Browse Source

[ADD] 8.0 - New module 'base_user_role' to manage user roles efficiently (#608)

* [ADD] New module 'base_user_role'

* [FIX] base_user_role - Review

* [FIX] base_user_role - Review s/is_active/is_enabled/

* [FIX] base_user_role - Review s/is_active/is_enabled/

* [IMP] base_user_role - Translations updated (template + FR)

* [FIX] base_user_role - Lint
pull/664/head
Sébastien Alix 8 years ago
committed by Dave Lasley
parent
commit
7a272ae71d
  1. 82
      base_user_role/README.rst
  2. 3
      base_user_role/__init__.py
  3. 24
      base_user_role/__openerp__.py
  4. 20
      base_user_role/data/ir_cron.xml
  5. 189
      base_user_role/i18n/base_user_role.pot
  6. 189
      base_user_role/i18n/fr.po
  7. 25
      base_user_role/migrations/8.0.1.1.0/post-migration.py
  8. 4
      base_user_role/models/__init__.py
  9. 83
      base_user_role/models/role.py
  10. 54
      base_user_role/models/user.py
  11. 3
      base_user_role/security/ir.model.access.csv
  12. BIN
      base_user_role/static/description/icon.png
  13. BIN
      base_user_role/static/description/role_groups.png
  14. BIN
      base_user_role/static/description/role_users.png
  15. BIN
      base_user_role/static/description/roles.png
  16. 3
      base_user_role/tests/__init__.py
  17. 107
      base_user_role/tests/test_user_role.py
  18. 73
      base_user_role/views/role.xml
  19. 39
      base_user_role/views/user.xml

82
base_user_role/README.rst

@ -0,0 +1,82 @@
.. image:: https://img.shields.io/badge/licence-AGPL--3-blue.svg
:target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
:alt: License: AGPL-3
==========
User roles
==========
This module was written to extend the standard functionality regarding users
and groups management.
It helps creating well-defined user roles and associating them to users.
It can become very hard to maintain a large number of user profiles over time,
juggling with many technical groups. For this purpose, this module will help
you to:
* define functional roles by aggregating low-level groups,
* set user accounts with the predefined roles (roles are cumulative),
* update groups of all relevant user accounts (all at once),
* ensure that user accounts will have the groups defined in their roles
(nothing more, nothing less). In other words, you can not set groups
manually on a user as long as there is roles configured on it,
* activate/deactivate roles depending on the date (useful to plan holidays, etc)
* get a quick overview of roles and the related user accounts.
That way you make clear the different responsabilities within a company, and
are able to add and update user accounts in a scalable and reliable way.
Configuration
=============
To configure this module, you need to go to *Configuration / Users / Roles*,
and create a new role. From there, you can add groups to compose your role,
and then associate users to it.
Roles:
.. image:: /base_user_role/static/description/roles.png
Add groups:
.. image:: /base_user_role/static/description/role_groups.png
Add users (with dates or not):
.. image:: /base_user_role/static/description/role_users.png
Bug Tracker
===========
Bugs are tracked on `GitHub Issues
<https://github.com/OCA/server-tools/issues>`_. In case of trouble, please
check there if your issue has already been reported. If you spotted it first,
help us smashing it by providing a detailed and welcomed feedback.
Credits
=======
Images
------
* Oxygen Team: `Icon <http://www.iconarchive.com/show/oxygen-icons-by-oxygen-icons.org/Actions-user-group-new-icon.html>`_ (LGPL)
Contributors
------------
* Sébastien Alix <sebastien.alix@osiell.com>
Maintainer
----------
.. image:: https://odoo-community.org/logo.png
:alt: Odoo Community Association
:target: https://odoo-community.org
This module is maintained by the OCA.
OCA, or the Odoo Community Association, is a nonprofit organization whose
mission is to support the collaborative development of Odoo features and
promote its widespread use.
To contribute to this module, please visit https://odoo-community.org.

