[IMP] make base_user_role_line company dependent

2025-02-18 09:52:42 +02:00 · 2019-01-29 16:03:06 +01:00
parent 8cdda85cd7
commit 9bf77f52c3
5 changed files with 64 additions and 4 deletions
--- a/base_user_role/models/role.py
+++ b/base_user_role/models/role.py
@@ -3,8 +3,9 @@
 import datetime
 import logging

-from odoo import api, fields, models
+from odoo import _, api, fields, models
 from odoo import SUPERUSER_ID
+from odoo.exceptions import ValidationError


 _logger = logging.getLogger(__name__)
@@ -82,6 +83,20 @@ class ResUsersRoleLine(models.Model):
    date_from = fields.Date("From")
    date_to = fields.Date("To")
    is_enabled = fields.Boolean("Enabled", compute='_compute_is_enabled')
+    company_id = fields.Many2one(
+        'res.company', 'Company',
+        default=lambda self: self.env.user.company_id)
+
+    @api.multi
+    @api.constrains('user_id', 'company_id')
+    def _check_company(self):
+        for record in self:
+            if (self.company_id and
+                    self.company_id != self.user_id.company_id and
+                    self.company_id not in self.user_id.company_ids):
+                raise ValidationError(
+                    _('User "{}" does not have access to the company "{}"')
+                    .format(self.user_id.name, self.company_id.name))

    @api.multi
    @api.depends('date_from', 'date_to')
--- a/base_user_role/models/user.py
+++ b/base_user_role/models/user.py
@@ -50,6 +50,11 @@ class ResUsers(models.Model):
        return res

    @api.multi
+    def _get_enabled_roles(self):
+        return self.role_line_ids.filtered(
+            lambda rec: rec.is_enabled and
+            (not rec.company_id or rec.company_id == rec.user_id.company_id))
+
    def set_groups_from_roles(self, force=False):
        """Set (replace) the groups following the roles defined on users.
        If no role is defined on the user, its groups are let untouched unless
@@ -66,9 +71,7 @@ class ResUsers(models.Model):
            if not user.role_line_ids and not force:
                continue
            group_ids = []
-            role_lines = user.role_line_ids.filtered(
-                lambda rec: rec.is_enabled)
-            for role_line in role_lines:
+            for role_line in user._get_enabled_roles():
                role = role_line.role_id
                group_ids += role_groups[role]
            group_ids = list(set(group_ids))    # Remove duplicates IDs