='Allow to write to the vault' args: 'Write'
  • public_key Char
    compute='_compute_public_key' readonly=True store=False
  • user_id Many2one → res.users
    domain=[('keys', '!=', False)] required=True args: 'res.users', 'User'
  • vault_id Many2one → vault
    ondelete='cascade' readonly=True required=True args: 'vault', 'Vault'
Public methods (4)
  • create(self, values)
    @api.model
  • log_access(self)
  • unlink(self)
  • write(self, values)

New fields (9)
  • filename Char
  • iv Char
    required=True
  • key Char
    required=True
  • key_user Char
    required=True
  • name Char
    required=True
  • public Char
    related='user_id.active_key.public'
  • secret Char
    required=True
  • secret_file Char
  • user_id Many2one → res.users
    domain=[('keys', '!=', False), ('inbox_enabled', '=', True)] required=True args: 'res.users', 'User'
Public methods (1)
  • action_send(self)

New fields (9)
  • entry_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" required=True args: 'vault.entry', 'Entry'
  • iv Char
    required=True
  • key Char
    required=True
  • master_key Char
    compute='_compute_master_key' store=False
  • model Char
    required=True
  • name Char
    required=True
  • secret Char
    required=True
  • secret_temporary Char
    required=True
  • vault_id Many2one → vault
    required=True args: 'vault', 'Vault'
Public methods (1)
  • action_store(self)

New fields (1)
  • name Char
    required=True
Public methods (0)

No public methods.

REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/13.0/vault
VERSION
VERSION 1.4.0
CATEGORY
CATEGORYVault
LICENSE
LICENSEAGPL-3
APPLICATION
APPLICATIONYes
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), initOS GmbH
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), initOS GmbH
COMMITTERS
COMMITTERSOCA Transbot, Víctor Martínez, Weblate, OCA-git-bot, oca-ci, fkantelberg, Carlos Roca, CarlosRoca13
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:34:11
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - base_setup
    - base
    - web
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (31)
XML IDNameModelTypeStatus
assets_backend assets_backend ir.ui.view qweb Inherits web.assets_backend
inbox inbox ir.ui.view qweb New
inbox_frontend inbox_frontend ir.ui.view qweb New
res_config_settings_view_form res.config.settings.view.form res.config.settings div Inherits base_setup.res_config_settings_view_form
tests_assets tests_assets ir.ui.view qweb Inherits web.js_tests_assets
view_res_users_key_form res.users.key form New
view_res_users_key_tree res.users.key tree New
view_right_form vault.right form New
view_right_tree vault.right tree New
view_users_form_keys_modif res.users form New
view_vault_entry_form vault.entry form New
view_vault_entry_full_tree vault.entry tree New
view_vault_entry_overview_form vault.entry field Inherits view_vault_entry_form
view_vault_entry_search vault.entry.search vault.entry search New
view_vault_entry_tree vault.entry tree New
view_vault_export_wizard vault.export.wizard form New
view_vault_field_form vault.field form New
view_vault_field_tree vault.field tree New
view_vault_file_form vault.file form New
view_vault_file_tree vault.file tree New
view_vault_form vault form New
view_vault_import_wizard vault.import.wizard form New
view_vault_inbox_form vault.inbox form New
view_vault_inbox_tree vault.inbox tree New
view_vault_log_tree vault.log tree New
view_vault_right_overview_search vault.right.overview.search vault.right search New
view_vault_right_overview_tree vault.right tree New
view_vault_search vault.search vault search New
view_vault_send_wizard vault.send.wizard form New
view_vault_store_wizard vault.store.wizard form New
view_vault_tree vault tree New
Models touched (19)

New fields (1)
  • module_vault_share Boolean
Public methods (0)

No public methods.

