Browse Source

[IMP] make base_user_role_line company dependent

pull/1489/head
Pierrick Brun 6 years ago
parent
commit
840c2c1119
  1. 2
      base_user_role/__manifest__.py
  2. 17
      base_user_role/models/role.py
  3. 9
      base_user_role/models/user.py
  4. 40
      base_user_role/tests/test_user_role.py
  5. 1
      base_user_role/views/role.xml
  6. 1
      base_user_role/views/user.xml

2
base_user_role/__manifest__.py

@ -5,7 +5,7 @@
{ {
'name': 'User roles', 'name': 'User roles',
'version': '10.0.1.0.2',
'version': '10.0.1.0.3',
'category': 'Tools', 'category': 'Tools',
'author': 'ABF OSIELL, Odoo Community Association (OCA)', 'author': 'ABF OSIELL, Odoo Community Association (OCA)',
'license': 'LGPL-3', 'license': 'LGPL-3',

17
base_user_role/models/role.py

@ -6,8 +6,9 @@
import datetime import datetime
import logging import logging
from odoo import api, fields, models
from odoo import _, api, fields, models
from odoo import SUPERUSER_ID from odoo import SUPERUSER_ID
from odoo.exceptions import ValidationError
_logger = logging.getLogger(__name__) _logger = logging.getLogger(__name__)
@ -73,6 +74,20 @@ class ResUsersRoleLine(models.Model):
date_from = fields.Date(u"From") date_from = fields.Date(u"From")
date_to = fields.Date(u"To") date_to = fields.Date(u"To")
is_enabled = fields.Boolean(u"Enabled", compute='_compute_is_enabled') is_enabled = fields.Boolean(u"Enabled", compute='_compute_is_enabled')
company_id = fields.Many2one(
'res.company', 'Company',
default=lambda self: self.env.user.company_id)
@api.multi
@api.constrains('user_id', 'company_id')
def _check_company(self):
for record in self:
if (self.company_id and
self.company_id != self.user_id.company_id and
self.company_id not in self.user_id.company_ids):
raise ValidationError(
_('User "{}" does not have access to the company "{}"')
.format(self.user_id.name, self.company_id.name))
@api.multi @api.multi
@api.depends('date_from', 'date_to') @api.depends('date_from', 'date_to')

9
base_user_role/models/user.py

@ -49,6 +49,11 @@ class ResUsers(models.Model):
self.sudo().set_groups_from_roles() self.sudo().set_groups_from_roles()
return res return res
def _get_enabled_roles(self):
return self.role_line_ids.filtered(
lambda rec: rec.is_enabled and
(not rec.company_id or rec.company_id == rec.user_id.company_id))
@api.multi @api.multi
def set_groups_from_roles(self): def set_groups_from_roles(self):
"""Set (replace) the groups following the roles defined on users. """Set (replace) the groups following the roles defined on users.
@ -58,9 +63,7 @@ class ResUsers(models.Model):
if not user.role_line_ids: if not user.role_line_ids:
continue continue
group_ids = [] group_ids = []
role_lines = user.role_line_ids.filtered(
lambda rec: rec.is_enabled)
for role_line in role_lines:
for role_line in user._get_enabled_roles():
role = role_line.role_id role = role_line.role_id
group_ids.append(role.group_id.id) group_ids.append(role.group_id.id)
group_ids.extend(role.implied_ids.ids) group_ids.extend(role.implied_ids.ids)

40
base_user_role/tests/test_user_role.py

@ -41,6 +41,11 @@ class TestUserRole(TransactionCase):
self.group_settings_id.id])], self.group_settings_id.id])],
} }
self.role2_id = self.role_model.create(vals) self.role2_id = self.role_model.create(vals)
self.company1 = self.env.ref('base.main_company')
self.company2 = self.env['res.company'].create({'name': 'company2'})
self.user_id.write(
{'company_ids': [
(4, self.company1.id, 0), (4, self.company2.id, 0)]})
def test_role_1(self): def test_role_1(self):
self.user_id.write( self.user_id.write(
@ -114,3 +119,38 @@ class TestUserRole(TransactionCase):
}) })
roles = self.role_model.browse([self.role1_id.id, self.role2_id.id]) roles = self.role_model.browse([self.role1_id.id, self.role2_id.id])
self.assertEqual(user.role_ids, roles) self.assertEqual(user.role_ids, roles)
def test_user_role_different_company(self):
self.user_id.write({'company_id': self.company1.id})
self.user_id.write({'role_line_ids': [(0, 0, {
'role_id': self.role2_id.id,
'company_id': self.company2.id})]})
# Check that user does not have any groups
self.assertEquals(
self.user_id.groups_id, self.env['res.groups'].browse())
def test_user_role_same_company(self):
self.user_id.write({'company_id': self.company1.id})
self.user_id.write({'role_line_ids': [(0, 0, {
'role_id': self.role1_id.id,
'company_id': self.company1.id})]})
user_group_ids = sorted(set(
[group.id for group in self.user_id.groups_id]))
role_group_ids = self.role1_id.trans_implied_ids.ids
role_group_ids.append(self.role1_id.group_id.id)
role_group_ids = sorted(set(role_group_ids))
# Check that user have groups implied by role 1
self.assertEqual(user_group_ids, role_group_ids)
def test_user_role_no_company(self):
self.user_id.write({'company_id': self.company1.id})
self.user_id.write({'role_line_ids': [(0, 0, {
'role_id': self.role2_id.id,
'company_id': False})]})
user_group_ids = sorted(set(
[group.id for group in self.user_id.groups_id]))
role_group_ids = self.role2_id.trans_implied_ids.ids
role_group_ids.append(self.role2_id.group_id.id)
role_group_ids = sorted(set(role_group_ids))
# Check that user have groups implied by role 2
self.assertEqual(user_group_ids, role_group_ids)

1
base_user_role/views/role.xml

@ -25,6 +25,7 @@
<field name="date_from"/> <field name="date_from"/>
<field name="date_to"/> <field name="date_to"/>
<field name="is_enabled"/> <field name="is_enabled"/>
<field name="company_id" groups="base.group_multi_company"/>
</tree> </tree>
</field> </field>
</page> </page>

1
base_user_role/views/user.xml

@ -17,6 +17,7 @@
<field name="date_from"/> <field name="date_from"/>
<field name="date_to"/> <field name="date_to"/>
<field name="is_enabled"/> <field name="is_enabled"/>
<field name="company_id" groups="base.group_multi_company"/>
</tree> </tree>
</field> </field>
</page> </page>

Loading…
Cancel
Save