Browse Source

ADD pos_user_restriction

Restrict some users to only access their assigned points of sale
pull/514/head
eLBati 4 years ago
parent
commit
b10c849026
  1. 1
      pos_user_restriction/__init__.py
  2. 23
      pos_user_restriction/__manifest__.py
  3. 53
      pos_user_restriction/i18n/it.po
  4. 1
      pos_user_restriction/models/__init__.py
  5. 10
      pos_user_restriction/models/pos_config.py
  6. 3
      pos_user_restriction/readme/CONFIGURE.rst
  7. 1
      pos_user_restriction/readme/CONTRIBUTORS.rst
  8. 1
      pos_user_restriction/readme/DESCRIPTION.rst
  9. 24
      pos_user_restriction/security/ir.model.access.csv
  10. 52
      pos_user_restriction/security/pos_security.xml
  11. 1
      pos_user_restriction/tests/__init__.py
  12. 52
      pos_user_restriction/tests/test_pos_user_restriction.py
  13. 28
      pos_user_restriction/views/pos_config_views.xml
  14. 1
      setup/pos_user_restriction/odoo/addons/pos_user_restriction
  15. 6
      setup/pos_user_restriction/setup.py

1
pos_user_restriction/__init__.py

@ -0,0 +1 @@
from . import models

23
pos_user_restriction/__manifest__.py

@ -0,0 +1,23 @@
# Copyright 2020 Lorenzo Battistini @ TAKOBI
# License LGPL-3.0 or later (https://www.gnu.org/licenses/lgpl).
{
"name": "Point of Sale - Restrict users",
"summary": "Restrict some users to see and use only certain points of sale",
"version": "12.0.1.0.0",
"development_status": "Beta",
"category": "Point of Sale",
"website": "https://github.com/OCA/pos",
"author": "TAKOBI, Odoo Community Association (OCA)",
"maintainers": ["eLBati"],
"license": "LGPL-3",
"application": False,
"installable": True,
"depends": [
"point_of_sale",
],
"data": [
"security/pos_security.xml",
"views/pos_config_views.xml",
"security/ir.model.access.csv",
],
}

53
pos_user_restriction/i18n/it.po

@ -0,0 +1,53 @@
# Translation of Odoo Server.
# This file contains the translation of the following modules:
# * pos_user_restriction
#
msgid ""
msgstr ""
"Project-Id-Version: Odoo Server 12.0\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2020-07-07 04:49+0000\n"
"PO-Revision-Date: 2020-07-07 04:49+0000\n"
"Last-Translator: <>\n"
"Language-Team: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: \n"
"Plural-Forms: \n"
#. module: pos_user_restriction
#: model:ir.model.fields,field_description:pos_user_restriction.field_pos_config__assigned_user_ids
msgid "Assigned users"
msgstr "Utenti assegnati"
#. module: pos_user_restriction
#: model:ir.model,name:pos_user_restriction.model_pos_config
msgid "Point of Sale Configuration"
msgstr "Configurazione punto vendita"
#. module: pos_user_restriction
#: model:ir.model.fields,help:pos_user_restriction.field_pos_config__assigned_user_ids
#: model_terms:ir.ui.view,arch_db:pos_user_restriction.pos_config_view_form_users
msgid "Restrict some users to only access their assigned points of sale. In order to apply the restriction, the user needs the 'User: Assigned POS Only' group"
msgstr "Limitare alcuni utenti ad accedere solamente ai loro punti vendita assegnati. Per applicare la restrizione, l'utente necessita il gruppo 'Utente: solamente POS assegnati'"
#. module: pos_user_restriction
#: model:res.groups,comment:pos_user_restriction.group_assigned_points_of_sale_user
msgid "The user will have access to her assigned points of sale."
msgstr "L'utente avrà accesso ai propri punti vendita assegnati."
#. module: pos_user_restriction
#: model:res.groups,name:pos_user_restriction.group_assigned_points_of_sale_user
msgid "User: Assigned POS Only"
msgstr "Utente: solamente POS assegnati"
#. module: pos_user_restriction
#: model_terms:ir.ui.view,arch_db:pos_user_restriction.pos_config_view_form_users
msgid "Users"
msgstr "Utenti"
#. module: pos_user_restriction
#: model_terms:ir.ui.view,arch_db:pos_user_restriction.pos_config_view_form_users
msgid "Users assigned to this point of sale"
msgstr "Utenti assegnati a questo punto vendita"

