Browse Source

[ADD] check if our user may access the cleanup

pull/469/head
Holger Brunn 9 years ago
parent
commit
027a758c34
No known key found for this signature in database GPG Key ID: 1C9760FECA3AE18
  1. 17
      database_cleanup/models/purge_wizard.py

17
database_cleanup/models/purge_wizard.py

@ -3,6 +3,7 @@
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
import logging
from openerp import _, api, fields, models
from openerp.exceptions import AccessDenied
class CleanupPurgeLine(models.AbstractModel):
@ -20,6 +21,14 @@ class CleanupPurgeLine(models.AbstractModel):
def purge(self):
raise NotImplementedError
@api.model
def create(self, values):
# make sure the user trying this is actually supposed to do it
if not self.env.ref('database_cleanup.menu_database_cleanup')\
.parent_id._filter_visible_menus():
raise AccessDenied
return super(CleanupPurgeLine, self).create(values)
class PurgeWizard(models.AbstractModel):
""" Abstract base class for the purge wizards """
@ -74,4 +83,12 @@ class PurgeWizard(models.AbstractModel):
for this in self
]
@api.model
def create(self, values):
# make sure the user trying this is actually supposed to do it
if not self.env.ref('database_cleanup.menu_database_cleanup')\
.parent_id._filter_visible_menus():
raise AccessDenied
return super(CleanupPurgeLine, self).create(values)
purge_line_ids = fields.One2many('cleanup.purge.line', 'wizard_id')
Loading…
Cancel
Save