Browse Source
ADD pos_user_restriction
ADD pos_user_restriction
Restrict some users to only access their assigned points of salepull/514/head
eLBati
4 years ago
15 changed files with 257 additions and 0 deletions
-
1pos_user_restriction/__init__.py
-
23pos_user_restriction/__manifest__.py
-
53pos_user_restriction/i18n/it.po
-
1pos_user_restriction/models/__init__.py
-
10pos_user_restriction/models/pos_config.py
-
3pos_user_restriction/readme/CONFIGURE.rst
-
1pos_user_restriction/readme/CONTRIBUTORS.rst
-
1pos_user_restriction/readme/DESCRIPTION.rst
-
24pos_user_restriction/security/ir.model.access.csv
-
52pos_user_restriction/security/pos_security.xml
-
1pos_user_restriction/tests/__init__.py
-
52pos_user_restriction/tests/test_pos_user_restriction.py
-
28pos_user_restriction/views/pos_config_views.xml
-
1setup/pos_user_restriction/odoo/addons/pos_user_restriction
-
6setup/pos_user_restriction/setup.py
@ -0,0 +1 @@ |
|||
from . import models |
@ -0,0 +1,23 @@ |
|||
# Copyright 2020 Lorenzo Battistini @ TAKOBI |
|||
# License LGPL-3.0 or later (https://www.gnu.org/licenses/lgpl). |
|||
{ |
|||
"name": "Point of Sale - Restrict users", |
|||
"summary": "Restrict some users to see and use only certain points of sale", |
|||
"version": "12.0.1.0.0", |
|||
"development_status": "Beta", |
|||
"category": "Point of Sale", |
|||
"website": "https://github.com/OCA/pos", |
|||
"author": "TAKOBI, Odoo Community Association (OCA)", |
|||
"maintainers": ["eLBati"], |
|||
"license": "LGPL-3", |
|||
"application": False, |
|||
"installable": True, |
|||
"depends": [ |
|||
"point_of_sale", |
|||
], |
|||
"data": [ |
|||
"security/pos_security.xml", |
|||
"views/pos_config_views.xml", |
|||
"security/ir.model.access.csv", |
|||
], |
|||
} |
@ -0,0 +1,53 @@ |
|||
# Translation of Odoo Server. |
|||
# This file contains the translation of the following modules: |
|||
# * pos_user_restriction |
|||
# |
|||
msgid "" |
|||
msgstr "" |
|||
"Project-Id-Version: Odoo Server 12.0\n" |
|||
"Report-Msgid-Bugs-To: \n" |
|||
"POT-Creation-Date: 2020-07-07 04:49+0000\n" |
|||
"PO-Revision-Date: 2020-07-07 04:49+0000\n" |
|||
"Last-Translator: <>\n" |
|||
"Language-Team: \n" |
|||
"MIME-Version: 1.0\n" |
|||
"Content-Type: text/plain; charset=UTF-8\n" |
|||
"Content-Transfer-Encoding: \n" |
|||
"Plural-Forms: \n" |
|||
|
|||
#. module: pos_user_restriction |
|||
#: model:ir.model.fields,field_description:pos_user_restriction.field_pos_config__assigned_user_ids |
|||
msgid "Assigned users" |
|||
msgstr "Utenti assegnati" |
|||
|
|||
#. module: pos_user_restriction |
|||
#: model:ir.model,name:pos_user_restriction.model_pos_config |
|||
msgid "Point of Sale Configuration" |
|||
msgstr "Configurazione punto vendita" |
|||
|
|||
#. module: pos_user_restriction |
|||
#: model:ir.model.fields,help:pos_user_restriction.field_pos_config__assigned_user_ids |
|||
#: model_terms:ir.ui.view,arch_db:pos_user_restriction.pos_config_view_form_users |
|||
msgid "Restrict some users to only access their assigned points of sale. In order to apply the restriction, the user needs the 'User: Assigned POS Only' group" |
|||
msgstr "Limitare alcuni utenti ad accedere solamente ai loro punti vendita assegnati. Per applicare la restrizione, l'utente necessita il gruppo 'Utente: solamente POS assegnati'" |
|||
|
|||
#. module: pos_user_restriction |
|||
#: model:res.groups,comment:pos_user_restriction.group_assigned_points_of_sale_user |
|||
msgid "The user will have access to her assigned points of sale." |
|||
msgstr "L'utente avrà accesso ai propri punti vendita assegnati." |
|||
|
|||
#. module: pos_user_restriction |
|||
#: model:res.groups,name:pos_user_restriction.group_assigned_points_of_sale_user |
