[FIX] base_user_role_company: roles not properly applied on login

2 years ago · f3c4d3d90e
5 changed files with 42 additions and 30 deletions
--- a/base_user_role_company/models/init.py
+++ b/base_user_role_company/models/init.py
@ -2,4 +2,5 @@
 # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).

 from . import role
+from . import user
 from . import ir_http
--- a/base_user_role_company/models/ir_http.py
+++ b/base_user_role_company/models/ir_http.py
@ -18,6 +18,6 @@ class IrHttp(models.AbstractModel):
        if self.env.user.role_line_ids:
            cids_str = request.httprequest.cookies.get("cids", str(self.env.company.id))
            cids = [int(cid) for cid in cids_str.split(",")]
-            self.env.user._set_session_active_roles(cids)
-            self.env.user.set_groups_from_roles()
+            # The first element of cids is the currently selected company
+            self.env.user.set_groups_from_roles(company_id=cids[0])
        return result
--- a/base_user_role_company/models/role.py
+++ b/base_user_role_company/models/role.py
@ -8,13 +8,14 @@ from odoo.exceptions import ValidationError
 class ResUsersRoleLine(models.Model):
    _inherit = "res.users.role.line"

+    allowed_company_ids = fields.Many2many(related="user_id.company_ids")
    company_id = fields.Many2one(
        "res.company",
        "Company",
+        domain="[('id', 'in', allowed_company_ids)]",
        help="If set, this role only applies when this is the main company selected."
        " Otherwise it applies to all companies.",
    )
-    active_role = fields.Boolean(string="Active Role", default=True)

    @api.constrains("user_id", "company_id")
    def _check_company(self):
@ -37,29 +38,3 @@ class ResUsersRoleLine(models.Model):
            "Roles can be assigned to a user only once at a time",
        )
    ]
-
-
-class ResUsers(models.Model):
-    _inherit = "res.users"
-
-    def _get_enabled_roles(self):
-        res = super()._get_enabled_roles()
-        return res.filtered("active_role")
-
-    @api.model
-    def _set_session_active_roles(self, cids):
-        """
-        Based on the selected companies (cids),
-        calculate the roles to enable.
-        A role should be enabled only when it applies to all selected companies.
-        """
-        for role_line in self.env.user.role_line_ids:
-            if not role_line.company_id:
-                role_line.active_role = True
-            elif role_line.company_id.id in cids:
-                is_on_companies = self.env.user.role_line_ids.filtered(
-                    lambda x: x.role_id == role_line.role_id and x.company_id.id in cids
-                )
-                role_line.active_role = len(is_on_companies) == len(cids)
-            else:
-                role_line.active_role = False
--- a/base_user_role_company/models/user.py
+++ b/base_user_role_company/models/user.py
@ -0,0 +1,36 @@
+# Copyright (C) 2021 Open Source Integrators
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
+
+from odoo import api, models
+
+
+class ResUsers(models.Model):
+    _inherit = "res.users"
+
+    @classmethod
+    def authenticate(cls, db, login, password, user_agent_env):
+        uid = super().authenticate(db, login, password, user_agent_env)
+        # On login, ensure the proper roles are applied
+        # The last Role applied may not be the correct one,
+        # sonce the new session current company can be different
+        with cls.pool.cursor() as cr:
+            env = api.Environment(cr, uid, {})
+            if env.user.role_line_ids:
+                env.user.set_groups_from_roles()
+        return uid
+
+    def _get_enabled_roles(self):
+        res = super()._get_enabled_roles()
+        # Enable only the Roles corresponing to the currently selected company
+        if self.env.user.role_line_ids:
+            curr_company = self.env.company
+            res = res.filtered(
+                lambda x: not x.company_id or x.company_id == curr_company
+            )
+        return res
+
+    def set_groups_from_roles(self, force=False, company_id=False):
+        # When using the Company Switcher widget, the self.env.company is not yet set
+        if company_id:
+            self = self.with_company(company_id)
+        return super().set_groups_from_roles(force=force)
--- a/base_user_role_company/views/role.xml
+++ b/base_user_role_company/views/role.xml
@ -9,8 +9,8 @@
                expr="//field[@name='role_line_ids']//field[@name='role_id']"
                position="after"
            >
+                <field name="allowed_company_ids" invisible="1" />
                <field name="company_id" groups="base.group_multi_company" />
-                <field name="active_role" groups="base.group_no_one" readonly="1" />
            </xpath>
        </field>
    </record>