3
base_user_role/__init__.py

@ -0,0 +1,3 @@
# -*- coding: utf-8 -*-
from . import models

24
base_user_role/__openerp__.py

@ -0,0 +1,24 @@
# -*- coding: utf-8 -*-
# Copyright 2014 ABF OSIELL <http://osiell.com>
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
{
'name': 'User roles',
'version': '8.0.1.1.0',
'category': 'Tools',
'author': 'ABF OSIELL, Odoo Community Association (OCA)',
'license': 'AGPL-3',
'maintainer': 'ABF OSIELL',
'website': 'http://www.osiell.com',
'depends': [
'base',
],
'data': [
'security/ir.model.access.csv',
'data/ir_cron.xml',
'views/role.xml',
'views/user.xml',
],
'installable': True,
'auto_install': False,
}

20
base_user_role/data/ir_cron.xml

@ -0,0 +1,20 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright 2016 ABF OSIELL <http://osiell.com>
License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). -->
<openerp>
<data noupdate="1">
<record model="ir.cron" id="cron_update_users">
<field name='name'>Update user roles</field>
<field name='interval_number'>3</field>
<field name='interval_type'>hours</field>
<field name="numbercall">-1</field>
<field name="active">True</field>
<field name="doall" eval="False" />
<field name="model">res.users.role</field>
<field name="function">cron_update_users</field>
<field name="args">()</field>
</record>
</data>
</openerp>

189
base_user_role/i18n/base_user_role.pot

@ -0,0 +1,189 @@
# Translation of Odoo Server.
# This file contains the translation of the following modules:
# * base_user_role
#
msgid ""
msgstr ""
"Project-Id-Version: Odoo Server 8.0\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2016-11-18 11:58+0000\n"
"PO-Revision-Date: 2016-11-18 11:58+0000\n"
"Last-Translator: <>\n"
"Language-Team: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: \n"
"Plural-Forms: \n"
#. module: base_user_role
#: field:res.users.role,model_access:0
msgid "Access Controls"
msgstr ""
#. module: base_user_role
#: field:res.users.role,menu_access:0
msgid "Access Menu"
msgstr ""
#. module: base_user_role
#: field:res.users.role.line,is_enabled:0
msgid "Enabled"
msgstr ""
#. module: base_user_role
#: field:res.users.role,category_id:0
msgid "Application"
msgstr ""
#. module: base_user_role
#: field:res.users.role,group_id:0
msgid "Associated group"
msgstr ""
#. module: base_user_role
#: field:res.users.role,comment:0
msgid "Comment"
msgstr ""
#. module: base_user_role
#: field:res.users.role,create_uid:0
#: field:res.users.role.line,create_uid:0
msgid "Created by"
msgstr ""
#. module: base_user_role
#: field:res.users.role,create_date:0
#: field:res.users.role.line,create_date:0
msgid "Created on"
msgstr ""
#. module: base_user_role
#: field:res.users.role,display_name:0
#: field:res.users.role.line,display_name:0
msgid "Display Name"
msgstr ""
#. module: base_user_role
