[FIX] As an ERP manager, allow to reset users' passwords

7 years ago · 7351c764d7
3 changed files with 22 additions and 2 deletions
--- a/password_security/manifest.py
+++ b/password_security/manifest.py
@ -5,7 +5,7 @@

    'name': 'Password Security',
    "summary": "Allow admin to set password security requirements.",
-    'version': '10.0.1.0.2',
+    'version': '10.0.1.1.0',
    'author': "LasLabs, Odoo Community Association (OCA)",
    'category': 'Base',
    'depends': [
--- a/password_security/security/res_users_pass_history.xml
+++ b/password_security/security/res_users_pass_history.xml
@ -16,4 +16,11 @@
        ]</field>
    </record>

+    <record id="res_users_pass_history_rule_manager" model="ir.rule">
+        <field name="name">Res Users Pass History Access/Managers</field>
+        <field name="model_id" ref="password_security.model_res_users_pass_history"/>
+        <field name="groups" eval="[(4, ref('base.group_erp_manager'))]"/>
+        <field name="domain_force">[(1, '=', 1)]</field>
+    </record>
+
 </odoo>
--- a/password_security/tests/test_res_users.py
+++ b/password_security/tests/test_res_users.py
@ -13,6 +13,20 @@ class TestResUsers(TransactionCase):

    def setUp(self):
        super(TestResUsers, self).setUp()
+        self.main_comp = self.env.ref('base.main_company')
+        # Modify users as privileged, but non-root user
+        privileged_user = self.env['res.users'].create({
+            'name': 'Privileged User',
+            'login': 'privileged_user@example.com',
+            'company_id': self.main_comp.id,
+            'groups_id': [
+                (4, self.env.ref('base.group_erp_manager').id),
+                (4, self.env.ref('base.group_partner_manager').id),
+                (4, self.env.ref('base.group_user').id),
+            ],
+        })
+        privileged_user.email = privileged_user.login
+        self.env = self.env(user=privileged_user)
        self.login = 'foslabs@example.com'
        self.partner_vals = {
            'name': 'Partner',
@ -20,7 +34,6 @@ class TestResUsers(TransactionCase):
            'email': self.login,
        }
        self.password = 'asdQWE123$%^'
-        self.main_comp = self.env.ref('base.main_company')
        self.vals = {
            'name': 'User',
            'login': self.login,