New fields (7)
  • active_key Many2one → res.users.key
    compute='_compute_active_key' store=False args: 'res.users.key'
  • inbox_enabled Boolean
    default=True
  • inbox_ids One2many → vault.inbox
    args: 'vault.inbox', 'user_id'
  • inbox_link Char
    compute='_compute_inbox_link' readonly=True store=False
  • inbox_token Char
    default=<expr> readonly=True
  • keys One2many → res.users.key
    readonly=True args: 'res.users.key', 'user_id'
  • vault_right_ids One2many → vault.right
    readonly=True args: 'vault.right', 'user_id'
Public methods (5)
  • action_get_vault(self)
    @api.model
  • action_invalidate_key(self)
    Disable the current key and remove all accesses to the vaults
  • action_new_inbox_token(self)
  • find_user_of_inbox(self, token)
    @api.model
  • get_vault_keys(self)

New fields (9)
  • current Boolean
    default=True readonly=True
  • fingerprint Char
    compute='_compute_fingerprint' store=True
  • iterations Integer
    readonly=True required=True
  • iv Char
    readonly=True required=True
  • private Char
    readonly=True required=True
  • public Char
    readonly=True required=True
  • salt Char
    readonly=True required=True
  • user_id Many2one → res.users
    required=True args: 'res.users'
  • uuid Char
    default=<expr> readonly=True required=True
Public methods (2)
  • extract_public_key(self, user)
  • store(self, iterations, iv, private, public, salt)

New fields (17)
  • allowed_create Boolean
    compute='_compute_access' store=False
  • allowed_delete Boolean
    compute='_compute_access' store=False
  • allowed_read Boolean
    compute='_compute_access' store=False
  • allowed_share Boolean
    compute='_compute_access' store=False
  • allowed_write Boolean
    compute='_compute_access' store=False
  • entry_ids One2many → vault.entry
    args: 'vault.entry', 'vault_id', 'Entries'
  • field_ids One2many → vault.field
    args: 'vault.field', 'vault_id', 'Fields'
  • file_ids One2many → vault.file
    args: 'vault.file', 'vault_id', 'Files'
  • log_ids One2many → vault.log
    readonly=True args: 'vault.log', 'vault_id', 'Log'
  • master_key Char
    compute='_compute_master_key' inverse='_inverse_master_key' store=False
  • name Char
    required=True
  • note Text
  • perm_user Many2one → res.users
    compute='_compute_access' store=False args: 'res.users'
  • reencrypt_required Boolean
    default=False
  • right_ids One2many → vault.right
    default=<expr> args: 'vault.right', 'vault_id', 'Rights'
  • user_id Many2one → res.users
    default=<expr> readonly=True required=True args: 'res.users', 'Owner'
  • uuid Char
    default=<expr> readonly=True required=True
Public methods (3)
  • action_open_export_wizard(self)
  • action_open_import_wizard(self)
  • share_public_keys(self)

New fields (0)

No new fields.

Public methods (6)
  • check_access_rule(self, operation)
  • log_entry(self, msg)
  • log_error(self, msg)
  • log_info(self, msg)
  • log_warn(self, msg)
  • raise_access_error(self)
    @api.model

New fields (12)
  • allowed_create Boolean
    related='vault_id.allowed_create' store=False
  • allowed_delete Boolean
    related='vault_id.allowed_delete' store=False
  • allowed_read Boolean
    related='vault_id.allowed_read' store=False
  • allowed_share Boolean
    related='vault_id.allowed_share' store=False
  • allowed_write Boolean
    related='vault_id.allowed_write' store=False
  • entry_id Many2one → vault.entry
    ondelete='cascade' required=True args: 'vault.entry'
  • entry_name Char
    related='entry_id.complete_name'
  • iv Char
  • master_key Char
    compute='_compute_master_key' store=False
  • name Char
    required=True
  • perm_user Many2one
    related='vault_id.perm_user' store=False
  • vault_id Many2one
    related='entry_id.vault_id'
Public methods (4)
  • create(self, values)
    @api.model_create_single
  • log_change(self, action)
  • unlink(self)
  • write(self, values)