|||
msgid "User: Assigned POS Only" |
|||
msgstr "Utente: solamente POS assegnati" |
|||
|
|||
#. module: pos_user_restriction |
|||
#: model_terms:ir.ui.view,arch_db:pos_user_restriction.pos_config_view_form_users |
|||
msgid "Users" |
|||
msgstr "Utenti" |
|||
|
|||
#. module: pos_user_restriction |
|||
#: model_terms:ir.ui.view,arch_db:pos_user_restriction.pos_config_view_form_users |
|||
msgid "Users assigned to this point of sale" |
|||
msgstr "Utenti assegnati a questo punto vendita" |
|||
|
@ -0,0 +1 @@ |
|||
from . import pos_config |
@ -0,0 +1,10 @@ |
|||
from odoo import models, fields |
|||
|
|||
|
|||
class PosConfig(models.Model): |
|||
_inherit = 'pos.config' |
|||
assigned_user_ids = fields.Many2many( |
|||
"res.users", string="Assigned users", |
|||
help="Restrict some users to only access their assigned points of sale. " |
|||
"In order to apply the restriction, the user needs the " |
|||
"'User: Assigned POS Only' group") |
@ -0,0 +1,3 @@ |
|||
With a POS Manager, open a point of sale configration (pos.config) and set "Assigned users" field. |
|||
|
|||
Then, assign "User: Assigned POS Only" group to users who should be able to access to their assigned points of sale only. |
@ -0,0 +1 @@ |
|||
* Lorenzo Battistini (https://takobi.online) |
@ -0,0 +1 @@ |
|||
Restrict some users to only access their assigned points of sale. |
@ -0,0 +1,24 @@ |
|||
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink |
|||
access_pos_order,pos.order,point_of_sale.model_pos_order,group_assigned_points_of_sale_user,1,1,1,1 |
|||
access_pos_order_line,pos.order.line,point_of_sale.model_pos_order_line,group_assigned_points_of_sale_user,1,1,1,1 |
|||
access_pos_pack_operation_lot,pos.pack.operation.lot,point_of_sale.model_pos_pack_operation_lot,group_assigned_points_of_sale_user,1,1,1,1 |
|||
access_stock_picking_pos_user,stock.picking pos_user,stock.model_stock_picking,group_assigned_points_of_sale_user,1,1,1,1 |
|||
access_stock_warehouse_pos_user,stock.warehouse pos_user,stock.model_stock_warehouse,group_assigned_points_of_sale_user,1,0,0,0 |
|||
access_stock_move_pos_user,stock.move pos_user,stock.model_stock_move,group_assigned_points_of_sale_user,1,1,1,1 |
|||
access_report_pos_order,report.pos.order,point_of_sale.model_report_pos_order,group_assigned_points_of_sale_user,1,1,1,1 |
|||
access_account_journal_pos_user,account.journal pos_user,account.model_account_journal,group_assigned_points_of_sale_user,1,0,0,0 |
|||
access_account_bank_statement,account.bank.statement,account.model_account_bank_statement,group_assigned_points_of_sale_user,1,1,1,0 |
|||
access_account_bank_statement_line,account.bank.statement.line,account.model_account_bank_statement_line,group_assigned_points_of_sale_user,1,1,1,0 |
|||
access_product_product,product.product,product.model_product_product,group_assigned_points_of_sale_user,1,0,0,0 |
|||
access_product_template_pos_user,product.template pos user,product.model_product_template,group_assigned_points_of_sale_user,1,0,0,0 |
|||
access_product_product_supplierinfo_user,product.supplierinfo user,product.model_product_supplierinfo,group_assigned_points_of_sale_user,1,0,0,0 |
|||
access_product_product_packaging_user,product.packaging user,product.model_product_packaging,group_assigned_points_of_sale_user,1,0,0,0 |
|||
access_product_pricelist_user,product.pricelist user,product.model_product_pricelist,group_assigned_points_of_sale_user,1,0,0,0 |
|||
access_pos_session_user,pos.session user,point_of_sale.model_pos_session,group_assigned_points_of_sale_user,1,1,1,0 |
|||
access_pos_config_user,pos.config user,point_of_sale.model_pos_config,group_assigned_points_of_sale_user,1,1,0,0 |