#: field:res.users.role.line,date_from:0
msgid "From"
msgstr ""
#. module: base_user_role
#: field:res.users.role,full_name:0
msgid "Group Name"
msgstr ""
#. module: base_user_role
#: view:res.users.role:base_user_role.view_res_users_role_form
msgid "Groups"
msgstr ""
#. module: base_user_role
#: field:res.users.role,id:0
#: field:res.users.role.line,id:0
msgid "ID"
msgstr ""
#. module: base_user_role
#: field:res.users.role,implied_ids:0
msgid "Inherits"
msgstr ""
#. module: base_user_role
#: field:res.users.role,__last_update:0
#: field:res.users.role.line,__last_update:0
msgid "Last Modified on"
msgstr ""
#. module: base_user_role
#: field:res.users.role,write_uid:0
#: field:res.users.role.line,write_uid:0
msgid "Last Updated by"
msgstr ""
#. module: base_user_role
#: field:res.users.role,write_date:0
#: field:res.users.role.line,write_date:0
msgid "Last Updated on"
msgstr ""
#. module: base_user_role
#: field:res.users.role,name:0
msgid "Name"
msgstr ""
#. module: base_user_role
#: view:res.users.role:base_user_role.view_res_users_role_form
#: view:res.users.role:base_user_role.view_res_users_role_tree
#: field:res.users.role.line,role_id:0
msgid "Role"
msgstr ""
#. module: base_user_role
#: field:res.users,role_line_ids:0
msgid "Role lines"
msgstr ""
#. module: base_user_role
#: model:ir.actions.act_window,name:base_user_role.action_res_users_role_tree
#: model:ir.ui.menu,name:base_user_role.menu_action_res_users_role_tree
#: view:res.users:base_user_role.view_res_users_form_inherit
#: field:res.users,role_ids:0
#: view:res.users.role:base_user_role.view_res_users_role_search
msgid "Roles"
msgstr ""
#. module: base_user_role
#: field:res.users.role,rule_groups:0
msgid "Rules"
msgstr ""
#. module: base_user_role
#: field:res.users,scoring:0
msgid "Scoring (%)"
msgstr ""
#. module: base_user_role
#: field:res.users.role.line,date_to:0
msgid "To"
msgstr ""
#. module: base_user_role
#: field:res.users.role,trans_implied_ids:0
msgid "Transitively inherits"
msgstr ""
#. module: base_user_role
#: field:res.users.role.line,user_id:0
msgid "User"
msgstr ""
#. module: base_user_role
#: model:ir.model,name:base_user_role.model_res_users_role
msgid "User role"
msgstr ""
#. module: base_user_role
#: model:ir.model,name:base_user_role.model_res_users
#: view:res.users.role:base_user_role.view_res_users_role_form
#: field:res.users.role,line_ids:0
#: field:res.users.role,user_ids:0
#: field:res.users.role,users:0
msgid "Users"
msgstr ""
#. module: base_user_role
#: model:ir.model,name:base_user_role.model_res_users_role_line
msgid "Users associated to a role"
msgstr ""
#. module: base_user_role
#: help:res.users.role,implied_ids:0
msgid "Users of this group automatically inherit those groups"
msgstr ""
#. module: base_user_role
#: field:res.users.role,view_access:0
msgid "Views"
msgstr ""