1
pos_user_restriction/models/__init__.py

@ -0,0 +1 @@
from . import pos_config

10
pos_user_restriction/models/pos_config.py

@ -0,0 +1,10 @@
from odoo import models, fields
class PosConfig(models.Model):
_inherit = 'pos.config'
assigned_user_ids = fields.Many2many(
"res.users", string="Assigned users",
help="Restrict some users to only access their assigned points of sale. "
"In order to apply the restriction, the user needs the "
"'User: Assigned POS Only' group")

3
pos_user_restriction/readme/CONFIGURE.rst

@ -0,0 +1,3 @@
With a POS Manager, open a point of sale configration (pos.config) and set "Assigned users" field.
Then, assign "User: Assigned POS Only" group to users who should be able to access to their assigned points of sale only.

1
pos_user_restriction/readme/CONTRIBUTORS.rst

@ -0,0 +1 @@
* Lorenzo Battistini (https://takobi.online)

1
pos_user_restriction/readme/DESCRIPTION.rst

@ -0,0 +1 @@
Restrict some users to only access their assigned points of sale.

24
pos_user_restriction/security/ir.model.access.csv

@ -0,0 +1,24 @@
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
access_pos_order,pos.order,point_of_sale.model_pos_order,group_assigned_points_of_sale_user,1,1,1,1
access_pos_order_line,pos.order.line,point_of_sale.model_pos_order_line,group_assigned_points_of_sale_user,1,1,1,1
access_pos_pack_operation_lot,pos.pack.operation.lot,point_of_sale.model_pos_pack_operation_lot,group_assigned_points_of_sale_user,1,1,1,1
access_stock_picking_pos_user,stock.picking pos_user,stock.model_stock_picking,group_assigned_points_of_sale_user,1,1,1,1
access_stock_warehouse_pos_user,stock.warehouse pos_user,stock.model_stock_warehouse,group_assigned_points_of_sale_user,1,0,0,0
access_stock_move_pos_user,stock.move pos_user,stock.model_stock_move,group_assigned_points_of_sale_user,1,1,1,1
access_report_pos_order,report.pos.order,point_of_sale.model_report_pos_order,group_assigned_points_of_sale_user,1,1,1,1
access_account_journal_pos_user,account.journal pos_user,account.model_account_journal,group_assigned_points_of_sale_user,1,0,0,0
access_account_bank_statement,account.bank.statement,account.model_account_bank_statement,group_assigned_points_of_sale_user,1,1,1,0
access_account_bank_statement_line,account.bank.statement.line,account.model_account_bank_statement_line,group_assigned_points_of_sale_user,1,1,1,0
access_product_product,product.product,product.model_product_product,group_assigned_points_of_sale_user,1,0,0,0
access_product_template_pos_user,product.template pos user,product.model_product_template,group_assigned_points_of_sale_user,1,0,0,0
access_product_product_supplierinfo_user,product.supplierinfo user,product.model_product_supplierinfo,group_assigned_points_of_sale_user,1,0,0,0
access_product_product_packaging_user,product.packaging user,product.model_product_packaging,group_assigned_points_of_sale_user,1,0,0,0
access_product_pricelist_user,product.pricelist user,product.model_product_pricelist,group_assigned_points_of_sale_user,1,0,0,0
access_pos_session_user,pos.session user,point_of_sale.model_pos_session,group_assigned_points_of_sale_user,1,1,1,0
access_pos_config_user,pos.config user,point_of_sale.model_pos_config,group_assigned_points_of_sale_user,1,1,0,0
access_product_category_pos_user,pos.category user,point_of_sale.model_pos_category,group_assigned_points_of_sale_user,1,0,0,0
access_barcode_nomenclature_pos_user,barcode.nomenclature.pos.user,barcodes.model_barcode_nomenclature,group_assigned_points_of_sale_user,1,0,0,0
access_barcode_rule_pos_user,barcode.rule.pos.user,barcodes.model_barcode_rule,group_assigned_points_of_sale_user,1,0,0,0
access_bank_statement_cashbox_user,account.bank.statement.cashbox user,account.model_account_bank_statement_cashbox,group_assigned_points_of_sale_user,1,1,1,0
access_account_cashbox_line_user,account.cashbox.line user,account.model_account_cashbox_line,group_assigned_points_of_sale_user,1,1,1,0
access_account_cash_rounding_pos_user,account.cash.rounding.pos.user,account.model_account_cash_rounding,group_assigned_points_of_sale_user,1,0,0,0

