You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

118 lines
4.6 KiB

  1. ###################################################################################
  2. #
  3. # Copyright (C) 2017 MuK IT GmbH
  4. #
  5. # This program is free software: you can redistribute it and/or modify
  6. # it under the terms of the GNU Affero General Public License as
  7. # published by the Free Software Foundation, either version 3 of the
  8. # License, or (at your option) any later version.
  9. #
  10. # This program is distributed in the hope that it will be useful,
  11. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13. # GNU Affero General Public License for more details.
  14. #
  15. # You should have received a copy of the GNU Affero General Public License
  16. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  17. #
  18. ###################################################################################
  19. import logging
  20. from odoo import _
  21. from odoo import models, api, fields
  22. from odoo.exceptions import AccessError
  23. _logger = logging.getLogger(__name__)
  24. class AccessModel(models.AbstractModel):
  25. _name = 'muk_security.mixins.access_rights'
  26. _description = 'Access Mixin'
  27. #----------------------------------------------------------
  28. # Database
  29. #----------------------------------------------------------
  30. permission_read = fields.Boolean(
  31. compute='_compute_permissions_read',
  32. search='_search_permission_read',
  33. string="Read Access")
  34. permission_create = fields.Boolean(
  35. compute='_compute_permissions_create',
  36. search='_search_permission_create',
  37. string="Create Access")
  38. permission_write = fields.Boolean(
  39. compute='_compute_permissions_write',
  40. search='_search_permission_write',
  41. string="Write Access")
  42. permission_unlink = fields.Boolean(
  43. compute='_compute_permissions_unlink',
  44. search='_search_permission_unlink',
  45. string="Delete Access")
  46. #----------------------------------------------------------
  47. # Search
  48. #----------------------------------------------------------
  49. @api.model
  50. def _search_permission_read(self, operator, operand):
  51. if operator == '=' and operand:
  52. return [('id', 'in', self.search([])._filter_access_ids('read'))]
  53. return [('id', 'not in', self.search([])._filter_access_ids('read'))]
  54. @api.model
  55. def _search_permission_create(self, operator, operand):
  56. if operator == '=' and operand:
  57. return [('id', 'in', self.search([])._filter_access_ids('create'))]
  58. return [('id', 'not in', self.search([])._filter_access_ids('create'))]
  59. @api.model
  60. def _search_permission_write(self, operator, operand):
  61. if operator == '=' and operand:
  62. return [('id', 'in', self.search([])._filter_access_ids('write'))]
  63. return [('id', 'not in', self.search([])._filter_access_ids('write'))]
  64. @api.model
  65. def _search_permission_unlink(self, operator, operand):
  66. if operator == '=' and operand:
  67. return [('id', 'in', self.search([])._filter_access_ids('unlink'))]
  68. return [('id', 'not in', self.search([])._filter_access_ids('unlink'))]
  69. #----------------------------------------------------------
  70. # Read, View
  71. #----------------------------------------------------------
  72. @api.multi
  73. def _compute_permissions_read(self):
  74. records = self._filter_access('read')
  75. for record in records:
  76. record.update({'permission_read': True})
  77. for record in self - records:
  78. record.update({'permission_read': False})
  79. @api.multi
  80. def _compute_permissions_create(self):
  81. records = self._filter_access('create')
  82. for record in records:
  83. record.update({'permission_create': True})
  84. for record in self - records:
  85. record.update({'permission_create': False})
  86. @api.multi
  87. def _compute_permissions_write(self):
  88. records = self._filter_access('write')
  89. for record in records:
  90. record.update({'permission_write': True})
  91. for record in self - records:
  92. record.update({'permission_write': False})
  93. @api.multi
  94. def _compute_permissions_unlink(self):
  95. records = self._filter_access('unlink')
  96. for record in records:
  97. record.update({'permission_unlink': True})
  98. for record in self - records:
  99. record.update({'permission_unlink': False})