You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

121 lines
4.3 KiB

  1. # -*- coding: utf-8 -*-
  2. # Copyright 2017 LasLabs Inc.
  3. # License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl.html).
  4. import os
  5. from csv import reader
  6. from lxml import etree
  7. from odoo import api, fields, models, _
  8. from odoo.exceptions import AccessError, ValidationError
  9. from .ir_config_parameter import THRESHOLD_HIDE, MAX_DB_USER_PARAM
  10. from .res_groups import THRESHOLD_MANAGER
  11. class ResUsers(models.Model):
  12. _inherit = 'res.users'
  13. threshold_exempt = fields.Boolean(
  14. 'Exempt User From User Count Thresholds',
  15. )
  16. @api.model_cr
  17. def _register_hook(self):
  18. """
  19. Override to check if env var to hide threshold configuration and
  20. reset the database state is set. If it is, run those actions
  21. """
  22. if THRESHOLD_HIDE:
  23. exempt_users_var = os.environ.get('USER_THRESHOLD_USER', '')
  24. exempt_users = reader([exempt_users_var])
  25. users = self.env['res.users'].search([
  26. ('share', '=', False),
  27. ('threshold_exempt', '=', True),
  28. ])
  29. non_ex = users.filtered(lambda r: r.login not in exempt_users)
  30. for user in non_ex:
  31. user.threshold_exempt = False
  32. def _check_thresholds(self):
  33. """
  34. Check to see if any user thresholds are met
  35. Returns:
  36. False when the thresholds aren't met and True when they are
  37. """
  38. domain = [
  39. ('threshold_exempt', '=', False),
  40. ('share', '=', False),
  41. ]
  42. users = self.env['res.users'].search(domain)
  43. max_db_users = int(self.env['ir.config_parameter'].get_param(
  44. MAX_DB_USER_PARAM
  45. ))
  46. if max_db_users > 0 and len(users) >= max_db_users:
  47. return True
  48. company = self.env.user.company_id
  49. company_users = users.filtered(lambda r: r.company_id.id == company.id)
  50. if company.max_users > 0 and len(company_users) >= company.max_users:
  51. return True
  52. return False
  53. @api.multi
  54. def copy(self, default=None):
  55. """
  56. Override method to make sure the Thresholds aren't met before
  57. creating a new user
  58. """
  59. if self._check_thresholds():
  60. raise ValidationError(_(
  61. 'Cannot add user - Maximum number of allowed users reached'
  62. ))
  63. return super(ResUsers, self).copy(default=default)
  64. @api.multi
  65. def create(self, vals):
  66. """
  67. Override method to make sure the Thresholds aren't met before
  68. creating a new user
  69. """
  70. if self._check_thresholds():
  71. raise ValidationError(_(
  72. 'Cannot add user - Maximum number of allowed users reached'
  73. ))
  74. return super(ResUsers, self).create(vals)
  75. @api.model
  76. def fields_view_get(self, view_id=None, view_type='form', toolbar=False,
  77. submenu=False):
  78. """ Hide Max User Field when the env var to hide the field is set """
  79. res = super(ResUsers, self).fields_view_get(
  80. view_id, view_type, toolbar, submenu
  81. )
  82. if THRESHOLD_HIDE:
  83. doc = etree.XML(res['arch'])
  84. for node in doc.xpath("//group[@name='user_threshold']"):
  85. node.getparent().remove(node)
  86. res['arch'] = etree.tostring(doc, pretty_print=True)
  87. return res
  88. @api.multi
  89. def write(self, vals):
  90. """
  91. Override write to verify that membership of the Threshold Manager
  92. group is not able to be set by users outside that group
  93. """
  94. thold_group = self.env.ref(THRESHOLD_MANAGER, raise_if_not_found=False)
  95. if thold_group:
  96. user_is_manager = self.env.user.has_group(THRESHOLD_MANAGER)
  97. if vals.get('threshold_exempt') and not user_is_manager:
  98. raise AccessError(_(
  99. 'You must be a member of the `User Threshold Manager`'
  100. ' group to grant threshold exemptions.'
  101. ))
  102. is_add_group = vals.get('in_group_%s' % thold_group.id)
  103. if is_add_group and not user_is_manager:
  104. raise AccessError(_(
  105. 'You must be a member of the `User Threshold Manager`'
  106. ' group to grant access to it.'
  107. ))
  108. return super(ResUsers, self).write(vals)