Browse Source
[ADD] 8.0 - New module 'base_user_role' to manage user roles efficiently (#608)
[ADD] 8.0 - New module 'base_user_role' to manage user roles efficiently (#608)
* [ADD] New module 'base_user_role' * [FIX] base_user_role - Review * [FIX] base_user_role - Review s/is_active/is_enabled/ * [FIX] base_user_role - Review s/is_active/is_enabled/ * [IMP] base_user_role - Translations updated (template + FR) * [FIX] base_user_role - Lintpull/664/head
Sébastien Alix
8 years ago
committed by
Dave Lasley
19 changed files with 898 additions and 0 deletions
-
82base_user_role/README.rst
-
3base_user_role/__init__.py
-
24base_user_role/__openerp__.py
-
20base_user_role/data/ir_cron.xml
-
189base_user_role/i18n/base_user_role.pot
-
189base_user_role/i18n/fr.po
-
25base_user_role/migrations/8.0.1.1.0/post-migration.py
-
4base_user_role/models/__init__.py
-
83base_user_role/models/role.py
-
54base_user_role/models/user.py
-
3base_user_role/security/ir.model.access.csv
-
BINbase_user_role/static/description/icon.png
-
BINbase_user_role/static/description/role_groups.png
-
BINbase_user_role/static/description/role_users.png
-
BINbase_user_role/static/description/roles.png
-
3base_user_role/tests/__init__.py
-
107base_user_role/tests/test_user_role.py
-
73base_user_role/views/role.xml
-
39base_user_role/views/user.xml
@ -0,0 +1,82 @@ |
|||
.. image:: https://img.shields.io/badge/licence-AGPL--3-blue.svg |
|||
:target: http://www.gnu.org/licenses/agpl-3.0-standalone.html |
|||
:alt: License: AGPL-3 |
|||
|
|||
========== |
|||
User roles |
|||
========== |
|||
|
|||
This module was written to extend the standard functionality regarding users |
|||
and groups management. |
|||
It helps creating well-defined user roles and associating them to users. |
|||
|
|||
It can become very hard to maintain a large number of user profiles over time, |
|||
juggling with many technical groups. For this purpose, this module will help |
|||
you to: |
|||
|
|||
* define functional roles by aggregating low-level groups, |
|||
* set user accounts with the predefined roles (roles are cumulative), |
|||
* update groups of all relevant user accounts (all at once), |
|||
* ensure that user accounts will have the groups defined in their roles |
|||
(nothing more, nothing less). In other words, you can not set groups |
|||
manually on a user as long as there is roles configured on it, |
|||
* activate/deactivate roles depending on the date (useful to plan holidays, etc) |
|||
* get a quick overview of roles and the related user accounts. |
|||
|
|||
That way you make clear the different responsabilities within a company, and |
|||
are able to add and update user accounts in a scalable and reliable way. |
|||
|
|||
Configuration |
|||
============= |
|||
|
|||
To configure this module, you need to go to *Configuration / Users / Roles*, |
|||
and create a new role. From there, you can add groups to compose your role, |
|||
and then associate users to it. |
|||
|
|||
Roles: |
|||
|
|||
.. image:: /base_user_role/static/description/roles.png |
|||
|
|||
Add groups: |
|||
|
|||
.. image:: /base_user_role/static/description/role_groups.png |
|||
|
|||
Add users (with dates or not): |
|||
|
|||
.. image:: /base_user_role/static/description/role_users.png |
|||
|
|||
Bug Tracker |
|||
=========== |
|||
|
|||
Bugs are tracked on `GitHub Issues |
|||
<https://github.com/OCA/server-tools/issues>`_. In case of trouble, please |
|||
check there if your issue has already been reported. If you spotted it first, |
|||
help us smashing it by providing a detailed and welcomed feedback. |
|||
|
|||
Credits |
|||
======= |
|||
|
|||
Images |
|||
------ |
|||
|
|||
* Oxygen Team: `Icon <http://www.iconarchive.com/show/oxygen-icons-by-oxygen-icons.org/Actions-user-group-new-icon.html>`_ (LGPL) |
