diff --git a/base_user_role/README.rst b/base_user_role/README.rst new file mode 100644 index 000000000..4b38fab53 --- /dev/null +++ b/base_user_role/README.rst @@ -0,0 +1,82 @@ +.. image:: https://img.shields.io/badge/licence-AGPL--3-blue.svg + :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html + :alt: License: AGPL-3 + +========== +User roles +========== + +This module was written to extend the standard functionality regarding users +and groups management. +It helps creating well-defined user roles and associating them to users. + +It can become very hard to maintain a large number of user profiles over time, +juggling with many technical groups. For this purpose, this module will help +you to: + + * define functional roles by aggregating low-level groups, + * set user accounts with the predefined roles (roles are cumulative), + * update groups of all relevant user accounts (all at once), + * ensure that user accounts will have the groups defined in their roles + (nothing more, nothing less). In other words, you can not set groups + manually on a user as long as there is roles configured on it, + * activate/deactivate roles depending on the date (useful to plan holidays, etc) + * get a quick overview of roles and the related user accounts. + +That way you make clear the different responsabilities within a company, and +are able to add and update user accounts in a scalable and reliable way. + +Configuration +============= + +To configure this module, you need to go to *Configuration / Users / Roles*, +and create a new role. From there, you can add groups to compose your role, +and then associate users to it. + +Roles: + +.. image:: /base_user_role/static/description/roles.png + +Add groups: + +.. image:: /base_user_role/static/description/role_groups.png + +Add users (with dates or not): + +.. image:: /base_user_role/static/description/role_users.png + +Bug Tracker +=========== + +Bugs are tracked on `GitHub Issues +`_. In case of trouble, please +check there if your issue has already been reported. If you spotted it first, +help us smashing it by providing a detailed and welcomed feedback. + +Credits +======= + +Images +------ + +* Oxygen Team: `Icon `_ (LGPL) + +Contributors +------------ + +* Sébastien Alix + +Maintainer +---------- + +.. image:: https://odoo-community.org/logo.png + :alt: Odoo Community Association + :target: https://odoo-community.org + +This module is maintained by the OCA. + +OCA, or the Odoo Community Association, is a nonprofit organization whose +mission is to support the collaborative development of Odoo features and +promote its widespread use. + +To contribute to this module, please visit https://odoo-community.org. diff --git a/base_user_role/__init__.py b/base_user_role/__init__.py new file mode 100644 index 000000000..cde864bae --- /dev/null +++ b/base_user_role/__init__.py @@ -0,0 +1,3 @@ +# -*- coding: utf-8 -*- + +from . import models diff --git a/base_user_role/__openerp__.py b/base_user_role/__openerp__.py new file mode 100644 index 000000000..59c525fc8 --- /dev/null +++ b/base_user_role/__openerp__.py @@ -0,0 +1,24 @@ +# -*- coding: utf-8 -*- +# Copyright 2014 ABF OSIELL +# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). + +{ + 'name': 'User roles', + 'version': '8.0.1.1.0', + 'category': 'Tools', + 'author': 'ABF OSIELL, Odoo Community Association (OCA)', + 'license': 'AGPL-3', + 'maintainer': 'ABF OSIELL', + 'website': 'http://www.osiell.com', + 'depends': [ + 'base', + ], + 'data': [ + 'security/ir.model.access.csv', + 'data/ir_cron.xml', + 'views/role.xml', + 'views/user.xml', + ], + 'installable': True, + 'auto_install': False, +} diff --git a/base_user_role/data/ir_cron.xml b/base_user_role/data/ir_cron.xml new file mode 100644 index 000000000..a92276a90 --- /dev/null +++ b/base_user_role/data/ir_cron.xml @@ -0,0 +1,20 @@ + + + + + + + Update user roles + 3 + hours + -1 + True + + res.users.role + cron_update_users + () + + + + diff --git a/base_user_role/i18n/base_user_role.pot b/base_user_role/i18n/base_user_role.pot new file mode 100644 index 000000000..a62c4664d --- /dev/null +++ b/base_user_role/i18n/base_user_role.pot @@ -0,0 +1,189 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * base_user_role +# +msgid "" +msgstr "" +"Project-Id-Version: Odoo Server 8.0\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2016-11-18 11:58+0000\n" +"PO-Revision-Date: 2016-11-18 11:58+0000\n" +"Last-Translator: <>\n" +"Language-Team: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: \n" + +#. module: base_user_role +#: field:res.users.role,model_access:0 +msgid "Access Controls" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,menu_access:0 +msgid "Access Menu" +msgstr "" + +#. module: base_user_role +#: field:res.users.role.line,is_enabled:0 +msgid "Enabled" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,category_id:0 +msgid "Application" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,group_id:0 +msgid "Associated group" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,comment:0 +msgid "Comment" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,create_uid:0 +#: field:res.users.role.line,create_uid:0 +msgid "Created by" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,create_date:0 +#: field:res.users.role.line,create_date:0 +msgid "Created on" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,display_name:0 +#: field:res.users.role.line,display_name:0 +msgid "Display Name" +msgstr "" + +#. module: base_user_role +#: field:res.users.role.line,date_from:0 +msgid "From" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,full_name:0 +msgid "Group Name" +msgstr "" + +#. module: base_user_role +#: view:res.users.role:base_user_role.view_res_users_role_form +msgid "Groups" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,id:0 +#: field:res.users.role.line,id:0 +msgid "ID" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,implied_ids:0 +msgid "Inherits" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,__last_update:0 +#: field:res.users.role.line,__last_update:0 +msgid "Last Modified on" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,write_uid:0 +#: field:res.users.role.line,write_uid:0 +msgid "Last Updated by" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,write_date:0 +#: field:res.users.role.line,write_date:0 +msgid "Last Updated on" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,name:0 +msgid "Name" +msgstr "" + +#. module: base_user_role +#: view:res.users.role:base_user_role.view_res_users_role_form +#: view:res.users.role:base_user_role.view_res_users_role_tree +#: field:res.users.role.line,role_id:0 +msgid "Role" +msgstr "" + +#. module: base_user_role +#: field:res.users,role_line_ids:0 +msgid "Role lines" +msgstr "" + +#. module: base_user_role +#: model:ir.actions.act_window,name:base_user_role.action_res_users_role_tree +#: model:ir.ui.menu,name:base_user_role.menu_action_res_users_role_tree +#: view:res.users:base_user_role.view_res_users_form_inherit +#: field:res.users,role_ids:0 +#: view:res.users.role:base_user_role.view_res_users_role_search +msgid "Roles" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,rule_groups:0 +msgid "Rules" +msgstr "" + +#. module: base_user_role +#: field:res.users,scoring:0 +msgid "Scoring (%)" +msgstr "" + +#. module: base_user_role +#: field:res.users.role.line,date_to:0 +msgid "To" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,trans_implied_ids:0 +msgid "Transitively inherits" +msgstr "" + +#. module: base_user_role +#: field:res.users.role.line,user_id:0 +msgid "User" +msgstr "" + +#. module: base_user_role +#: model:ir.model,name:base_user_role.model_res_users_role +msgid "User role" +msgstr "" + +#. module: base_user_role +#: model:ir.model,name:base_user_role.model_res_users +#: view:res.users.role:base_user_role.view_res_users_role_form +#: field:res.users.role,line_ids:0 +#: field:res.users.role,user_ids:0 +#: field:res.users.role,users:0 +msgid "Users" +msgstr "" + +#. module: base_user_role +#: model:ir.model,name:base_user_role.model_res_users_role_line +msgid "Users associated to a role" +msgstr "" + +#. module: base_user_role +#: help:res.users.role,implied_ids:0 +msgid "Users of this group automatically inherit those groups" +msgstr "" + +#. module: base_user_role +#: field:res.users.role,view_access:0 +msgid "Views" +msgstr "" + diff --git a/base_user_role/i18n/fr.po b/base_user_role/i18n/fr.po new file mode 100644 index 000000000..809fc24cd --- /dev/null +++ b/base_user_role/i18n/fr.po @@ -0,0 +1,189 @@ +# Translation of Odoo Server. +# This file contains the translation of the following modules: +# * base_user_role +# +msgid "" +msgstr "" +"Project-Id-Version: Odoo Server 8.0\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2016-11-18 12:03+0000\n" +"PO-Revision-Date: 2016-11-18 12:03+0000\n" +"Last-Translator: <>\n" +"Language-Team: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: \n" +"Plural-Forms: \n" + +#. module: base_user_role +#: field:res.users.role,model_access:0 +msgid "Access Controls" +msgstr "Access Controls" + +#. module: base_user_role +#: field:res.users.role,menu_access:0 +msgid "Access Menu" +msgstr "Access Menu" + +#. module: base_user_role +#: field:res.users.role.line,is_enabled:0 +msgid "Enabled" +msgstr "Activé" + +#. module: base_user_role +#: field:res.users.role,category_id:0 +msgid "Application" +msgstr "Application" + +#. module: base_user_role +#: field:res.users.role,group_id:0 +msgid "Associated group" +msgstr "Groupe associé" + +#. module: base_user_role +#: field:res.users.role,comment:0 +msgid "Comment" +msgstr "Comment" + +#. module: base_user_role +#: field:res.users.role,create_uid:0 +#: field:res.users.role.line,create_uid:0 +msgid "Created by" +msgstr "Created by" + +#. module: base_user_role +#: field:res.users.role,create_date:0 +#: field:res.users.role.line,create_date:0 +msgid "Created on" +msgstr "Created on" + +#. module: base_user_role +#: field:res.users.role,display_name:0 +#: field:res.users.role.line,display_name:0 +msgid "Display Name" +msgstr "Display Name" + +#. module: base_user_role +#: field:res.users.role.line,date_from:0 +msgid "From" +msgstr "À partir du" + +#. module: base_user_role +#: field:res.users.role,full_name:0 +msgid "Group Name" +msgstr "Group Name" + +#. module: base_user_role +#: view:res.users.role:base_user_role.view_res_users_role_form +msgid "Groups" +msgstr "Groupes" + +#. module: base_user_role +#: field:res.users.role,id:0 +#: field:res.users.role.line,id:0 +msgid "ID" +msgstr "ID" + +#. module: base_user_role +#: field:res.users.role,implied_ids:0 +msgid "Inherits" +msgstr "Inherits" + +#. module: base_user_role +#: field:res.users.role,__last_update:0 +#: field:res.users.role.line,__last_update:0 +msgid "Last Modified on" +msgstr "Last Modified on" + +#. module: base_user_role +#: field:res.users.role,write_uid:0 +#: field:res.users.role.line,write_uid:0 +msgid "Last Updated by" +msgstr "Last Updated by" + +#. module: base_user_role +#: field:res.users.role,write_date:0 +#: field:res.users.role.line,write_date:0 +msgid "Last Updated on" +msgstr "Last Updated on" + +#. module: base_user_role +#: field:res.users.role,name:0 +msgid "Name" +msgstr "Nom" + +#. module: base_user_role +#: view:res.users.role:base_user_role.view_res_users_role_form +#: view:res.users.role:base_user_role.view_res_users_role_tree +#: field:res.users.role.line,role_id:0 +msgid "Role" +msgstr "Rôle" + +#. module: base_user_role +#: field:res.users,role_line_ids:0 +msgid "Role lines" +msgstr "Role lines" + +#. module: base_user_role +#: model:ir.actions.act_window,name:base_user_role.action_res_users_role_tree +#: model:ir.ui.menu,name:base_user_role.menu_action_res_users_role_tree +#: view:res.users:base_user_role.view_res_users_form_inherit +#: field:res.users,role_ids:0 +#: view:res.users.role:base_user_role.view_res_users_role_search +msgid "Roles" +msgstr "Rôles" + +#. module: base_user_role +#: field:res.users.role,rule_groups:0 +msgid "Rules" +msgstr "Rules" + +#. module: base_user_role +#: field:res.users,scoring:0 +msgid "Scoring (%)" +msgstr "Scoring (%)" + +#. module: base_user_role +#: field:res.users.role.line,date_to:0 +msgid "To" +msgstr "Jusqu'au" + +#. module: base_user_role +#: field:res.users.role,trans_implied_ids:0 +msgid "Transitively inherits" +msgstr "Transitively inherits" + +#. module: base_user_role +#: field:res.users.role.line,user_id:0 +msgid "User" +msgstr "Utilisateur" + +#. module: base_user_role +#: model:ir.model,name:base_user_role.model_res_users_role +msgid "User role" +msgstr "Rôle utilisateur" + +#. module: base_user_role +#: model:ir.model,name:base_user_role.model_res_users +#: view:res.users.role:base_user_role.view_res_users_role_form +#: field:res.users.role,line_ids:0 +#: field:res.users.role,user_ids:0 +#: field:res.users.role,users:0 +msgid "Users" +msgstr "Utilisateurs" + +#. module: base_user_role +#: model:ir.model,name:base_user_role.model_res_users_role_line +msgid "Users associated to a role" +msgstr "Utilisateurs associés à un rôle" + +#. module: base_user_role +#: help:res.users.role,implied_ids:0 +msgid "Users of this group automatically inherit those groups" +msgstr "Users of this group automatically inherit those groups" + +#. module: base_user_role +#: field:res.users.role,view_access:0 +msgid "Views" +msgstr "Views" + diff --git a/base_user_role/migrations/8.0.1.1.0/post-migration.py b/base_user_role/migrations/8.0.1.1.0/post-migration.py new file mode 100644 index 000000000..074389c7b --- /dev/null +++ b/base_user_role/migrations/8.0.1.1.0/post-migration.py @@ -0,0 +1,25 @@ +# -*- coding: utf-8 -*- +# Copyright 2016 ABF OSIELL +# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). +from openerp import api, SUPERUSER_ID + + +def migrate_res_users_role(env): + """Migrate user roles database schema. + ('res_users_role_user_rel' many2many table to 'res.users.role.line' model. + """ + role_line_model = env['res.users.role.line'] + query = "SELECT role_id, user_id FROM res_users_role_user_rel;" + env.cr.execute(query) + rows = env.cr.fetchall() + for row in rows: + vals = { + 'role_id': row[0], + 'user_id': row[1], + } + role_line_model.create(vals) + + +def migrate(cr, version): + env = api.Environment(cr, SUPERUSER_ID, {}) + migrate_res_users_role(env) diff --git a/base_user_role/models/__init__.py b/base_user_role/models/__init__.py new file mode 100644 index 000000000..db691145c --- /dev/null +++ b/base_user_role/models/__init__.py @@ -0,0 +1,4 @@ +# -*- coding: utf-8 -*- + +from . import role +from . import user diff --git a/base_user_role/models/role.py b/base_user_role/models/role.py new file mode 100644 index 000000000..6cbf42b97 --- /dev/null +++ b/base_user_role/models/role.py @@ -0,0 +1,83 @@ +# -*- coding: utf-8 -*- +# Copyright 2014 ABF OSIELL +# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). + +import datetime +import logging + +from openerp import api, fields, models + + +_logger = logging.getLogger(__name__) + + +class ResUsersRole(models.Model): + _name = 'res.users.role' + _inherits = {'res.groups': 'group_id'} + _description = "User role" + + group_id = fields.Many2one( + 'res.groups', required=True, ondelete='cascade', + readonly=True, string=u"Associated group") + line_ids = fields.One2many( + 'res.users.role.line', 'role_id', string=u"Users") + user_ids = fields.One2many( + 'res.users', string=u"Users", compute='_compute_user_ids') + + @api.multi + @api.depends('line_ids.user_id') + def _compute_user_ids(self): + for role in self: + role.user_ids = role.line_ids.mapped('user_id') + + @api.model + def create(self, vals): + new_record = super(ResUsersRole, self).create(vals) + new_record.update_users() + return new_record + + @api.multi + def write(self, vals): + res = super(ResUsersRole, self).write(vals) + self.update_users() + return res + + @api.multi + def update_users(self): + """Update all the users concerned by the roles identified by `ids`.""" + users = self.mapped('user_ids') + users.set_groups_from_roles() + return True + + @api.model + def cron_update_users(self): + logging.info(u"Update user roles") + self.search([]).update_users() + + +class ResUsersRoleLine(models.Model): + _name = 'res.users.role.line' + _description = 'Users associated to a role' + + role_id = fields.Many2one( + 'res.users.role', string=u"Role", ondelete='cascade') + user_id = fields.Many2one( + 'res.users', string=u"User") + date_from = fields.Date(u"From") + date_to = fields.Date(u"To") + is_enabled = fields.Boolean(u"Enabled", compute='_compute_is_enabled') + + @api.multi + @api.depends('date_from', 'date_to') + def _compute_is_enabled(self): + today = datetime.date.today() + for role_line in self: + role_line.is_enabled = True + if role_line.date_from: + date_from = fields.Date.from_string(role_line.date_from) + if date_from > today: + role_line.is_enabled = False + if role_line.date_to: + date_to = fields.Date.from_string(role_line.date_to) + if today > date_to: + role_line.is_enabled = False diff --git a/base_user_role/models/user.py b/base_user_role/models/user.py new file mode 100644 index 000000000..a15849ced --- /dev/null +++ b/base_user_role/models/user.