pedrobaeza
commented
4 months ago /ocabot merge patch
Closed pedrobaeza closed 4 months ago
pedrobaeza
commented
4 months ago /ocabot merge patch
OCA-git-bot
commented
4 months ago On my way to merge this fine PR! Prepared branch 15.0-ocabot-merge-pr-2994-by-pedrobaeza-bump-patch, awaiting test results.
OCA-git-bot
commented
4 months ago Congratulations, your PR was merged at 7578a2f30631ad9906cf6e96ec1cfe1f0dda6787. Thanks a lot for contributing to OCA. ❤️
Cherry-pick of #2852 (backported for 14.0 in #2993), but with proper commit message.
With Odoo 16.0, running the "Purge columns" database cleanup, a field called totp_secret shows up for purging when the auth_totp module is installed. This field seems to be defined as a computed non-stored field (https://github.com/odoo/odoo/blob/93aa48c972889f941b97a60738d33f571204bb2c/addons/auth_totp/models/res_users.py#L24), but also has a query referring to it. (https://github.com/odoo/odoo/blob/93aa48c972889f941b97a60738d33f571204bb2c/addons/auth_totp/models/res_users.py#L160)
The totp_secret field would have to be defined as stored=True, but it is not defined as such. Instead, it's added in res.users init method: https://github.com/odoo/odoo/blob/93aa48c972889f941b97a60738d33f571204bb2c/addons/auth_totp/models/res_users.py#L32
The solution is to add the "totp_secret" field to the blacklisted fields of res.users.
@Tecnativa