189
base_user_role/i18n/fr.po

@ -0,0 +1,189 @@
# Translation of Odoo Server.
# This file contains the translation of the following modules:
# * base_user_role
#
msgid ""
msgstr ""
"Project-Id-Version: Odoo Server 8.0\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2016-11-18 12:03+0000\n"
"PO-Revision-Date: 2016-11-18 12:03+0000\n"
"Last-Translator: <>\n"
"Language-Team: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: \n"
"Plural-Forms: \n"
#. module: base_user_role
#: field:res.users.role,model_access:0
msgid "Access Controls"
msgstr "Access Controls"
#. module: base_user_role
#: field:res.users.role,menu_access:0
msgid "Access Menu"
msgstr "Access Menu"
#. module: base_user_role
#: field:res.users.role.line,is_enabled:0
msgid "Enabled"
msgstr "Activé"
#. module: base_user_role
#: field:res.users.role,category_id:0
msgid "Application"
msgstr "Application"
#. module: base_user_role
#: field:res.users.role,group_id:0
msgid "Associated group"
msgstr "Groupe associé"
#. module: base_user_role
#: field:res.users.role,comment:0
msgid "Comment"
msgstr "Comment"
#. module: base_user_role
#: field:res.users.role,create_uid:0
#: field:res.users.role.line,create_uid:0
msgid "Created by"
msgstr "Created by"
#. module: base_user_role
#: field:res.users.role,create_date:0
#: field:res.users.role.line,create_date:0
msgid "Created on"
msgstr "Created on"
#. module: base_user_role
#: field:res.users.role,display_name:0
#: field:res.users.role.line,display_name:0
msgid "Display Name"
msgstr "Display Name"
#. module: base_user_role
#: field:res.users.role.line,date_from:0
msgid "From"
msgstr "À partir du"
#. module: base_user_role
#: field:res.users.role,full_name:0
msgid "Group Name"
msgstr "Group Name"
#. module: base_user_role
#: view:res.users.role:base_user_role.view_res_users_role_form
msgid "Groups"
msgstr "Groupes"
#. module: base_user_role
#: field:res.users.role,id:0
#: field:res.users.role.line,id:0
msgid "ID"
msgstr "ID"
#. module: base_user_role
#: field:res.users.role,implied_ids:0
msgid "Inherits"
msgstr "Inherits"
#. module: base_user_role
#: field:res.users.role,__last_update:0
#: field:res.users.role.line,__last_update:0
msgid "Last Modified on"
msgstr "Last Modified on"
#. module: base_user_role
#: field:res.users.role,write_uid:0
#: field:res.users.role.line,write_uid:0
msgid "Last Updated by"
msgstr "Last Updated by"
#. module: base_user_role
#: field:res.users.role,write_date:0
#: field:res.users.role.line,write_date:0
msgid "Last Updated on"
msgstr "Last Updated on"
#. module: base_user_role
#: field:res.users.role,name:0
msgid "Name"
msgstr "Nom"
#. module: base_user_role
#: view:res.users.role:base_user_role.view_res_users_role_form
#: view:res.users.role:base_user_role.view_res_users_role_tree
#: field:res.users.role.line,role_id:0
msgid "Role"
msgstr "Rôle"
#. module: base_user_role
#: field:res.users,role_line_ids:0
msgid "Role lines"
msgstr "Role lines"
#. module: base_user_role
#: model:ir.actions.act_window,name:base_user_role.action_res_users_role_tree
#: model:ir.ui.menu,name:base_user_role.menu_action_res_users_role_tree
#: view:res.users:base_user_role.view_res_users_form_inherit
#: field:res.users,role_ids:0
#: view:res.users.role:base_user_role.view_res_users_role_search
msgid "Roles"
msgstr "Rôles"
#. module: base_user_role
#: field:res.users.role,rule_groups:0
msgid "Rules"
msgstr "Rules"
#. module: base_user_role
#: field:res.users,scoring:0
msgid "Scoring (%)"
msgstr "Scoring (%)"
#. module: base_user_role
#: field:res.users.role.line,date_to:0
msgid "To"
msgstr "Jusqu'au"
#. module: base_user_role
#: field:res.users.role,trans_implied_ids:0
msgid "Transitively inherits"
msgstr "Transitively inherits"
#. module: base_user_role
#: field:res.users.role.line,user_id:0
msgid "User"
msgstr "Utilisateur"
#. module: base_user_role
#: model:ir.model,name:base_user_role.model_res_users_role
msgid "User role"
msgstr "Rôle utilisateur"
#. module: base_user_role
#: model:ir.model,name:base_user_role.model_res_users
#: view:res.users.role:base_user_role.view_res_users_role_form
#: field:res.users.role,line_ids:0
#: field:res.users.role,user_ids:0
#: field:res.users.role,users:0
msgid "Users"
msgstr "Utilisateurs"
#. module: base_user_role
#: model:ir.model,name:base_user_role.model_res_users_role_line
msgid "Users associated to a role"
msgstr "Utilisateurs associés à un rôle"
#. module: base_user_role
#: help:res.users.role,implied_ids:0
msgid "Users of this group automatically inherit those groups"
msgstr "Users of this group automatically inherit those groups"
#. module: base_user_role
#: field:res.users.role,view_access:0
msgid "Views"
msgstr "Views"

25
base_user_role/migrations/8.0.1.1.0/post-migration.py

@ -0,0 +1,25 @@
# -*- coding: utf-8 -*-
# Copyright 2016 ABF OSIELL <http://osiell.com>
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
from openerp import api, SUPERUSER_ID
def migrate_res_users_role(env):
"""Migrate user roles database schema.
('res_users_role_user_rel' many2many table to 'res.users.role.line' model.
"""
role_line_model = env['res.users.role.line']
query = "SELECT role_id, user_id FROM res_users_role_user_rel;"
env.cr.execute(query)
rows = env.cr.fetchall()
for row in rows:
vals = {
'role_id': row[0],
'user_id': row[1],
}
role_line_model.create(vals)
def migrate(cr, version):
env = api.Environment(cr, SUPERUSER_ID, {})
migrate_res_users_role(env)