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# Copyright 2014 ABF OSIELL +# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). + +from openerp import api, fields, models + + +class ResUsers(models.Model): + _inherit = 'res.users' + + role_line_ids = fields.One2many( + 'res.users.role.line', 'user_id', string=u"Role lines") + role_ids = fields.One2many( + 'res.users.role', string=u"Roles", compute='_compute_role_ids') + + @api.multi + @api.depends('role_line_ids.role_id') + def _compute_role_ids(self): + for user in self: + user.role_ids = user.role_line_ids.mapped('role_id') + + @api.model + def create(self, vals): + new_record = super(ResUsers, self).create(vals) + new_record.set_groups_from_roles() + return new_record + + @api.multi + def write(self, vals): + res = super(ResUsers, self).write(vals) + self.sudo().set_groups_from_roles() + return res + + @api.multi + def set_groups_from_roles(self): + """Set (replace) the groups following the roles defined on users. + If no role is defined on the user, its groups are let untouched. + """ + for user in self: + if not user.role_line_ids: + continue + group_ids = [] + role_lines = user.role_line_ids.filtered( + lambda rec: rec.is_enabled) + for role_line in role_lines: + role = role_line.role_id + group_ids.append(role.group_id.id) + group_ids.extend(role.implied_ids.ids) + group_ids = list(set(group_ids)) # Remove duplicates IDs + vals = { + 'groups_id': [(6, 0, group_ids)], + } + super(ResUsers, user).write(vals) + return True diff --git a/base_user_role/security/ir.model.access.csv b/base_user_role/security/ir.model.access.csv new file mode 100644 index 000000000..04790a3d5 --- /dev/null +++ b/base_user_role/security/ir.model.access.csv @@ -0,0 +1,3 @@ +id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink +access_res_users_role,access_res_users_role,model_res_users_role,"base.group_erp_manager",1,1,1,1 +access_res_users_role_line,access_res_users_role_line,model_res_users_role_line,"base.group_erp_manager",1,1,1,1 diff --git a/base_user_role/static/description/icon.png b/base_user_role/static/description/icon.png new file mode 100644 index 000000000..4a8a6d74e Binary files /dev/null and b/base_user_role/static/description/icon.png differ diff --git a/base_user_role/static/description/role_groups.png b/base_user_role/static/description/role_groups.png new file mode 100644 index 000000000..ee31ef971 Binary files /dev/null and b/base_user_role/static/description/role_groups.png differ diff --git a/base_user_role/static/description/role_users.png b/base_user_role/static/description/role_users.png new file mode 100644 index 000000000..ceb7f6ea9 Binary files /dev/null and b/base_user_role/static/description/role_users.png differ diff --git a/base_user_role/static/description/roles.png b/base_user_role/static/description/roles.png new file mode 100644 index 000000000..e3f0d4a6a Binary files /dev/null and b/base_user_role/static/description/roles.png differ diff --git a/base_user_role/tests/__init__.py b/base_user_role/tests/__init__.py new file mode 100644 index 000000000..d5a873d8b --- /dev/null +++ b/base_user_role/tests/__init__.py @@ -0,0 +1,3 @@ +# -*- coding: utf-8 -*- + +from . import test_user_role diff --git a/base_user_role/tests/test_user_role.py b/base_user_role/tests/test_user_role.py new file mode 100644 index 000000000..08a1f613c --- /dev/null +++ b/base_user_role/tests/test_user_role.py @@ -0,0 +1,107 @@ +# -*- coding: utf-8 -*- +# Copyright 2014 ABF OSIELL +# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). + +import datetime + +from openerp.tools import DEFAULT_SERVER_DATE_FORMAT +from openerp.tests.common import TransactionCase + + +class TestUserRole(TransactionCase): + + def setUp(self): + super(TestUserRole, self).setUp() + self.imd_model = self.registry('ir.model.data') + self.user_model = self.registry('res.users') + self.role_model = self.registry('res.users.role') + + self.user_id = self.user_model.create( + self.cr, self.uid, + {'name': u"USER TEST (ROLES)", 'login': 'user_test_roles'}) + + # ROLE_1 + self.group_user_id = self.imd_model.get_object_reference( + self.cr, self.uid, 'base', 