diff --git a/base_user_role_company/models/__init__.py b/base_user_role_company/models/__init__.py
index d38a0acf7..32004dfac 100644
--- a/base_user_role_company/models/__init__.py
+++ b/base_user_role_company/models/__init__.py
@@ -2,4 +2,5 @@
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
from . import role
+from . import user
from . import ir_http
diff --git a/base_user_role_company/models/ir_http.py b/base_user_role_company/models/ir_http.py
index 7eaca704a..65a6b3b91 100644
--- a/base_user_role_company/models/ir_http.py
+++ b/base_user_role_company/models/ir_http.py
@@ -18,6 +18,6 @@ class IrHttp(models.AbstractModel):
if self.env.user.role_line_ids:
cids_str = request.httprequest.cookies.get("cids", str(self.env.company.id))
cids = [int(cid) for cid in cids_str.split(",")]
- self.env.user._set_session_active_roles(cids)
- self.env.user.set_groups_from_roles()
+ # The first element of cids is the currently selected company
+ self.env.user.set_groups_from_roles(company_id=cids[0])
return result
diff --git a/base_user_role_company/models/role.py b/base_user_role_company/models/role.py
index c6702494c..0fdd234d8 100644
--- a/base_user_role_company/models/role.py
+++ b/base_user_role_company/models/role.py
@@ -8,13 +8,14 @@ from odoo.exceptions import ValidationError
class ResUsersRoleLine(models.Model):
_inherit = "res.users.role.line"
+ allowed_company_ids = fields.Many2many(related="user_id.company_ids")
company_id = fields.Many2one(
"res.company",
"Company",
+ domain="[('id', 'in', allowed_company_ids)]",
help="If set, this role only applies when this is the main company selected."
" Otherwise it applies to all companies.",
)
- active_role = fields.Boolean(string="Active Role", default=True)
@api.constrains("user_id", "company_id")
def _check_company(self):
@@ -37,29 +38,3 @@ class ResUsersRoleLine(models.Model):
"Roles can be assigned to a user only once at a time",
)
]
-
-
-class ResUsers(models.Model):
- _inherit = "res.users"
-
- def _get_enabled_roles(self):
- res = super()._get_enabled_roles()
- return res.filtered("active_role")
-
- @api.model
- def _set_session_active_roles(self, cids):
- """
- Based on the selected companies (cids),
- calculate the roles to enable.
- A role should be enabled only when it applies to all selected companies.
- """
- for role_line in self.env.user.role_line_ids:
- if not role_line.company_id:
- role_line.active_role = True
- elif role_line.company_id.id in cids:
- is_on_companies = self.env.user.role_line_ids.filtered(
- lambda x: x.role_id == role_line.role_id and x.company_id.id in cids
- )
- role_line.active_role = len(is_on_companies) == len(cids)
- else:
- role_line.active_role = False
diff --git a/base_user_role_company/models/user.py b/base_user_role_company/models/user.py
new file mode 100644
index 000000000..1a2f6296b
--- /dev/null
+++ b/base_user_role_company/models/user.py
@@ -0,0 +1,35 @@
+# Copyright (C) 2021 Open Source Integrators
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from odoo import api, models
+
+
+class ResUsers(models.Model):
+ _inherit = "res.users"
+
+ @classmethod
+ def authenticate(cls, db, login, password, user_agent_env):
+ uid = super().authenticate(db, login, password, user_agent_env)
+ # On login, ensure the proper roles are applied
+ # The last Role applied may not be the correct one,
+ # sonce the new session current company can be different
+ with cls.pool.cursor() as cr:
+ env = api.Environment(cr, uid, {})
+ if env.user.role_line_ids:
+ env.user.set_groups_from_roles()
+ return uid
+
+ def _get_enabled_roles(self):
+ res = super()._get_enabled_roles()