|||
|
|||
Contributors |
|||
------------ |
|||
|
|||
* Sébastien Alix <sebastien.alix@osiell.com> |
|||
|
|||
Maintainer |
|||
---------- |
|||
|
|||
.. image:: https://odoo-community.org/logo.png |
|||
:alt: Odoo Community Association |
|||
:target: https://odoo-community.org |
|||
|
|||
This module is maintained by the OCA. |
|||
|
|||
OCA, or the Odoo Community Association, is a nonprofit organization whose |
|||
mission is to support the collaborative development of Odoo features and |
|||
promote its widespread use. |
|||
|
|||
To contribute to this module, please visit https://odoo-community.org. |
@ -0,0 +1,3 @@ |
|||
# -*- coding: utf-8 -*- |
|||
|
|||
from . import models |
@ -0,0 +1,24 @@ |
|||
# -*- coding: utf-8 -*- |
|||
# Copyright 2014 ABF OSIELL <http://osiell.com> |
|||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). |
|||
|
|||
{ |
|||
'name': 'User roles', |
|||
'version': '8.0.1.1.0', |
|||
'category': 'Tools', |
|||
'author': 'ABF OSIELL, Odoo Community Association (OCA)', |
|||
'license': 'AGPL-3', |
|||
'maintainer': 'ABF OSIELL', |
|||
'website': 'http://www.osiell.com', |
|||
'depends': [ |
|||
'base', |
|||
], |
|||
'data': [ |
|||
'security/ir.model.access.csv', |
|||
'data/ir_cron.xml', |
|||
'views/role.xml', |
|||
'views/user.xml', |
|||
], |
|||
'installable': True, |
|||
'auto_install': False, |
|||
} |
@ -0,0 +1,20 @@ |
|||
<?xml version="1.0" encoding="utf-8"?> |
|||
<!-- Copyright 2016 ABF OSIELL <http://osiell.com> |
|||
License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). --> |
|||
<openerp> |
|||
<data noupdate="1"> |
|||
|
|||
<record model="ir.cron" id="cron_update_users"> |
|||
<field name='name'>Update user roles</field> |
|||
<field name='interval_number'>3</field> |
|||
<field name='interval_type'>hours</field> |
|||
<field name="numbercall">-1</field> |
|||
<field name="active">True</field> |
|||
<field name="doall" eval="False" /> |
|||
<field name="model">res.users.role</field> |
|||
<field name="function">cron_update_users</field> |
|||
<field name="args">()</field> |
|||
</record> |
|||
|
|||
</data> |
|||
</openerp> |
@ -0,0 +1,189 @@ |
|||
# Translation of Odoo Server. |
|||
# This file contains the translation of the following modules: |
|||
# * base_user_role |
|||
# |
|||
msgid "" |
|||
msgstr "" |
|||
"Project-Id-Version: Odoo Server 8.0\n" |
|||
"Report-Msgid-Bugs-To: \n" |
|||
"POT-Creation-Date: 2016-11-18 11:58+0000\n" |
|||
"PO-Revision-Date: 2016-11-18 11:58+0000\n" |
|||
"Last-Translator: <>\n" |
|||
"Language-Team: \n" |
|||
"MIME-Version: 1.0\n" |
|||
"Content-Type: text/plain; charset=UTF-8\n" |
|||
"Content-Transfer-Encoding: \n" |
|||
"Plural-Forms: \n" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,model_access:0 |
|||
msgid "Access Controls" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,menu_access:0 |
|||
msgid "Access Menu" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role.line,is_enabled:0 |
|||
msgid "Enabled" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,category_id:0 |
|||
msgid "Application" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,group_id:0 |
|||
msgid "Associated group" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,comment:0 |
|||
msgid "Comment" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,create_uid:0 |
|||
#: field:res.users.role.line,create_uid:0 |
|||
msgid "Created by" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,create_date:0 |
|||
#: field:res.users.role.line,create_date:0 |
|||
msgid "Created on" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,display_name:0 |
|||
#: field:res.users.role.line,display_name:0 |
|||
msgid "Display Name" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role.line,date_from:0 |
|||