4
base_user_role/models/__init__.py

@ -0,0 +1,4 @@
# -*- coding: utf-8 -*-
from . import role
from . import user

83
base_user_role/models/role.py

@ -0,0 +1,83 @@
# -*- coding: utf-8 -*-
# Copyright 2014 ABF OSIELL <http://osiell.com>
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
import datetime
import logging
from openerp import api, fields, models
_logger = logging.getLogger(__name__)
class ResUsersRole(models.Model):
_name = 'res.users.role'
_inherits = {'res.groups': 'group_id'}
_description = "User role"
group_id = fields.Many2one(
'res.groups', required=True, ondelete='cascade',
readonly=True, string=u"Associated group")
line_ids = fields.One2many(
'res.users.role.line', 'role_id', string=u"Users")
user_ids = fields.One2many(
'res.users', string=u"Users", compute='_compute_user_ids')
@api.multi
@api.depends('line_ids.user_id')
def _compute_user_ids(self):
for role in self:
role.user_ids = role.line_ids.mapped('user_id')
@api.model
def create(self, vals):
new_record = super(ResUsersRole, self).create(vals)
new_record.update_users()
return new_record
@api.multi
def write(self, vals):
res = super(ResUsersRole, self).write(vals)
self.update_users()
return res
@api.multi
def update_users(self):
"""Update all the users concerned by the roles identified by `ids`."""
users = self.mapped('user_ids')
users.set_groups_from_roles()
return True
@api.model
def cron_update_users(self):
logging.info(u"Update user roles")
self.search([]).update_users()
class ResUsersRoleLine(models.Model):
_name = 'res.users.role.line'
_description = 'Users associated to a role'
role_id = fields.Many2one(
'res.users.role', string=u"Role", ondelete='cascade')
user_id = fields.Many2one(
'res.users', string=u"User")
date_from = fields.Date(u"From")
date_to = fields.Date(u"To")
is_enabled = fields.Boolean(u"Enabled", compute='_compute_is_enabled')
@api.multi
@api.depends('date_from', 'date_to')
def _compute_is_enabled(self):
today = datetime.date.today()
for role_line in self:
role_line.is_enabled = True
if role_line.date_from:
date_from = fields.Date.from_string(role_line.date_from)
if date_from > today:
role_line.is_enabled = False
if role_line.date_to:
date_to = fields.Date.from_string(role_line.date_to)
if today > date_to:
role_line.is_enabled = False

54
base_user_role/models/user.py

@ -0,0 +1,54 @@
# -*- coding: utf-8 -*-
# Copyright 2014 ABF OSIELL <http://osiell.com>
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
from openerp import api, fields, models
class ResUsers(models.Model):
_inherit = 'res.users'
role_line_ids = fields.One2many(
'res.users.role.line', 'user_id', string=u"Role lines")
role_ids = fields.One2many(
'res.users.role', string=u"Roles", compute='_compute_role_ids')
@api.multi
@api.depends('role_line_ids.role_id')
def _compute_role_ids(self):
for user in self:
user.role_ids = user.role_line_ids.mapped('role_id')
@api.model
def create(self, vals):
new_record = super(ResUsers, self).create(vals)
new_record.set_groups_from_roles()
return new_record
@api.multi
def write(self, vals):
res = super(ResUsers, self).write(vals)
self.sudo().set_groups_from_roles()
return res
@api.multi
def set_groups_from_roles(self):
"""Set (replace) the groups following the roles defined on users.
If no role is defined on the user, its groups are let untouched.
"""
for user in self:
if not user.role_line_ids:
continue
group_ids = []
role_lines = user.role_line_ids.filtered(
lambda rec: rec.is_enabled)
for role_line in role_lines:
role = role_line.role_id
group_ids.append(role.group_id.id)
group_ids.extend(role.implied_ids.ids)
group_ids = list(set(group_ids)) # Remove duplicates IDs
vals = {
'groups_id': [(6, 0, group_ids)],
}
super(ResUsers, user).write(vals)
return True

3
base_user_role/security/ir.model.access.csv

@ -0,0 +1,3 @@
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
access_res_users_role,access_res_users_role,model_res_users_role,"base.group_erp_manager",1,1,1,1
access_res_users_role_line,access_res_users_role_line,model_res_users_role_line,"base.group_erp_manager",1,1,1,1