'group_user')[1] + self.group_no_one_id = self.imd_model.get_object_reference( + self.cr, self.uid, 'base', 'group_no_one')[1] + vals = { + 'name': u"ROLE_1", + 'implied_ids': [6, 0, [self.group_user_id, self.group_no_one_id]], + } + self.role1_id = self.role_model.create(self.cr, self.uid, vals) + + # ROLE_2 + self.group_multi_currency_id = self.imd_model.get_object_reference( + self.cr, self.uid, 'base', 'group_multi_currency')[1] + self.group_sale_manager_id = self.imd_model.get_object_reference( + self.cr, self.uid, 'base', 'group_sale_manager')[1] + vals = { + 'name': u"ROLE_2", + 'implied_ids': [6, 0, [self.group_multi_currency_id, + self.group_sale_manager_id]], + } + self.role2_id = self.role_model.create(self.cr, self.uid, vals) + + def test_role_1(self): + role1 = self.role_model.browse(self.cr, self.uid, self.role1_id) + self.user_model.write( + self.cr, self.uid, [self.user_id], + {'role_line_ids': [(0, 0, {'role_id': self.role1_id})]}) + user = self.user_model.browse(self.cr, self.uid, self.user_id) + user_group_ids = sorted(set([group.id for group in user.groups_id])) + role_group_ids = role1.implied_ids.ids + role_group_ids.append(role1.group_id.id) + role_group_ids = sorted(set(role_group_ids)) + self.assertEqual(user_group_ids, role_group_ids) + + def test_role_2(self): + role2 = self.role_model.browse(self.cr, self.uid, self.role2_id) + self.user_model.write( + self.cr, self.uid, [self.user_id], + {'role_line_ids': [(0, 0, {'role_id': self.role2_id})]}) + user = self.user_model.browse(self.cr, self.uid, self.user_id) + user_group_ids = sorted(set([group.id for group in user.groups_id])) + role_group_ids = role2.implied_ids.ids + role_group_ids.append(role2.group_id.id) + role_group_ids = sorted(set(role_group_ids)) + self.assertEqual(user_group_ids, role_group_ids) + + def test_role_1_2(self): + role1 = self.role_model.browse(self.cr, self.uid, self.role1_id) + role2 = self.role_model.browse(self.cr, self.uid, self.role2_id) + self.user_model.write( + self.cr, self.uid, [self.user_id], + {'role_line_ids': [ + (0, 0, {'role_id': self.role1_id}), + (0, 0, {'role_id': self.role2_id}), + ]}) + user = self.user_model.browse(self.cr, self.uid, self.user_id) + user_group_ids = sorted(set([group.id for group in user.groups_id])) + role1_group_ids = role1.implied_ids.ids + role1_group_ids.append(role1.group_id.id) + role2_group_ids = role2.implied_ids.ids + role2_group_ids.append(role2.group_id.id) + role_group_ids = sorted(set(role1_group_ids + role2_group_ids)) + self.assertEqual(user_group_ids, role_group_ids) + + def test_role_1_2_with_dates(self): + role1 = self.role_model.browse(self.cr, self.uid, self.role1_id) + today = datetime.date.today() + today_str = today.strftime(DEFAULT_SERVER_DATE_FORMAT) + yesterday = today - datetime.timedelta(days=1) + yesterday_str = yesterday.strftime(DEFAULT_SERVER_DATE_FORMAT) + self.user_model.write( + self.cr, self.uid, [self.user_id], + {'role_line_ids': [ + # Role 1 should be enabled + (0, 0, {'role_id': self.role1_id, 'date_from': today_str}), + # Role 2 should be disabled + (0, 0, {'role_id': self.role2_id, 'date_to': yesterday_str}), + ]}) + user = self.user_model.browse(self.cr, self.uid, self.user_id) + user_group_ids = sorted(set([group.id for group in user.groups_id])) + role1_group_ids = role1.implied_ids.ids + role1_group_ids.append(role1.group_id.id) + role_group_ids = sorted(set(role1_group_ids)) + self.assertEqual(user_group_ids, role_group_ids) diff --git a/base_user_role/views/role.xml b/base_user_role/views/role.xml new file mode 100644 index 000000000..ea1cab525 --- /dev/null +++ b/base_user_role/views/role.xml @@ -0,0 +1,73 @@ + + + + + + + res.users.role.form + res.users.role + +
+ + + + + + + + + + + + + + + + + + + + + +
+
+
+ + + res.users.role.tree + res.users.role + + + + + + + + + + res.users.role.search + res.users.role + + + + + + + + + + + Roles + ir.actions.act_window + res.users.role + form + + + + + +
+
diff --git a/base_user_role/views/user.xml b/base_user_role/views/user.xml new file mode 100644 index 000000000..bae3ba500 --- /dev/null +++ b/base_user_role/views/user.xml @@ -0,0 +1,39 @@ + + + + + + + res.users.form.inherit + res.users + + + + + + + + + + + + + + + + + + + res.users.search.inherit + res.users + + + + + + + + + +