audrius/server-backend
1
0
Fork 0
mirror of https://github.com/OCA/server-backend.git synced 2025-02-18 09:52:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

FIX base_user_role: use `sudo() in user_ids` compute

Browse Source 
When computing ``user_ids``, avoid AccessError due to multi-company
rules if the compute is triggered by an admin user
This commit is contained in:
SilvioC2C
2022-05-26 17:02:04 +02:00
committed by Sébastien Alix
parent 62c9b411a9
commit 154698de24
1 changed files with 21 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
base_user_role/models/role.py
View File

@@ -36,26 +36,39 @@ class ResUsersRole(models.Model):
@api.depends("line_ids.user_id") @api.depends("line_ids.user_id")
def _compute_user_ids(self): def _compute_user_ids(self):
for role in self: for role in self.sudo() if self._bypass_rules() else self:
role.user_ids = role.line_ids.mapped("user_id") role.user_ids = role.line_ids.mapped("user_id")
@api.model
def _bypass_rules(self):
# Run methods as super user to avoid problems by "Administrator/Access Right"
return self._name == "res.users.role" and self.env.user.has_group(
"base.group_erp_manager"
)
@api.model @api.model
def create(self, vals): def create(self, vals):
new_record = super(ResUsersRole, self).create(vals) model = (self.sudo() if self._bypass_rules() else self).browse()
new_record = super(ResUsersRole, model).create(vals)
new_record.update_users() new_record.update_users()
return new_record return new_record
def read(self, fields=None, load="_classic_read"):
recs = self.sudo() if self._bypass_rules() else self
return super(ResUsersRole, recs).read(fields, load)
def write(self, vals): def write(self, vals):
# Workaround to solve issue with broken code in odoo that clear the cache recs = self.sudo() if self._bypass_rules() else self
# during the write: see odoo/addons/base/models/res_users.py#L226 # Workaround to solve issue with broken code in odoo that clear the
# cache during the write: see odoo/addons/base/models/res_users.py#L226
groups_vals = {} groups_vals = {}
for field in self.group_id._fields: for field in recs.group_id._fields:
if field in vals: if field in vals:
groups_vals[field] = vals.pop(field) groups_vals[field] = vals.pop(field)
if groups_vals: if groups_vals:
self.group_id.write(groups_vals) recs.group_id.write(groups_vals)
res = super(ResUsersRole, self).write(vals) res = super(ResUsersRole, recs).write(vals)
self.update_users() recs.update_users()
return res return res
def unlink(self): def unlink(self):