[IMP] report_qweb_signer: allowed reports on certificate

Add a new 'Allowed reports' field on the certificate. Only reports listed in this field can be signed. No report means all reports are allowed.

report_qweb_signer/models/ir_actions_report.py

@@ -47,6 +47,9 @@ class IrActionsReport(models.Model):
             [
                 ("company_id", "=", company_id),
                 ("model_id", "=", self.model),
+                "|",
+                ("action_report_ids", "=", False),
+                ("action_report_ids", "in", self.id),
             ]
         )
         if not certificates:

report_qweb_signer/models/report_certificate.py

@@ -37,6 +37,16 @@ class ReportCertificate(models.Model):
         string="Domain",
         help="Domain for filtering if sign or not the document",
     )
+    action_report_ids = fields.Many2many(
+        string="Allowed reports",
+        help="Reports to sign for the selected model."
+        "No report selected means all reports are allowed.",
+        comodel_name="ir.actions.report",
+        relation="report_certificate_action_report",
+        column1="report_certificate_id",
+        column2="action_report_id",
+        domain="[('model_id', '=', model_id)]",
+    )
     allow_only_one = fields.Boolean(
         string="Allow only one document",
         default=True,

report_qweb_signer/views/report_certificate_view.xml

@@ -33,6 +33,7 @@ License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
                                 widget="selection"
                                 groups="base.group_multi_company"
                             />
+                            <field name="action_report_ids" widget="many2many_tags" />
                         </group>
                         <group
                             attrs="{'invisible': [('signing_method', '!=', 'endesive')]}"