52
pos_user_restriction/security/pos_security.xml

@ -0,0 +1,52 @@
<?xml version="1.0" encoding="utf-8"?>
<odoo>
<record id="group_assigned_points_of_sale_user" model="res.groups">
<field name="name">User: Assigned POS Only</field>
<field name="category_id" ref="base.module_category_point_of_sale"/>
<field name="comment">The user will have access to her assigned points of sale.</field>
</record>
<record id="point_of_sale.group_pos_user" model="res.groups">
<field name="implied_ids" eval="[(4, ref('group_assigned_points_of_sale_user'))]"/>
</record>
<data noupdate="1">
<record id="pos_config_assigned_users" model="ir.rule">
<field name="name">Assigned points of sale</field>
<field ref="point_of_sale.model_pos_config" name="model_id"/>
<field name="domain_force">['|',('assigned_user_ids','in',user.id),('assigned_user_ids','=',False)]</field>
<field name="groups" eval="[(4, ref('group_assigned_points_of_sale_user'))]"/>
</record>
<record id="pos_session_assigned_users" model="ir.rule">
<field name="name">Assigned POS sessions</field>
<field ref="point_of_sale.model_pos_session" name="model_id"/>
<field name="domain_force">['|',('config_id.assigned_user_ids','in',user.id),('config_id.assigned_user_ids','=',False)]</field>
<field name="groups" eval="[(4, ref('group_assigned_points_of_sale_user'))]"/>
</record>
<record id="pos_order_assigned_users" model="ir.rule">
<field name="name">Assigned POS orders</field>
<field ref="point_of_sale.model_pos_order" name="model_id"/>
<field name="domain_force">['|',('session_id.config_id.assigned_user_ids','in',user.id),('session_id.config_id.assigned_user_ids','=',False)]</field>
<field name="groups" eval="[(4, ref('group_assigned_points_of_sale_user'))]"/>
</record>
<record id="pos_config_see_all" model="ir.rule">
<field name="name">All points of sale</field>
<field ref="point_of_sale.model_pos_config" name="model_id"/>
<field name="domain_force">[(1,'=',1)]</field>
<field name="groups" eval="[(4, ref('point_of_sale.group_pos_user'))]"/>
</record>
<record id="pos_session_see_all" model="ir.rule">
<field name="name">All POS sessions</field>
<field ref="point_of_sale.model_pos_session" name="model_id"/>
<field name="domain_force">[(1,'=',1)]</field>
<field name="groups" eval="[(4, ref('point_of_sale.group_pos_user'))]"/>
</record>
<record id="pos_order_see_all" model="ir.rule">
<field name="name">All POS orders</field>
<field ref="point_of_sale.model_pos_order" name="model_id"/>
<field name="domain_force">[(1,'=',1)]</field>
<field name="groups" eval="[(4, ref('point_of_sale.group_pos_user'))]"/>
</record>
</data>
</odoo>