BIN
base_user_role/static/description/icon.png

After

Width: 128  |  Height: 128  |  Size: 18 KiB

BIN
base_user_role/static/description/role_groups.png

After

Width: 651  |  Height: 333  |  Size: 12 KiB

BIN
base_user_role/static/description/role_users.png

After

Width: 651  |  Height: 332  |  Size: 12 KiB

BIN
base_user_role/static/description/roles.png

After

Width: 682  |  Height: 234  |  Size: 20 KiB

3
base_user_role/tests/__init__.py

@ -0,0 +1,3 @@
# -*- coding: utf-8 -*-
from . import test_user_role

107
base_user_role/tests/test_user_role.py

@ -0,0 +1,107 @@
# -*- coding: utf-8 -*-
# Copyright 2014 ABF OSIELL <http://osiell.com>
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
import datetime
from openerp.tools import DEFAULT_SERVER_DATE_FORMAT
from openerp.tests.common import TransactionCase
class TestUserRole(TransactionCase):
def setUp(self):
super(TestUserRole, self).setUp()
self.imd_model = self.registry('ir.model.data')
self.user_model = self.registry('res.users')
self.role_model = self.registry('res.users.role')
self.user_id = self.user_model.create(
self.cr, self.uid,
{'name': u"USER TEST (ROLES)", 'login': 'user_test_roles'})
# ROLE_1
self.group_user_id = self.imd_model.get_object_reference(
self.cr, self.uid, 'base', 'group_user')[1]
self.group_no_one_id = self.imd_model.get_object_reference(
self.cr, self.uid, 'base', 'group_no_one')[1]
vals = {
'name': u"ROLE_1",
'implied_ids': [6, 0, [self.group_user_id, self.group_no_one_id]],
}
self.role1_id = self.role_model.create(self.cr, self.uid, vals)
# ROLE_2
self.group_multi_currency_id = self.imd_model.get_object_reference(
self.cr, self.uid, 'base', 'group_multi_currency')[1]
self.group_sale_manager_id = self.imd_model.get_object_reference(
self.cr, self.uid, 'base', 'group_sale_manager')[1]
vals = {
'name': u"ROLE_2",
'implied_ids': [6, 0, [self.group_multi_currency_id,
self.group_sale_manager_id]],
}
self.role2_id = self.role_model.create(self.cr, self.uid, vals)
def test_role_1(self):
role1 = self.role_model.browse(self.cr, self.uid, self.role1_id)
self.user_model.write(
self.cr, self.uid, [self.user_id],
{'role_line_ids': [(0, 0, {'role_id': self.role1_id})]})
user = self.user_model.browse(self.cr, self.uid, self.user_id)
user_group_ids = sorted(set([group.id for group in user.groups_id]))
role_group_ids = role1.implied_ids.ids
role_group_ids.append(role1.group_id.id)
role_group_ids = sorted(set(role_group_ids))
self.assertEqual(user_group_ids, role_group_ids)
def test_role_2(self):
role2 = self.role_model.browse(self.cr, self.uid, self.role2_id)
self.user_model.write(
self.cr, self.uid, [self.user_id],
{'role_line_ids': [(0, 0, {'role_id': self.role2_id})]})
user = self.user_model.browse(self.cr, self.uid, self.user_id)
user_group_ids = sorted(set([group.id for group in user.groups_id]))
role_group_ids = role2.implied_ids.ids
role_group_ids.append(role2.group_id.id)
role_group_ids = sorted(set(role_group_ids))
self.assertEqual(user_group_ids, role_group_ids)
def test_role_1_2(self):
role1 = self.role_model.browse(self.cr, self.uid, self.role1_id)
role2 = self.role_model.browse(self.cr, self.uid, self.role2_id)
self.user_model.write(
self.cr, self.uid, [self.user_id],
{'role_line_ids': [
(0, 0, {'role_id': self.role1_id}),
(0, 0, {'role_id': self.role2_id}),
]})
user = self.user_model.browse(self.cr, self.uid, self.user_id)
user_group_ids = sorted(set([group.id for group in user.groups_id]))
role1_group_ids = role1.implied_ids.ids
role1_group_ids.append(role1.group_id.id)
role2_group_ids = role2.implied_ids.ids
role2_group_ids.append(role2.group_id.id)
role_group_ids = sorted(set(role1_group_ids + role2_group_ids))
self.assertEqual(user_group_ids, role_group_ids)
def test_role_1_2_with_dates(self):
role1 = self.role_model.browse(self.cr, self.uid, self.role1_id)
today = datetime.date.today()
today_str = today.strftime(DEFAULT_SERVER_DATE_FORMAT)
yesterday = today - datetime.timedelta(days=1)
yesterday_str = yesterday.strftime(DEFAULT_SERVER_DATE_FORMAT)
self.user_model.write(
self.cr, self.uid, [self.user_id],
{'role_line_ids': [
# Role 1 should be enabled
(0, 0, {'role_id': self.role1_id, 'date_from': today_str}),
# Role 2 should be disabled
(0, 0, {'role_id': self.role2_id, 'date_to': yesterday_str}),
]})
user = self.user_model.browse(self.cr, self.uid, self.user_id)
user_group_ids = sorted(set([group.id for group in user.groups_id]))
role1_group_ids = role1.implied_ids.ids
role1_group_ids.append(role1.group_id.id)
role_group_ids = sorted(set(role1_group_ids))
self.assertEqual(user_group_ids, role_group_ids)

