mirror of
https://github.com/OCA/server-backend.git
synced 2025-02-18 09:52:42 +02:00
8f24e9e776
The Odoo `_search` function performs a `sudo` on the first line of its implementation, causing that the uid's wrapper (class BaseSuspendSecurityUid) is lost. This is evidenced when a function with suspend security is called and in its implementation needs the values of a 'one2many' field (it does a `search` in another model without reading access) an Access Error is raised.
29 lines
796 B
Python
29 lines
796 B
Python
# Copyright 2016 ACSONE SA/NV
|
|
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
|
|
|
|
from odoo import api, models, SUPERUSER_ID
|
|
|
|
from ..base_suspend_security import BaseSuspendSecurityUid
|
|
|
|
|
|
class Base(models.AbstractModel):
|
|
|
|
_inherit = 'base'
|
|
|
|
@api.model
|
|
def suspend_security(self):
|
|
return self.with_env(
|
|
api.Environment(
|
|
self.env.cr,
|
|
BaseSuspendSecurityUid(self.env.uid),
|
|
self.env.context))
|
|
|
|
def sudo(self, user=SUPERUSER_ID):
|
|
if isinstance(self.env.uid, BaseSuspendSecurityUid):
|
|
return self.with_env(
|
|
api.Environment(
|
|
self.env.cr, BaseSuspendSecurityUid(user), self.env.context
|
|
)
|
|
)
|
|
return super().sudo(user)
|