1
pos_user_restriction/tests/__init__.py

@ -0,0 +1 @@
from . import test_pos_user_restriction

52
pos_user_restriction/tests/test_pos_user_restriction.py

@ -0,0 +1,52 @@
from odoo.tests.common import SavepointCase
class TestUserRestriction(SavepointCase):
@classmethod
def setUpClass(cls):
super().setUpClass()
cls.env = cls.env(context=dict(
cls.env.context,
tracking_disable=True,
no_reset_password=True,
))
cls.pos_user = cls.env['res.users'].create({
'login': 'pos_user',
'name': 'pos_user',
'groups_id': [(6, 0, [cls.env.ref('point_of_sale.group_pos_user').id])]
})
cls.pos_user_assigned_pos = cls.env['res.users'].create({
'login': 'pos_user_assigned_pos',
'name': 'pos_user_assigned_pos',
'groups_id': [(6, 0, [cls.env.ref(
'pos_user_restriction.group_assigned_points_of_sale_user').id])]
})
cls.pos_config_main = cls.env.ref('point_of_sale.pos_config_main')
cls.pos_config_model = cls.env['pos.config']
def test_access_pos(self):
# assigned_user_ids is not set: both users can read
pos_configs = self.pos_config_model.sudo(self.pos_user.id).search([])
self.assertTrue(pos_configs)
pos_configs = self.pos_config_model.sudo(
self.pos_user_assigned_pos.id).search([])
self.assertTrue(pos_configs)
self.pos_config_main.assigned_user_ids = [
(6, 0, [self.pos_user_assigned_pos.id])]
# assigned_user_ids is set with pos_user_assigned_pos: both users can read
pos_configs = self.pos_config_model.sudo(self.pos_user.id).search([])
self.assertTrue(pos_configs)
pos_configs = self.pos_config_model.sudo(
self.pos_user_assigned_pos.id).search([])
self.assertTrue(pos_configs)
self.pos_config_main.assigned_user_ids = [
(6, 0, [self.pos_user.id])]
# assigned_user_ids is set with pos_user: only pos_user can read
pos_configs = self.pos_config_model.sudo(self.pos_user.id).search([])
self.assertTrue(pos_configs)
pos_configs = self.pos_config_model.sudo(
self.pos_user_assigned_pos.id).search([])
self.assertFalse(pos_configs)

28
pos_user_restriction/views/pos_config_views.xml

@ -0,0 +1,28 @@
<?xml version="1.0" encoding="utf-8"?>
<odoo>
<record id="pos_config_view_form_users" model="ir.ui.view">
<field name="name">pos_config_view_form_users</field>
<field name="model">pos.config</field>
<field name="inherit_id" ref="point_of_sale.pos_config_view_form"/>
<field name="arch" type="xml">
<xpath expr="//sheet/div[last()]" position="after">
<h2 groups="point_of_sale.group_pos_manager">Users</h2>
<div class="row mt16 o_settings_container" groups="point_of_sale.group_pos_manager">
<div class="col-12 col-lg-6 o_setting_box">
<div class="o_setting_right_pane">
<div class="text-muted">
Users assigned to this point of sale
</div>
<div class="content-group">
<div class="row mt16" title="Restrict some users to only access their assigned points of sale. In order to apply the restriction, the user needs the 'User: Assigned POS Only' group">
<label for="assigned_user_ids" class="col-lg-3 o_light_label" />
<field name="assigned_user_ids" widget="many2many_tags" options="{'no_create': True}"/>
</div>
</div>
</div>
</div>
</div>
</xpath>
</field>
</record>
</odoo>

1
setup/pos_user_restriction/odoo/addons/pos_user_restriction

@ -0,0 +1 @@
../../../../pos_user_restriction

6
setup/pos_user_restriction/setup.py

@ -0,0 +1,6 @@
import setuptools
setuptools.setup(
setup_requires=['setuptools-odoo'],
odoo_addon=True,
)
Loading…
Cancel
Save