From 8526c6d70a74ff85a09f1db746100a56f35a455d Mon Sep 17 00:00:00 2001
From: Stefan Rijnhart <stefan@therp.nl>
Date: Mon, 12 Aug 2013 22:41:33 +0200
Subject: [PATCH] [IMP] Add security checks for inactive jobs

---
 cron_run_manually/model/ir_cron.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/cron_run_manually/model/ir_cron.py b/cron_run_manually/model/ir_cron.py
index 9949be86c..9b35ab95e 100644
--- a/cron_run_manually/model/ir_cron.py
+++ b/cron_run_manually/model/ir_cron.py
@@ -23,6 +23,7 @@
 import psycopg2
 import logging
 from openerp.osv import orm
+from openerp.tools import SUPERUSER_ID
 from openerp.tools.translate import _
 from openerp.tools.safe_eval import safe_eval
 
@@ -44,6 +45,13 @@ class irCron(orm.Model):
         jobs = cr.dictfetchall()
 
         for job in jobs:
+            if uid != SUPERUSER_ID and (
+                    not job['active'] or not job['numbercall']):
+                raise orm.except_orm(
+                    _('Error'),
+                    _('Only the admin user is allowed to '
+                      'execute inactive cron jobs manually'))
+            
             try:
                 # Try to grab an exclusive lock on the job row
                 # until the end of the transaction