msgid "From" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,full_name:0 |
|||
msgid "Group Name" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: view:res.users.role:base_user_role.view_res_users_role_form |
|||
msgid "Groups" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,id:0 |
|||
#: field:res.users.role.line,id:0 |
|||
msgid "ID" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,implied_ids:0 |
|||
msgid "Inherits" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,__last_update:0 |
|||
#: field:res.users.role.line,__last_update:0 |
|||
msgid "Last Modified on" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,write_uid:0 |
|||
#: field:res.users.role.line,write_uid:0 |
|||
msgid "Last Updated by" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,write_date:0 |
|||
#: field:res.users.role.line,write_date:0 |
|||
msgid "Last Updated on" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,name:0 |
|||
msgid "Name" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: view:res.users.role:base_user_role.view_res_users_role_form |
|||
#: view:res.users.role:base_user_role.view_res_users_role_tree |
|||
#: field:res.users.role.line,role_id:0 |
|||
msgid "Role" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users,role_line_ids:0 |
|||
msgid "Role lines" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: model:ir.actions.act_window,name:base_user_role.action_res_users_role_tree |
|||
#: model:ir.ui.menu,name:base_user_role.menu_action_res_users_role_tree |
|||
#: view:res.users:base_user_role.view_res_users_form_inherit |
|||
#: field:res.users,role_ids:0 |
|||
#: view:res.users.role:base_user_role.view_res_users_role_search |
|||
msgid "Roles" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,rule_groups:0 |
|||
msgid "Rules" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users,scoring:0 |
|||
msgid "Scoring (%)" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role.line,date_to:0 |
|||
msgid "To" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,trans_implied_ids:0 |
|||
msgid "Transitively inherits" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role.line,user_id:0 |
|||
msgid "User" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: model:ir.model,name:base_user_role.model_res_users_role |
|||
msgid "User role" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: model:ir.model,name:base_user_role.model_res_users |
|||
#: view:res.users.role:base_user_role.view_res_users_role_form |
|||
#: field:res.users.role,line_ids:0 |
|||
#: field:res.users.role,user_ids:0 |
|||
#: field:res.users.role,users:0 |
|||
msgid "Users" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: model:ir.model,name:base_user_role.model_res_users_role_line |
|||
msgid "Users associated to a role" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: help:res.users.role,implied_ids:0 |
|||
msgid "Users of this group automatically inherit those groups" |
|||
msgstr "" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,view_access:0 |
|||
msgid "Views" |
|||
msgstr "" |
|||
|
@ -0,0 +1,189 @@ |
|||
# Translation of Odoo Server. |
|||
# This file contains the translation of the following modules: |
|||
# * base_user_role |
|||
# |
|||
msgid "" |
|||
msgstr "" |
|||
"Project-Id-Version: Odoo Server 8.0\n" |
|||
"Report-Msgid-Bugs-To: \n" |
|||
"POT-Creation-Date: 2016-11-18 12:03+0000\n" |
|||
"PO-Revision-Date: 2016-11-18 12:03+0000\n" |
|||
"Last-Translator: <>\n" |
|||
"Language-Team: \n" |
|||
"MIME-Version: 1.0\n" |
|||
"Content-Type: text/plain; charset=UTF-8\n" |
|||
"Content-Transfer-Encoding: \n" |
|||
"Plural-Forms: \n" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,model_access:0 |
|||
msgid "Access Controls" |
|||
msgstr "Access Controls" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,menu_access:0 |
|||
