Merge PR #55 into 12.0

Signed-off-by hbrunn

base_suspend_security/base_suspend_security.py

@@ -4,9 +4,6 @@ from odoo.tools import pycompat
 
 
 class BaseSuspendSecurityUid(int):
-    def __int__(self):
-        return self
-
     def __eq__(self, other):
         if isinstance(other, pycompat.integer_types):
             return False

base_suspend_security/models/base.py

@@ -1,7 +1,7 @@
 # Copyright 2016 ACSONE SA/NV
 # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
 
-from odoo import api, models
+from odoo import api, models, SUPERUSER_ID
 
 from ..base_suspend_security import BaseSuspendSecurityUid
 
@@ -17,3 +17,12 @@ class Base(models.AbstractModel):
                 self.env.cr,
                 BaseSuspendSecurityUid(self.env.uid),
                 self.env.context))
+
+    def sudo(self, user=SUPERUSER_ID):
+        if isinstance(user, BaseSuspendSecurityUid):
+            return self.with_env(
+                api.Environment(
+                    self.env.cr, user, self.env.context
+                )
+            )
+        return super().sudo(user)

base_suspend_security/tests/test_base_suspend_security.py

@@ -30,3 +30,19 @@ class TestBaseSuspendSecurity(TransactionCase):
         # this tests if _normalize_args conversion works
         self.env['res.users'].browse(
             self.env['res.users'].suspend_security().env.uid)
+
+    def test_suspend_security_on_search(self):
+        user_without_access = self.env["res.users"].create(
+            dict(
+                name="Testing Suspend Security",
+                login="nogroups",
+                email="nogroups@suspendsecurity.com",
+                groups_id=[(5,)],
+            )
+        )
+        model = self.env["ir.config_parameter"]
+        # the search is forbidden
+        with self.assertRaises(exceptions.AccessError):
+            model.sudo(user_without_access).search([])
+        # this tests the search
+            model.sudo(user_without_access).suspend_security().search([])