+ # Enable only the Roles corresponing to the currently selected company
+ if self.role_line_ids:
+ res = res.filtered(
+ lambda x: not x.company_id or x.company_id == self.env.company
+ )
+ return res
+
+ def set_groups_from_roles(self, force=False, company_id=False):
+ # When using the Company Switcher widget, the self.env.company is not yet set
+ if company_id:
+ self = self.with_company(company_id)
+ return super().set_groups_from_roles(force=force)
diff --git a/base_user_role_company/tests/test_role_per_company.py b/base_user_role_company/tests/test_role_per_company.py
index 14cb869bf..9b1ac1fcc 100644
--- a/base_user_role_company/tests/test_role_per_company.py
+++ b/base_user_role_company/tests/test_role_per_company.py
@@ -11,11 +11,18 @@ class TestUserRoleCompany(TransactionCase):
self.Company = self.env["res.company"]
self.company1 = self.env.ref("base.main_company")
self.company2 = self.Company.create({"name": "company2"})
+ # GROUPS for roles
+ self.groupA = self.env.ref("base.group_user")
+ self.groupB = self.env.ref("base.group_system")
+ self.groupC = self.env.ref("base.group_partner_manager")
# ROLES
self.Role = self.env["res.users.role"]
self.roleA = self.Role.create({"name": "ROLE All Companies"})
+ self.roleA.implied_ids |= self.groupA
self.roleB = self.Role.create({"name": "ROLE Company 1"})
+ self.roleB.implied_ids |= self.groupB
self.roleC = self.Role.create({"name": "ROLE Company 1 and 2"})
+ self.roleC.implied_ids |= self.groupC
# USER
# ==Role=== ==Company== C1 C2 C1+C2
# Role A Yes Yes Yes
@@ -35,28 +42,22 @@ class TestUserRoleCompany(TransactionCase):
],
}
self.test_user = self.User.create(user_vals)
- self.User = self.User.with_user(self.test_user)
def test_110_company_1(self):
- "Company 1 selected: Tech and Settings roles are activated"
- self.User._set_session_active_roles([self.company1.id])
- active_roles = self.test_user.role_line_ids.filtered("active_role").mapped(
- "role_id"
- )
- self.assertEqual(active_roles, self.roleA | self.roleB | self.roleC)
+ "Company 1 selected: Roles A, B and C are enabled"
+ self.test_user.set_groups_from_roles(company_id=self.company1.id)
+ expected = self.groupA | self.groupB | self.groupC
+ found = self.test_user.groups_id.filtered(lambda x: x in expected)
+ self.assertEqual(expected, found)
def test_120_company_2(self):
- "Company 2 selected: only Tech role enabled"
- self.User._set_session_active_roles([self.company2.id])
- active_roles = self.test_user.role_line_ids.filtered("active_role").mapped(
- "role_id"
- )
- self.assertEqual(active_roles, self.roleA | self.roleC)
+ "Company 2 selected: Roles A and C are enabled"
+ self.test_user.set_groups_from_roles(company_id=self.company2.id)
+ enabled = self.test_user.groups_id
+ expected = self.groupA | self.groupC
+ found = enabled.filtered(lambda x: x in expected)
+ self.assertEqual(expected, found)
- def test_130_company_1_2(self):
- "Settings Role enabled for Company 1 and 2"
- self.User._set_session_active_roles([self.company1.id, self.company2.id])
- active_roles = self.test_user.role_line_ids.filtered("active_role").mapped(
- "role_id"
- )
- self.assertEqual(active_roles, self.roleA | self.roleC)
+ not_expected = self.groupB
+ found = enabled.filtered(lambda x: x in not_expected)
+ self.assertFalse(found)
diff --git a/base_user_role_company/views/role.xml b/base_user_role_company/views/role.xml
index 89bd80ad7..9cb06b7e9 100644
--- a/base_user_role_company/views/role.xml
+++ b/base_user_role_company/views/role.xml
@@ -9,8 +9,8 @@
expr="//field[@name='role_line_ids']//field[@name='role_id']"
position="after"
>
+
-