msgid "Access Menu" |
|||
msgstr "Access Menu" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role.line,is_enabled:0 |
|||
msgid "Enabled" |
|||
msgstr "Activé" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,category_id:0 |
|||
msgid "Application" |
|||
msgstr "Application" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,group_id:0 |
|||
msgid "Associated group" |
|||
msgstr "Groupe associé" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,comment:0 |
|||
msgid "Comment" |
|||
msgstr "Comment" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,create_uid:0 |
|||
#: field:res.users.role.line,create_uid:0 |
|||
msgid "Created by" |
|||
msgstr "Created by" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,create_date:0 |
|||
#: field:res.users.role.line,create_date:0 |
|||
msgid "Created on" |
|||
msgstr "Created on" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,display_name:0 |
|||
#: field:res.users.role.line,display_name:0 |
|||
msgid "Display Name" |
|||
msgstr "Display Name" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role.line,date_from:0 |
|||
msgid "From" |
|||
msgstr "À partir du" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,full_name:0 |
|||
msgid "Group Name" |
|||
msgstr "Group Name" |
|||
|
|||
#. module: base_user_role |
|||
#: view:res.users.role:base_user_role.view_res_users_role_form |
|||
msgid "Groups" |
|||
msgstr "Groupes" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,id:0 |
|||
#: field:res.users.role.line,id:0 |
|||
msgid "ID" |
|||
msgstr "ID" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,implied_ids:0 |
|||
msgid "Inherits" |
|||
msgstr "Inherits" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,__last_update:0 |
|||
#: field:res.users.role.line,__last_update:0 |
|||
msgid "Last Modified on" |
|||
msgstr "Last Modified on" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,write_uid:0 |
|||
#: field:res.users.role.line,write_uid:0 |
|||
msgid "Last Updated by" |
|||
msgstr "Last Updated by" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,write_date:0 |
|||
#: field:res.users.role.line,write_date:0 |
|||
msgid "Last Updated on" |
|||
msgstr "Last Updated on" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,name:0 |
|||
msgid "Name" |
|||
msgstr "Nom" |
|||
|
|||
#. module: base_user_role |
|||
#: view:res.users.role:base_user_role.view_res_users_role_form |
|||
#: view:res.users.role:base_user_role.view_res_users_role_tree |
|||
#: field:res.users.role.line,role_id:0 |
|||
msgid "Role" |
|||
msgstr "Rôle" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users,role_line_ids:0 |
|||
msgid "Role lines" |
|||
msgstr "Role lines" |
|||
|
|||
#. module: base_user_role |
|||
#: model:ir.actions.act_window,name:base_user_role.action_res_users_role_tree |
|||
#: model:ir.ui.menu,name:base_user_role.menu_action_res_users_role_tree |
|||
#: view:res.users:base_user_role.view_res_users_form_inherit |
|||
#: field:res.users,role_ids:0 |
|||
#: view:res.users.role:base_user_role.view_res_users_role_search |
|||
msgid "Roles" |
|||
msgstr "Rôles" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,rule_groups:0 |
|||
msgid "Rules" |
|||
msgstr "Rules" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users,scoring:0 |
|||
msgid "Scoring (%)" |
|||
msgstr "Scoring (%)" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role.line,date_to:0 |
|||
msgid "To" |
|||
msgstr "Jusqu'au" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,trans_implied_ids:0 |
|||
msgid "Transitively inherits" |
|||
msgstr "Transitively inherits" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role.line,user_id:0 |
|||
msgid "User" |
|||
msgstr "Utilisateur" |
|||
|
|||
#. module: base_user_role |
|||
#: model:ir.model,name:base_user_role.model_res_users_role |
