[REF] Server Environment: restrict access to server config to allowed users

New security group restricting access to server config Admin is part of the group by default
6 years ago · c72297864f
3 changed files with 16 additions and 0 deletions
--- a/server_environment/openerp.py
+++ b/server_environment/openerp.py
@ -29,6 +29,7 @@
    "license": "GPL-3 or any later version",
    "category": "Tools",
    "data": [
+        'security/res_groups.xml',
        'serv_config.xml',
    ],
    'installable': True,
--- a/server_environment/security/res_groups.xml
+++ b/server_environment/security/res_groups.xml
@ -0,0 +1,10 @@
+<?xml version="1.0"?>
+
+<odoo>
+
+    <record model="res.groups" id="has_server_configuration_access">
+        <field name="name">View Server Environment Configuration</field>
+        <field name="users" eval="[(4, ref('base.user_root'))]"/>
+    </record>
+
+</odoo>
--- a/server_environment/serv_config.py
+++ b/server_environment/serv_config.py
@ -248,6 +248,11 @@ class ServerConfiguration(models.TransientModel):

    def default_get(self, cr, uid, fields_list, context=None):
        res = {}
+        current_user = self.pool['res.users'].browse(
+            cr, uid, uid, context=context)
+        if not current_user.has_group(
+                'server_environment.has_server_configuration_access'):
+            return res
        for key in self._conf_defaults:
            if 'passw' in key and not self.show_passwords:
                res[key] = '**********'