Browse Source

[REF] Server Environment: restrict access to server config to allowed users

New security group restricting access to server config
Admin is part of the group by default
pull/1404/head
Thomas Binsfeld 6 years ago
committed by Yannick Vaucher
parent
commit
5abd907f69
  1. 1
      server_environment/__manifest__.py
  2. 10
      server_environment/security/res_groups.xml
  3. 5
      server_environment/serv_config.py

1
server_environment/__manifest__.py

@ -29,6 +29,7 @@
"license": "GPL-3 or any later version",
"category": "Tools",
"data": [
'security/res_groups.xml',
'serv_config.xml',
],
'installable': True,

10
server_environment/security/res_groups.xml

@ -0,0 +1,10 @@
<?xml version="1.0"?>
<odoo>
<record model="res.groups" id="has_server_configuration_access">
<field name="name">View Server Environment Configuration</field>
<field name="users" eval="[(4, ref('base.user_root'))]"/>
</record>
</odoo>

5
server_environment/serv_config.py

@ -246,6 +246,11 @@ class ServerConfiguration(models.TransientModel):
@api.model
def default_get(self, fields_list):
res = {}
current_user = self.pool['res.users'].browse(
cr, uid, uid, context=context)
if not current_user.has_group(
'server_environment.has_server_configuration_access'):
return res
for key in self._conf_defaults:
if 'passw' in key and not self.show_passwords:
res[key] = '**********'

Loading…
Cancel
Save