|||
msgid "User role" |
|||
msgstr "Rôle utilisateur" |
|||
|
|||
#. module: base_user_role |
|||
#: model:ir.model,name:base_user_role.model_res_users |
|||
#: view:res.users.role:base_user_role.view_res_users_role_form |
|||
#: field:res.users.role,line_ids:0 |
|||
#: field:res.users.role,user_ids:0 |
|||
#: field:res.users.role,users:0 |
|||
msgid "Users" |
|||
msgstr "Utilisateurs" |
|||
|
|||
#. module: base_user_role |
|||
#: model:ir.model,name:base_user_role.model_res_users_role_line |
|||
msgid "Users associated to a role" |
|||
msgstr "Utilisateurs associés à un rôle" |
|||
|
|||
#. module: base_user_role |
|||
#: help:res.users.role,implied_ids:0 |
|||
msgid "Users of this group automatically inherit those groups" |
|||
msgstr "Users of this group automatically inherit those groups" |
|||
|
|||
#. module: base_user_role |
|||
#: field:res.users.role,view_access:0 |
|||
msgid "Views" |
|||
msgstr "Views" |
|||
|
@ -0,0 +1,25 @@ |
|||
# -*- coding: utf-8 -*- |
|||
# Copyright 2016 ABF OSIELL <http://osiell.com> |
|||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). |
|||
from openerp import api, SUPERUSER_ID |
|||
|
|||
|
|||
def migrate_res_users_role(env): |
|||
"""Migrate user roles database schema. |
|||
('res_users_role_user_rel' many2many table to 'res.users.role.line' model. |
|||
""" |
|||
role_line_model = env['res.users.role.line'] |
|||
query = "SELECT role_id, user_id FROM res_users_role_user_rel;" |
|||
env.cr.execute(query) |
|||
rows = env.cr.fetchall() |
|||
for row in rows: |
|||
vals = { |
|||
'role_id': row[0], |
|||
'user_id': row[1], |
|||
} |
|||
role_line_model.create(vals) |
|||
|
|||
|
|||
def migrate(cr, version): |
|||
env = api.Environment(cr, SUPERUSER_ID, {}) |
|||
migrate_res_users_role(env) |
@ -0,0 +1,4 @@ |
|||
# -*- coding: utf-8 -*- |
|||
|
|||
from . import role |
|||
from . import user |
@ -0,0 +1,83 @@ |
|||
# -*- coding: utf-8 -*- |
|||
# Copyright 2014 ABF OSIELL <http://osiell.com> |
|||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). |
|||
|
|||
import datetime |
|||
import logging |
|||
|
|||
from openerp import api, fields, models |
|||
|
|||
|
|||
_logger = logging.getLogger(__name__) |
|||
|
|||
|
|||
class ResUsersRole(models.Model): |
|||
_name = 'res.users.role' |
|||
_inherits = {'res.groups': 'group_id'} |
|||
_description = "User role" |
|||
|
|||
group_id = fields.Many2one( |
|||
'res.groups', required=True, ondelete='cascade', |
|||
readonly=True, string=u"Associated group") |
|||
line_ids = fields.One2many( |
|||
'res.users.role.line', 'role_id', string=u"Users") |
|||
user_ids = fields.One2many( |
|||
'res.users', string=u"Users", compute='_compute_user_ids') |
|||
|
|||
@api.multi |
|||
@api.depends('line_ids.user_id') |
|||
def _compute_user_ids(self): |
|||
for role in self: |
|||
role.user_ids = role.line_ids.mapped('user_id') |
|||
|
|||
@api.model |
|||
def create(self, vals): |
|||
new_record = super(ResUsersRole, self).create(vals) |
|||
new_record.update_users() |
|||
return new_record |
|||
|
|||
@api.multi |
|||
def write(self, vals): |
|||
res = super(ResUsersRole, self).write(vals) |
|||
self.update_users() |
|||
return res |
|||
|
|||
@api.multi |
|||
def update_users(self): |
|||
"""Update all the users concerned by the roles identified by `ids`.""" |
|||
users = self.mapped('user_ids') |
|||
users.set_groups_from_roles() |
|||
return True |
|||
|
|||
@api.model |
|||
def cron_update_users(self): |
|||
logging.info(u"Update user roles") |
|||
self.search([]).update_users() |
|||
|
|||
|
|||
class ResUsersRoleLine(models.Model): |
|||
_name = 'res.users.role.line' |
|||
_description = 'Users associated to a role' |
|||
|
|||
role_id = fields.Many2one( |
|||
'res.users.role', string=u"Role", ondelete='cascade') |
|||
user_id = fields.Many2one( |