|||
access_product_category_pos_user,pos.category user,point_of_sale.model_pos_category,group_assigned_points_of_sale_user,1,0,0,0 |
|||
access_barcode_nomenclature_pos_user,barcode.nomenclature.pos.user,barcodes.model_barcode_nomenclature,group_assigned_points_of_sale_user,1,0,0,0 |
|||
access_barcode_rule_pos_user,barcode.rule.pos.user,barcodes.model_barcode_rule,group_assigned_points_of_sale_user,1,0,0,0 |
|||
access_bank_statement_cashbox_user,account.bank.statement.cashbox user,account.model_account_bank_statement_cashbox,group_assigned_points_of_sale_user,1,1,1,0 |
|||
access_account_cashbox_line_user,account.cashbox.line user,account.model_account_cashbox_line,group_assigned_points_of_sale_user,1,1,1,0 |
|||
access_account_cash_rounding_pos_user,account.cash.rounding.pos.user,account.model_account_cash_rounding,group_assigned_points_of_sale_user,1,0,0,0 |
@ -0,0 +1,52 @@ |
|||
<?xml version="1.0" encoding="utf-8"?> |
|||
<odoo> |
|||
<record id="group_assigned_points_of_sale_user" model="res.groups"> |
|||
<field name="name">User: Assigned POS Only</field> |
|||
<field name="category_id" ref="base.module_category_point_of_sale"/> |
|||
<field name="comment">The user will have access to her assigned points of sale.</field> |
|||
</record> |
|||
<record id="point_of_sale.group_pos_user" model="res.groups"> |
|||
<field name="implied_ids" eval="[(4, ref('group_assigned_points_of_sale_user'))]"/> |
|||
</record> |
|||
|
|||
<data noupdate="1"> |
|||
<record id="pos_config_assigned_users" model="ir.rule"> |
|||
<field name="name">Assigned points of sale</field> |
|||
<field ref="point_of_sale.model_pos_config" name="model_id"/> |
|||
<field name="domain_force">['|',('assigned_user_ids','in',user.id),('assigned_user_ids','=',False)]</field> |
|||
<field name="groups" eval="[(4, ref('group_assigned_points_of_sale_user'))]"/> |
|||
</record> |
|||
<record id="pos_session_assigned_users" model="ir.rule"> |
|||
<field name="name">Assigned POS sessions</field> |
|||
<field ref="point_of_sale.model_pos_session" name="model_id"/> |
|||
<field name="domain_force">['|',('config_id.assigned_user_ids','in',user.id),('config_id.assigned_user_ids','=',False)]</field> |
|||
<field name="groups" eval="[(4, ref('group_assigned_points_of_sale_user'))]"/> |
|||
</record> |
|||
<record id="pos_order_assigned_users" model="ir.rule"> |
|||
<field name="name">Assigned POS orders</field> |
|||
<field ref="point_of_sale.model_pos_order" name="model_id"/> |
|||
<field name="domain_force">['|',('session_id.config_id.assigned_user_ids','in',user.id),('session_id.config_id.assigned_user_ids','=',False)]</field> |
|||
<field name="groups" eval="[(4, ref('group_assigned_points_of_sale_user'))]"/> |
|||
</record> |
|||
|
|||
<record id="pos_config_see_all" model="ir.rule"> |
|||
<field name="name">All points of sale</field> |
|||
<field ref="point_of_sale.model_pos_config" name="model_id"/> |
|||
<field name="domain_force">[(1,'=',1)]</field> |
|||
<field name="groups" eval="[(4, ref('point_of_sale.group_pos_user'))]"/> |
|||
</record> |
|||
<record id="pos_session_see_all" model="ir.rule"> |
|||
<field name="name">All POS sessions</field> |
|||
<field ref="point_of_sale.model_pos_session" name="model_id"/> |
|||
<field name="domain_force">[(1,'=',1)]</field> |
|||
<field name="groups" eval="[(4, ref('point_of_sale.group_pos_user'))]"/> |
|||
</record> |
|||
<record id="pos_order_see_all" model="ir.rule"> |
|||
<field name="name">All POS orders</field> |
|||
<field ref="point_of_sale.model_pos_order" name="model_id"/> |
|||
<field name="domain_force">[(1,'=',1)]</field> |
|||
<field name="groups" eval="[(4, ref('point_of_sale.group_pos_user'))]"/> |
|||