New fields (21)
  • allowed_create Boolean
    related='vault_id.allowed_create' store=False
  • allowed_delete Boolean
    related='vault_id.allowed_delete' store=False
  • allowed_read Boolean
    related='vault_id.allowed_read' store=False
  • allowed_share Boolean
    related='vault_id.allowed_share' store=False
  • allowed_write Boolean
    related='vault_id.allowed_write' store=False
  • child_ids One2many → vault.entry
    args: 'vault.entry', 'parent_id', 'Child'
  • complete_name Char
    compute='_compute_complete_name' readonly=True store=True
  • expire_date Datetime
    default=False args: 'Expires on'
  • expired Boolean
    compute='_compute_expired' search='_search_expired' store=False
  • field_ids One2many → vault.field
    args: 'vault.field', 'entry_id', 'Fields'
  • file_ids One2many → vault.file
    args: 'vault.file', 'entry_id', 'Files'
  • log_ids One2many → vault.log
    readonly=True args: 'vault.log', 'entry_id', 'Log'
  • name Char
    required=True
  • note Text
  • parent_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" ondelete='cascade' args: 'vault.entry', 'Parent'
  • perm_user Many2one
    related='vault_id.perm_user' store=False
  • tags Many2many → vault.tag
    args: 'vault.tag'
  • url Char
  • user_id Many2one
    related='vault_id.user_id'
  • uuid Char
    copy=False default=<expr> required=True
  • vault_id Many2one → vault
    ondelete='cascade' required=True args: 'vault', 'Vault'
Public methods (8)
  • action_open_export_wizard(self)
  • action_open_import_wizard(self)
  • copy_data(self, default=None)
  • create(self, values)
    @api.model_create_single
  • log_change(self, action)
  • search_panel_select_range(self, field_name)
    @api.model
    We add the following contexts related to searchpanel: - entry_short_name: Show just the name instead of full path. - search_panel_limit: It will be a small hack to NOT limit records.
  • search_read(self, domain=None, fields=None, offset=0, limit=None, order=None)
    Changes related to searchpanel: - Remove the limit of records (default is 200). In v14 it is not necessary. - Add a domain to only show records with children.
  • unlink(self)

New fields (6)
  • content Binary
    attachment=False args: 'Download'
  • entry_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" args: 'vault.entry', 'Entries'
  • include_childs Boolean
    default=True
  • master_key Char
    related='vault_id.master_key'
  • name Char
    default=<expr>
  • vault_id Many2one → vault
    args: 'vault', 'Vault'
Public methods (0)

No public methods.

New fields (1)
  • value Char
    required=True
Public methods (0)

No public methods.

New fields (1)
  • value Binary
    attachment=False
Public methods (1)
  • search_read(self, *args, **kwargs)
    @api.model

New fields (8)
  • content Binary
    attachment=False args: 'Database'
  • crypted_content Char
  • master_key Char
    related='vault_id.master_key'
  • name Char
  • parent_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" args: 'vault.entry', 'Parent Entry'
  • path Many2one → vault.import.wizard.path
    default='' domain="[('uuid', '=', uuid)]" args: 'vault.import.wizard.path', 'Path to import'
  • uuid Char
    default=<expr>
  • vault_id Many2one → vault
    args: 'vault', 'Vault'
Public methods (1)
  • action_import(self)

New fields (2)
  • name Char
    required=True
  • uuid Char
    required=True
Public methods (0)

No public methods.