|||
'res.users', string=u"User") |
|||
date_from = fields.Date(u"From") |
|||
date_to = fields.Date(u"To") |
|||
is_enabled = fields.Boolean(u"Enabled", compute='_compute_is_enabled') |
|||
|
|||
@api.multi |
|||
@api.depends('date_from', 'date_to') |
|||
def _compute_is_enabled(self): |
|||
today = datetime.date.today() |
|||
for role_line in self: |
|||
role_line.is_enabled = True |
|||
if role_line.date_from: |
|||
date_from = fields.Date.from_string(role_line.date_from) |
|||
if date_from > today: |
|||
role_line.is_enabled = False |
|||
if role_line.date_to: |
|||
date_to = fields.Date.from_string(role_line.date_to) |
|||
if today > date_to: |
|||
role_line.is_enabled = False |
@ -0,0 +1,54 @@ |
|||
# -*- coding: utf-8 -*- |
|||
# Copyright 2014 ABF OSIELL <http://osiell.com> |
|||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). |
|||
|
|||
from openerp import api, fields, models |
|||
|
|||
|
|||
class ResUsers(models.Model): |
|||
_inherit = 'res.users' |
|||
|
|||
role_line_ids = fields.One2many( |
|||
'res.users.role.line', 'user_id', string=u"Role lines") |
|||
role_ids = fields.One2many( |
|||
'res.users.role', string=u"Roles", compute='_compute_role_ids') |
|||
|
|||
@api.multi |
|||
@api.depends('role_line_ids.role_id') |
|||
def _compute_role_ids(self): |
|||
for user in self: |
|||
user.role_ids = user.role_line_ids.mapped('role_id') |
|||
|
|||
@api.model |
|||
def create(self, vals): |
|||
new_record = super(ResUsers, self).create(vals) |
|||
new_record.set_groups_from_roles() |
|||
return new_record |
|||
|
|||
@api.multi |
|||
def write(self, vals): |
|||
res = super(ResUsers, self).write(vals) |
|||
self.sudo().set_groups_from_roles() |
|||
return res |
|||
|
|||
@api.multi |
|||
def set_groups_from_roles(self): |
|||
"""Set (replace) the groups following the roles defined on users. |
|||
If no role is defined on the user, its groups are let untouched. |
|||
""" |
|||
for user in self: |
|||
if not user.role_line_ids: |
|||
continue |
|||
group_ids = [] |
|||
role_lines = user.role_line_ids.filtered( |
|||
lambda rec: rec.is_enabled) |
|||
for role_line in role_lines: |
|||
role = role_line.role_id |
|||
group_ids.append(role.group_id.id) |
|||
group_ids.extend(role.implied_ids.ids) |
|||
group_ids = list(set(group_ids)) # Remove duplicates IDs |
|||
vals = { |
|||
'groups_id': [(6, 0, group_ids)], |
|||
} |
|||
super(ResUsers, user).write(vals) |
|||
return True |
@ -0,0 +1,3 @@ |
|||
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink |
|||
access_res_users_role,access_res_users_role,model_res_users_role,"base.group_erp_manager",1,1,1,1 |
|||
access_res_users_role_line,access_res_users_role_line,model_res_users_role_line,"base.group_erp_manager",1,1,1,1 |
After Width: 128 | Height: 128 | Size: 18 KiB |
After Width: 651 | Height: 333 | Size: 12 KiB |
After Width: 651 | Height: 332 | Size: 12 KiB |
After Width: 682 | Height: 234 | Size: 20 KiB |
@ -0,0 +1,3 @@ |
|||
# -*- coding: utf-8 -*- |
|||
|
|||
from . import test_user_role |
@ -0,0 +1,107 @@ |
|||
# -*- coding: utf-8 -*- |
|||
# Copyright 2014 ABF OSIELL <http://osiell.com> |
|||
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). |
|||
|
|||
import datetime |
|||
|
|||
from openerp.tools import DEFAULT_SERVER_DATE_FORMAT |
|||
from openerp.tests.common import TransactionCase |
|||
|
|||
|
|||
class TestUserRole(TransactionCase): |
|||
|
|||
def setUp(self): |
|||
super(TestUserRole, self).setUp() |
|||
self.imd_model = self.registry('ir.model.data') |
|||
self.user_model = self.registry('res.users') |
|||
self.role_model = self.registry('res.users.role') |
|||
|
|||
self.user_id = self.user_model.create( |
|||
self.cr, self.uid, |
|||
{'name': u"USER TEST (ROLES)", 'login': 'user_test_roles'}) |
|||
|
|||
# ROLE_1 |
|||
