Odoo Advanced N: Security
7 November, 2022 by
Deviati Nur Istiqomah


Advanced N: Security

Every day we hear about data leaks and attacks in the newspapers. We expect you to be aware and careful about how to avoid security breaches in your future developments.

You already defined new models in your training. Did you check the access rights and define record rules on it ? Are you sure your module is not an open door to SQL injections ? Did you use getattr or t-raw in your code?

  • No or wrong access rules on models.

  • Introduction of public methods that should actually be private.

  • Wrong manipulation of access tokens.

  • No or wrong ir.rules (restriction rules) on models.

  • Introduction of SQL injections.

  • etc.

Please check this presentation from Olivier Dony (odo) about common mistakes that you should absolutely avoid in your future developments. Also, please always use this security checklist to double-check your development and avoid further embarrassing issues.

Deviati Nur Istiqomah
7 November, 2022
Share this post
Archive