</record> |
|||
</data> |
|||
|
|||
</odoo> |
@ -0,0 +1 @@ |
|||
from . import test_pos_user_restriction |
@ -0,0 +1,52 @@ |
|||
from odoo.tests.common import SavepointCase |
|||
|
|||
|
|||
class TestUserRestriction(SavepointCase): |
|||
|
|||
@classmethod |
|||
def setUpClass(cls): |
|||
super().setUpClass() |
|||
cls.env = cls.env(context=dict( |
|||
cls.env.context, |
|||
tracking_disable=True, |
|||
no_reset_password=True, |
|||
)) |
|||
cls.pos_user = cls.env['res.users'].create({ |
|||
'login': 'pos_user', |
|||
'name': 'pos_user', |
|||
'groups_id': [(6, 0, [cls.env.ref('point_of_sale.group_pos_user').id])] |
|||
}) |
|||
cls.pos_user_assigned_pos = cls.env['res.users'].create({ |
|||
'login': 'pos_user_assigned_pos', |
|||
'name': 'pos_user_assigned_pos', |
|||
'groups_id': [(6, 0, [cls.env.ref( |
|||
'pos_user_restriction.group_assigned_points_of_sale_user').id])] |
|||
}) |
|||
cls.pos_config_main = cls.env.ref('point_of_sale.pos_config_main') |
|||
cls.pos_config_model = cls.env['pos.config'] |
|||
|
|||
def test_access_pos(self): |
|||
# assigned_user_ids is not set: both users can read |
|||
pos_configs = self.pos_config_model.sudo(self.pos_user.id).search([]) |
|||
self.assertTrue(pos_configs) |
|||
pos_configs = self.pos_config_model.sudo( |
|||
self.pos_user_assigned_pos.id).search([]) |
|||
self.assertTrue(pos_configs) |
|||
|
|||
self.pos_config_main.assigned_user_ids = [ |
|||
(6, 0, [self.pos_user_assigned_pos.id])] |
|||
# assigned_user_ids is set with pos_user_assigned_pos: both users can read |
|||
pos_configs = self.pos_config_model.sudo(self.pos_user.id).search([]) |
|||
self.assertTrue(pos_configs) |
|||
pos_configs = self.pos_config_model.sudo( |
|||
self.pos_user_assigned_pos.id).search([]) |
|||
self.assertTrue(pos_configs) |
|||
|
|||
self.pos_config_main.assigned_user_ids = [ |
|||
(6, 0, [self.pos_user.id])] |
|||
# assigned_user_ids is set with pos_user: only pos_user can read |
|||
pos_configs = self.pos_config_model.sudo(self.pos_user.id).search([]) |
|||
self.assertTrue(pos_configs) |
|||
pos_configs = self.pos_config_model.sudo( |
|||
self.pos_user_assigned_pos.id).search([]) |
|||
self.assertFalse(pos_configs) |
@ -0,0 +1,28 @@ |
|||
<?xml version="1.0" encoding="utf-8"?> |
|||
<odoo> |
|||
<record id="pos_config_view_form_users" model="ir.ui.view"> |
|||
<field name="name">pos_config_view_form_users</field> |
|||
<field name="model">pos.config</field> |
|||
<field name="inherit_id" ref="point_of_sale.pos_config_view_form"/> |
|||
<field name="arch" type="xml"> |
|||
<xpath expr="//sheet/div[last()]" position="after"> |
|||
<h2 groups="point_of_sale.group_pos_manager">Users</h2> |
|||
<div class="row mt16 o_settings_container" groups="point_of_sale.group_pos_manager"> |
|||
<div class="col-12 col-lg-6 o_setting_box"> |
|||
<div class="o_setting_right_pane"> |
|||
<div class="text-muted"> |
|||
Users assigned to this point of sale |
|||
</div> |
|||
<div class="content-group"> |
|||
<div class="row mt16" title="Restrict some users to only access their assigned points of sale. In order to apply the restriction, the user needs the 'User: Assigned POS Only' group"> |
|||
<label for="assigned_user_ids" class="col-lg-3 o_light_label" /> |
|||
<field name="assigned_user_ids" widget="many2many_tags" options="{'no_create': True}"/> |
|||
</div> |
|||
</div> |
|||
</div> |
|||
</div> |
|||
</div> |
|||
</xpath> |
|||
</field> |
|||
</record> |
|||
</odoo> |
@ -0,0 +1 @@ |
|||
../../../../pos_user_restriction |
@ -0,0 +1,6 @@ |
|||
import setuptools |
|||
|
|||
setuptools.setup( |
|||
setup_requires=['setuptools-odoo'], |
|||
odoo_addon=True, |
|||
) |
Write
Preview
Loading…
Cancel
Save
Reference in new issue