self.group_user_id = self.imd_model.get_object_reference( |
|||
self.cr, self.uid, 'base', 'group_user')[1] |
|||
self.group_no_one_id = self.imd_model.get_object_reference( |
|||
self.cr, self.uid, 'base', 'group_no_one')[1] |
|||
vals = { |
|||
'name': u"ROLE_1", |
|||
'implied_ids': [6, 0, [self.group_user_id, self.group_no_one_id]], |
|||
} |
|||
self.role1_id = self.role_model.create(self.cr, self.uid, vals) |
|||
|
|||
# ROLE_2 |
|||
self.group_multi_currency_id = self.imd_model.get_object_reference( |
|||
self.cr, self.uid, 'base', 'group_multi_currency')[1] |
|||
self.group_sale_manager_id = self.imd_model.get_object_reference( |
|||
self.cr, self.uid, 'base', 'group_sale_manager')[1] |
|||
vals = { |
|||
'name': u"ROLE_2", |
|||
'implied_ids': [6, 0, [self.group_multi_currency_id, |
|||
self.group_sale_manager_id]], |
|||
} |
|||
self.role2_id = self.role_model.create(self.cr, self.uid, vals) |
|||
|
|||
def test_role_1(self): |
|||
role1 = self.role_model.browse(self.cr, self.uid, self.role1_id) |
|||
self.user_model.write( |
|||
self.cr, self.uid, [self.user_id], |
|||
{'role_line_ids': [(0, 0, {'role_id': self.role1_id})]}) |
|||
user = self.user_model.browse(self.cr, self.uid, self.user_id) |
|||
user_group_ids = sorted(set([group.id for group in user.groups_id])) |
|||
role_group_ids = role1.implied_ids.ids |
|||
role_group_ids.append(role1.group_id.id) |
|||
role_group_ids = sorted(set(role_group_ids)) |
|||
self.assertEqual(user_group_ids, role_group_ids) |
|||
|
|||
def test_role_2(self): |
|||
role2 = self.role_model.browse(self.cr, self.uid, self.role2_id) |
|||
self.user_model.write( |
|||
self.cr, self.uid, [self.user_id], |
|||
{'role_line_ids': [(0, 0, {'role_id': self.role2_id})]}) |
|||
user = self.user_model.browse(self.cr, self.uid, self.user_id) |
|||
user_group_ids = sorted(set([group.id for group in user.groups_id])) |
|||
role_group_ids = role2.implied_ids.ids |
|||
role_group_ids.append(role2.group_id.id) |
|||
role_group_ids = sorted(set(role_group_ids)) |
|||
self.assertEqual(user_group_ids, role_group_ids) |
|||
|
|||
def test_role_1_2(self): |
|||
role1 = self.role_model.browse(self.cr, self.uid, self.role1_id) |
|||
role2 = self.role_model.browse(self.cr, self.uid, self.role2_id) |
|||
self.user_model.write( |
|||
self.cr, self.uid, [self.user_id], |
|||
{'role_line_ids': [ |
|||
(0, 0, {'role_id': self.role1_id}), |
|||
(0, 0, {'role_id': self.role2_id}), |
|||
]}) |
|||
user = self.user_model.browse(self.cr, self.uid, self.user_id) |
|||
user_group_ids = sorted(set([group.id for group in user.groups_id])) |
|||
role1_group_ids = role1.implied_ids.ids |
|||
role1_group_ids.append(role1.group_id.id) |
|||
role2_group_ids = role2.implied_ids.ids |
|||
role2_group_ids.append(role2.group_id.id) |
|||
role_group_ids = sorted(set(role1_group_ids + role2_group_ids)) |
|||
self.assertEqual(user_group_ids, role_group_ids) |
|||
|
|||
def test_role_1_2_with_dates(self): |
|||
role1 = self.role_model.browse(self.cr, self.uid, self.role1_id) |
|||
today = datetime.date.today() |
|||
today_str = today.strftime(DEFAULT_SERVER_DATE_FORMAT) |
|||
yesterday = today - datetime.timedelta(days=1) |
|||
yesterday_str = yesterday.strftime(DEFAULT_SERVER_DATE_FORMAT) |
|||
self.user_model.write( |
|||
self.cr, self.uid, [self.user_id], |
|||
{'role_line_ids': [ |
|||
# Role 1 should be enabled |
|||
(0, 0, {'role_id': self.role1_id, 'date_from': today_str}), |
|||
# Role 2 should be disabled |
|||
(0, 0, {'role_id': self.role2_id, 'date_to': yesterday_str}), |
|||
]}) |
|||
user = self.user_model.browse(self.cr, self.uid, self.user_id) |
|||
user_group_ids = sorted(set([group.id for group in user.groups_id])) |
|||
role1_group_ids = role1.implied_ids.ids |
|||
role1_group_ids.append(role1.group_id.id) |
|||
