Merge PR #1331 into 14.0

Signed-off-by pedrobaeza
2 years ago · 701f02f42d
7 changed files with 61 additions and 30 deletions
--- a/partner_category_security/init.py
+++ b/partner_category_security/init.py
@ -0,0 +1 @@
+from . import models
--- a/partner_category_security/manifest.py
+++ b/partner_category_security/manifest.py
@ -13,7 +13,6 @@
        "security/security.xml",
        "security/ir.model.access.csv",
        "views/menu.xml",
-        "views/res_partner_view.xml",
    ],
    "maintainers": ["victoralmau"],
 }
--- a/partner_category_security/models/init.py
+++ b/partner_category_security/models/init.py
@ -0,0 +1 @@
+from . import res_partner
--- a/partner_category_security/models/res_partner.py
+++ b/partner_category_security/models/res_partner.py
@ -0,0 +1,38 @@
+# Copyright 2022 Tecnativa - Jairo Llopis
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html).
+from lxml import etree
+
+from odoo import api, models
+
+from odoo.addons.base.models.ir_ui_view import (
+    transfer_modifiers_to_node,
+    transfer_node_to_modifiers,
+)
+
+
+class ResPartner(models.Model):
+    _inherit = "res.partner"
+
+    @api.model
+    def fields_view_get(
+        self, view_id=None, view_type="form", toolbar=False, submenu=False
+    ):
+        """We define the category_id field read-only if the user does not have
+        permissions."""
+        result = super().fields_view_get(view_id, view_type, toolbar, submenu)
+        category_group = "partner_category_security.group_partner_category_user"
+        if view_type == "form" and not self.env.user.has_group(category_group):
+            doc = etree.XML(result["arch"])
+            nodes = doc.xpath("//field[@name='category_id']")
+            if nodes:
+                nodes[0].set("readonly", "1")
+                nodes[0].set("force_save", "1")
+                modifiers = {}
+                transfer_node_to_modifiers(nodes[0], modifiers)
+                transfer_modifiers_to_node(modifiers, nodes[0])
+            xarch, xfields = self.env["ir.ui.view"].postprocess_and_fields(
+                doc, self._name
+            )
+            result["arch"] = xarch
+            result["fields"] = xfields
+        return result
--- a/partner_category_security/security/ir.model.access.csv
+++ b/partner_category_security/security/ir.model.access.csv
@ -1,4 +1,4 @@
 id,name,model_id/id,group_id/id,perm_read,perm_write,perm_create,perm_unlink
-access_res_partner_category_user,res_partner_category_user,base.model_res_partner_category,group_partner_category_user,1,1,0,0
+access_res_partner_category_user,res_partner_category_user,base.model_res_partner_category,group_partner_category_user,1,0,0,0
 access_res_partner_category_manager,res_partner_category_manager,base.model_res_partner_category,group_partner_category_manager,1,1,1,1
 base.access_res_partner_category_group_partner_manager,res_partner_category group_partner_manager,base.model_res_partner_category,base.group_partner_manager,1,0,0,0
--- a/partner_category_security/tests/test_partner_category_security.py
+++ b/partner_category_security/tests/test_partner_category_security.py
@ -1,5 +1,6 @@
 # Copyright 2022 Tecnativa - Víctor Martínez
 # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+from lxml import etree

 from odoo.tests import common, new_test_user

@ -22,6 +23,7 @@ class TestPartnerCategorySecurity(common.SavepointCase):
            login="Test partner category manager",
            groups="partner_category_security.group_partner_category_manager",
        )
+        cls.partner_model = cls.env["res.partner"]
        cls.partner_category_model = cls.env["res.partner.category"]

    def test_check_access_rights_basic_user(self):
@ -34,7 +36,7 @@ class TestPartnerCategorySecurity(common.SavepointCase):
    def test_check_access_rights_partner_category_user(self):
        model = self.partner_category_model.with_user(self.partner_category_user)
        self.assertTrue(model.check_access_rights("read", False))
-        self.assertTrue(model.check_access_rights("write", False))
+        self.assertFalse(model.check_access_rights("write", False))
        self.assertFalse(model.check_access_rights("create", False))
        self.assertFalse(model.check_access_rights("unlink", False))

@ -44,3 +46,20 @@ class TestPartnerCategorySecurity(common.SavepointCase):
        self.assertTrue(model.check_access_rights("write", False))
        self.assertTrue(model.check_access_rights("create", False))
        self.assertTrue(model.check_access_rights("unlink", False))
+
+    def test_partner_model_fields_view_get(self):
+        res = self.partner_model.with_user(self.basic_user).fields_view_get(
+            view_type="form"
+        )
+        node = etree.XML(res["arch"]).xpath("//field[@name='category_id']")[0]
+        self.assertTrue(res["fields"]["category_id"]["readonly"])
+        self.assertEqual(node.get("readonly"), "1")
+        self.assertEqual(node.get("force_save"), "1")
+        res = self.partner_model.with_user(self.partner_category_user).fields_view_get(
+            view_type="form"
+        )
+        self.assertFalse(res["fields"]["category_id"]["readonly"])
+        res = self.partner_model.with_user(
+            self.partner_category_manager
+        ).fields_view_get(view_type="form")
+        self.assertFalse(res["fields"]["category_id"]["readonly"])
--- a/partner_category_security/views/res_partner_view.xml
+++ b/partner_category_security/views/res_partner_view.xml
@ -1,27 +0,0 @@
-<odoo>
-    <record id="view_partner_form" model="ir.ui.view">
-        <field name="name">res.partner.form</field>
-        <field name="model">res.partner</field>
-        <field name="inherit_id" ref="base.view_partner_form" />
-        <field name="arch" type="xml">
-            <!-- The existing field will only be visible to users with Publisher group !-->
-            <field name="category_id" position="attributes">
-                <attribute
-                    name="groups"
-                >partner_category_security.group_partner_category_user</attribute>
-            </field>
-            <!-- Add the field again (read-only) to make it visible to other users !-->
-            <field name="category_id" position="after">
-                <field
-                    name="category_id"
-                    widget="many2many_tags"
-                    options="{'color_field': 'color'}"
-                    placeholder="Tags..."
-                    readonly="1"
-                    force_save="1"
-                    groups="!partner_category_security.group_partner_category_user"
-                />
-            </field>
-        </field>
-    </record>
-</odoo>