From 5abd907f69f56e208987557f941c6bd80ee135bb Mon Sep 17 00:00:00 2001 From: Thomas Binsfeld Date: Mon, 8 Oct 2018 11:45:13 +0200 Subject: [PATCH] [REF] Server Environment: restrict access to server config to allowed users New security group restricting access to server config Admin is part of the group by default --- server_environment/__manifest__.py | 1 + server_environment/security/res_groups.xml | 10 ++++++++++ server_environment/serv_config.py | 5 +++++ 3 files changed, 16 insertions(+) create mode 100644 server_environment/security/res_groups.xml diff --git a/server_environment/__manifest__.py b/server_environment/__manifest__.py index be8e177c0..c89508e00 100644 --- a/server_environment/__manifest__.py +++ b/server_environment/__manifest__.py @@ -29,6 +29,7 @@ "license": "GPL-3 or any later version", "category": "Tools", "data": [ + 'security/res_groups.xml', 'serv_config.xml', ], 'installable': True, diff --git a/server_environment/security/res_groups.xml b/server_environment/security/res_groups.xml new file mode 100644 index 000000000..1297fbf26 --- /dev/null +++ b/server_environment/security/res_groups.xml @@ -0,0 +1,10 @@ + + + + + + View Server Environment Configuration + + + + diff --git a/server_environment/serv_config.py b/server_environment/serv_config.py index ec49f995a..f9d1406d5 100644 --- a/server_environment/serv_config.py +++ b/server_environment/serv_config.py @@ -246,6 +246,11 @@ class ServerConfiguration(models.TransientModel): @api.model def default_get(self, fields_list): res = {} + current_user = self.pool['res.users'].browse( + cr, uid, uid, context=context) + if not current_user.has_group( + 'server_environment.has_server_configuration_access'): + return res for key in self._conf_defaults: if 'passw' in key and not self.show_passwords: res[key] = '**********'