role_group_ids = sorted(set(role1_group_ids)) |
|||
self.assertEqual(user_group_ids, role_group_ids) |
@ -0,0 +1,73 @@ |
|||
<?xml version="1.0" encoding="utf-8"?> |
|||
<!-- Copyright 2014 ABF OSIELL <http://osiell.com> |
|||
License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). --> |
|||
<openerp> |
|||
<data> |
|||
|
|||
<record id="view_res_users_role_form" model="ir.ui.view"> |
|||
<field name="name">res.users.role.form</field> |
|||
<field name="model">res.users.role</field> |
|||
<field name="arch" type="xml"> |
|||
<form string="Role" version="7.0"> |
|||
<sheet> |
|||
<group> |
|||
<field name="name"/> |
|||
<field name="group_id" required="0" readonly="1"/> |
|||
</group> |
|||
<notebook> |
|||
<page string="Groups"> |
|||
<field name="implied_ids" nolabel="1"/> |
|||
</page> |
|||
<page string="Users"> |
|||
<field name="line_ids" nolabel="1"> |
|||
<tree editable="bottom" colors="grey: not is_enabled;"> |
|||
<field name="user_id"/> |
|||
<field name="date_from"/> |
|||
<field name="date_to"/> |
|||
<field name="is_enabled"/> |
|||
</tree> |
|||
</field> |
|||
</page> |
|||
</notebook> |
|||
</sheet> |
|||
</form> |
|||
</field> |
|||
</record> |
|||
|
|||
<record id="view_res_users_role_tree" model="ir.ui.view"> |
|||
<field name="name">res.users.role.tree</field> |
|||
<field name="model">res.users.role</field> |
|||
<field name="arch" type="xml"> |
|||
<tree string="Role"> |
|||
<field name="name"/> |
|||
<field name="user_ids"/> |
|||
</tree> |
|||
</field> |
|||
</record> |
|||
|
|||
<record id="view_res_users_role_search" model="ir.ui.view"> |
|||
<field name="name">res.users.role.search</field> |
|||
<field name="model">res.users.role</field> |
|||
<field name="arch" type="xml"> |
|||
<search string="Roles"> |
|||
<field name="name"/> |
|||
<field name="user_ids"/> |
|||
<field name="implied_ids"/> |
|||
</search> |
|||
</field> |
|||
</record> |
|||
|
|||
<record model="ir.actions.act_window" id="action_res_users_role_tree"> |
|||
<field name="name">Roles</field> |
|||
<field name="type">ir.actions.act_window</field> |
|||
<field name="res_model">res.users.role</field> |
|||
<field name="view_type">form</field> |
|||
<field name="view_id" ref="view_res_users_role_tree"/> |
|||
</record> |
|||
|
|||
<menuitem id="menu_action_res_users_role_tree" |
|||
parent="base.menu_users" |
|||
action="action_res_users_role_tree"/> |
|||
|
|||
</data> |
|||
</openerp> |
@ -0,0 +1,39 @@ |
|||
<?xml version="1.0" encoding="utf-8"?> |
|||
<!-- Copyright 2014 ABF OSIELL <http://osiell.com> |
|||
License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). --> |
|||
<openerp> |
|||
<data> |
|||
|
|||
<record id="view_res_users_form_inherit" model="ir.ui.view"> |
|||
<field name="name">res.users.form.inherit</field> |
|||
<field name="model">res.users</field> |
|||
<field name="inherit_id" ref="base.view_users_form"/> |
|||
<field name="arch" type="xml"> |
|||
<notebook position="inside"> |
|||
<page string="Roles"> |
|||
<field name="role_line_ids" nolabel="1"> |
|||
<tree editable="bottom" colors="grey: not is_enabled;"> |
|||
<field name="role_id"/> |
|||
<field name="date_from"/> |
|||
<field name="date_to"/> |
|||
<field name="is_enabled"/> |
|||
</tree> |
|||
</field> |
|||
</page> |
|||
</notebook> |
|||
</field> |
|||
</record> |
|||
|
|||
<record id="view_res_users_search_inherit" model="ir.ui.view"> |
|||
<field name="name">res.users.search.inherit</field> |
|||
<field name="model">res.users</field> |
|||
<field name="inherit_id" ref="base.view_users_search"/> |
|||
<field name="arch" type="xml"> |
|||
<field name="company_ids" position="after"> |
|||
<field name="role_ids"/> |
|||
</field> |
|||
</field> |
|||
</record> |
|||
|
|||
</data> |
|||
</openerp> |
Write
Preview
Loading…
Cancel
Save
Reference in new issue