diff --git a/base_user_role/models/role.py b/base_user_role/models/role.py index 636c3830..30fb8096 100644 --- a/base_user_role/models/role.py +++ b/base_user_role/models/role.py @@ -36,26 +36,39 @@ class ResUsersRole(models.Model): @api.depends("line_ids.user_id") def _compute_user_ids(self): - for role in self: + for role in self.sudo() if self._bypass_rules() else self: role.user_ids = role.line_ids.mapped("user_id") + @api.model + def _bypass_rules(self): + # Run methods as super user to avoid problems by "Administrator/Access Right" + return self._name == "res.users.role" and self.env.user.has_group( + "base.group_erp_manager" + ) + @api.model def create(self, vals): - new_record = super(ResUsersRole, self).create(vals) + model = (self.sudo() if self._bypass_rules() else self).browse() + new_record = super(ResUsersRole, model).create(vals) new_record.update_users() return new_record + def read(self, fields=None, load="_classic_read"): + recs = self.sudo() if self._bypass_rules() else self + return super(ResUsersRole, recs).read(fields, load) + def write(self, vals): - # Workaround to solve issue with broken code in odoo that clear the cache - # during the write: see odoo/addons/base/models/res_users.py#L226 + recs = self.sudo() if self._bypass_rules() else self + # Workaround to solve issue with broken code in odoo that clear the + # cache during the write: see odoo/addons/base/models/res_users.py#L226 groups_vals = {} - for field in self.group_id._fields: + for field in recs.group_id._fields: if field in vals: groups_vals[field] = vals.pop(field) if groups_vals: - self.group_id.write(groups_vals) - res = super(ResUsersRole, self).write(vals) - self.update_users() + recs.group_id.write(groups_vals) + res = super(ResUsersRole, recs).write(vals) + recs.update_users() return res def unlink(self):