73
base_user_role/views/role.xml

@ -0,0 +1,73 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright 2014 ABF OSIELL <http://osiell.com>
License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). -->
<openerp>
<data>
<record id="view_res_users_role_form" model="ir.ui.view">
<field name="name">res.users.role.form</field>
<field name="model">res.users.role</field>
<field name="arch" type="xml">
<form string="Role" version="7.0">
<sheet>
<group>
<field name="name"/>
<field name="group_id" required="0" readonly="1"/>
</group>
<notebook>
<page string="Groups">
<field name="implied_ids" nolabel="1"/>
</page>
<page string="Users">
<field name="line_ids" nolabel="1">
<tree editable="bottom" colors="grey: not is_enabled;">
<field name="user_id"/>
<field name="date_from"/>
<field name="date_to"/>
<field name="is_enabled"/>
</tree>
</field>
</page>
</notebook>
</sheet>
</form>
</field>
</record>
<record id="view_res_users_role_tree" model="ir.ui.view">
<field name="name">res.users.role.tree</field>
<field name="model">res.users.role</field>
<field name="arch" type="xml">
<tree string="Role">
<field name="name"/>
<field name="user_ids"/>
</tree>
</field>
</record>
<record id="view_res_users_role_search" model="ir.ui.view">
<field name="name">res.users.role.search</field>
<field name="model">res.users.role</field>
<field name="arch" type="xml">
<search string="Roles">
<field name="name"/>
<field name="user_ids"/>
<field name="implied_ids"/>
</search>
</field>
</record>
<record model="ir.actions.act_window" id="action_res_users_role_tree">
<field name="name">Roles</field>
<field name="type">ir.actions.act_window</field>
<field name="res_model">res.users.role</field>
<field name="view_type">form</field>
<field name="view_id" ref="view_res_users_role_tree"/>
</record>
<menuitem id="menu_action_res_users_role_tree"
parent="base.menu_users"
action="action_res_users_role_tree"/>
</data>
</openerp>

39
base_user_role/views/user.xml

@ -0,0 +1,39 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright 2014 ABF OSIELL <http://osiell.com>
License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). -->
<openerp>
<data>
<record id="view_res_users_form_inherit" model="ir.ui.view">
<field name="name">res.users.form.inherit</field>
<field name="model">res.users</field>
<field name="inherit_id" ref="base.view_users_form"/>
<field name="arch" type="xml">
<notebook position="inside">
<page string="Roles">
<field name="role_line_ids" nolabel="1">
<tree editable="bottom" colors="grey: not is_enabled;">
<field name="role_id"/>
<field name="date_from"/>
<field name="date_to"/>
<field name="is_enabled"/>
</tree>
</field>
</page>
</notebook>
</field>
</record>
<record id="view_res_users_search_inherit" model="ir.ui.view">
<field name="name">res.users.search.inherit</field>
<field name="model">res.users</field>
<field name="inherit_id" ref="base.view_users_search"/>
<field name="arch" type="xml">
<field name="company_ids" position="after">
<field name="role_ids"/>
</field>
</field>
</record>
</data>
</openerp>
Loading…
Cancel
Save