New fields (12)
  • accesses Integer
    default=1 help="If this is 0 the inbox can't be written using the link" args: 'Access counter'
  • expiration Datetime
    default=<expr> help="If expired the inbox can't be written using the link"
  • filename Char
  • inbox_link Char
    compute='_compute_inbox_link' help='Using this link you can write to the current inbox. If you want people to create new inboxes you should give them your inbox link from your key management.' readonly=True
  • iv Char
    required=True
  • key Char
    required=True
  • log_ids One2many → vault.inbox.log
    readonly=True args: 'vault.inbox.log', 'inbox_id', 'Log'
  • name Char
    required=True
  • secret Char
    readonly=True
  • secret_file Binary
    attachment=False readonly=True
  • token Char
    copy=False default=<expr> readonly=True
  • user_id Many2one → res.users
    required=True args: 'res.users', 'Vault'
Public methods (3)
  • find_inbox(self, token)
    @api.model
  • read(self, *args, **kwargs)
  • store_in_inbox(self, name, secret, secret_file, iv, key, user, filename, ip=None)

New fields (2)
  • inbox_id Many2one → vault.inbox
    ondelete='cascade' readonly=True required=True args: 'vault.inbox'
  • name Char
    readonly=True
Public methods (0)

No public methods.

New fields (5)
  • entry_id Many2one → vault.entry
    ondelete='cascade' readonly=True args: 'vault.entry', 'Entry'
  • message Char
    readonly=True required=True
  • state Selection
    readonly=True args: <expr>
  • user_id Many2one → res.users
    readonly=True required=True args: 'res.users', 'User'
  • vault_id Many2one → vault
    ondelete='cascade' readonly=True required=True args: 'vault', 'Vault'
Public methods (1)
  • create(self, values)
    @api.model

New fields (15)
  • allowed_create Boolean
    related='vault_id.allowed_create' store=False
  • allowed_delete Boolean
    related='vault_id.allowed_delete' store=False
  • allowed_read Boolean
    related='vault_id.allowed_read' store=False
  • allowed_share Boolean
    related='vault_id.allowed_share' store=False
  • allowed_write Boolean
    related='vault_id.allowed_write' store=False
  • key Char
  • master_key Char
    readonly=True related='vault_id.master_key' store=False
  • perm_create Boolean
    default=<expr> help='Allow to create in the vault' args: 'Create'
  • perm_delete Boolean
    default=<expr> help='Allow to delete a vault' args: 'Delete'
  • perm_share Boolean
    default=<expr> help='Allow to share a vault with new users' args: 'Share'
  • perm_user Many2one
    related='vault_id.perm_user' store=False
  • perm_write Boolean
    default=<expr> help='Allow to write to the vault' args: 'Write'
  • public_key Char
    compute='_compute_public_key' readonly=True store=False
  • user_id Many2one → res.users
    domain=[('keys', '!=', False)] required=True args: 'res.users', 'User'
  • vault_id Many2one → vault
    ondelete='cascade' readonly=True required=True args: 'vault', 'Vault'
Public methods (4)
  • create(self, values)
    @api.model
  • log_access(self)
  • unlink(self)
  • write(self, values)

New fields (9)
  • filename Char
  • iv Char
    required=True
  • key Char
    required=True
  • key_user Char
    required=True
  • name Char
    required=True
  • public Char
    related='user_id.active_key.public'
  • secret Char
    required=True
  • secret_file Char
  • user_id Many2one → res.users
    domain=[('keys', '!=', False), ('inbox_enabled', '=', True)] required=True args: 'res.users', 'User'
Public methods (1)
  • action_send(self)

New fields (9)
  • entry_id Many2one → vault.entry
    domain="[('vault_id', '=', vault_id)]" required=True args: 'vault.entry', 'Entry'
  • iv Char
    required=True
  • key Char
    required=True
  • master_key Char
    compute='_compute_master_key' store=False
  • model Char
    required=True
  • name Char
    required=True
  • secret Char
    required=True
  • secret_temporary Char
    required=True
  • vault_id Many2one → vault
    required=True args: 'vault', 'Vault'
Public methods (1)
  • action_store(self)

New fields (1)
  • name Char
    required=True
Public methods (0)

No public methods.