DB Browser

Visual PostgreSQL database browser & editor for Odoo administrators

Multi-Database Support

Switch between any PostgreSQL database on your server. All databases on the instance are listed in a single dropdown.

Table Browser

Browse all tables with live row counts. Search and filter tables by name in the sidebar. Paginated data viewer handles millions of rows.

Inline Record Editing

Double-click any cell to edit its value directly. Create new rows with a form modal. Delete multiple rows with checkbox selection.

SQL Editor

Write and execute arbitrary SQL queries. Results are displayed in a clean, sortable table. Supports SELECT, INSERT, UPDATE, DELETE.

Admin-Only Access

Fully restricted to Odoo system administrators (base.group_system). Unauthorised users receive a 403 error from all API endpoints.

Modern OWL Frontend

Built with Odoo 17/18/19's OWL component framework. Reactive state management, no full-page reloads, instant feedback.

1. Install the DB Browser module from Apps.
2. Navigate to DB Browser in the top menu (System Administrator only).
3. Select a database from the dropdown to load its table list.
4. Click a table to browse records — search, sort, paginate.
5. Double-click a cell to edit inline. Use + New Row to insert records.
6. Switch to the SQL Editor tab to run custom queries.

Built-in Protections

• Authentication required - all endpoints use auth='user'; unauthenticated requests are rejected at the Odoo layer
• Admin-only access - every endpoint calls has_group('base.group_system') and returns HTTP 403 for non-administrators
• SQL injection prevention - table and column identifiers are validated against a strict regex (^[a-zA-Z_][a-zA-Z0-9_]*$); all data values use parameterized queries (%s)
• Audit logging - every write operation (CREATE, UPDATE, DELETE, raw SQL) is logged at WARNING level in the Odoo server log with the target database, table, and affected values
• No unauthenticated surfaces - the module registers no public routes; all endpoints require an active Odoo session

Security Audit

DB Browser has been fully audited by Skymap Global, a leading enterprise software and security consultancy. The audit covered authentication & authorisation controls, SQL injection attack surfaces, input validation, session handling, and logging completeness. No critical or high-severity findings were identified.