damien
/
muk_base
mirror of https://github.com/muk-it/muk_base
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

publish muk_security - 12.0

pull/9/head
MuK IT GmbH 6 years ago
parent
80d4ef8d55
commit
746154e487
3 changed files with 11 additions and 7 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      muk_security/__manifest__.py
  2. 14
      muk_security/models/mixins_access_groups.py
  3. 2
      muk_security/security/ir.model.access.csv

2
muk_security/__manifest__.py
View File

@ -20,7 +20,7 @@
{
"name": "MuK Security",
"summary": """Security Features""",
"version": "12.0.1.2.6",
"version": "12.0.1.2.7",
"category": "Extra Tools",
"license": "AGPL-3",
"website": "http://www.mukit.at",

14
muk_security/models/mixins_access_groups.py
View File

@ -19,6 +19,8 @@
import logging
from collections import defaultdict
from odoo import _, models, api, fields, SUPERUSER_ID
from odoo.exceptions import AccessError
from odoo.osv import expression
@ -169,7 +171,7 @@ class AccessGroupsModel(models.AbstractModel):
group_ids = set(self.ids) - set(self._get_ids_without_access_groups(operation))
if group_ids:
sql_query = '''
SELECT perm_{operation}
SELECT r.aid, perm_{operation}
FROM {table}_complete_groups_rel r
JOIN muk_security_access_groups g ON r.gid = g.id
JOIN muk_security_access_groups_users_rel u ON r.gid = u.gid
@ -180,13 +182,15 @@ class AccessGroupsModel(models.AbstractModel):
ids=', '.join(map(lambda id: '(%s)' % id, group_ids)),
)
self.env.cr.execute(sql_query, [self.env.user.id])
result = self.env.cr.fetchall()
if len(result) < len(group_ids) or not any(list(map(lambda val: val[0], result))):
result = defaultdict(list)
for key, val in self.env.cr.fetchall():
result[key].append(val)
if len(result.keys()) < len(group_ids) or not all(list(map(lambda val: any(val), result.values()))):
raise AccessError(_(
'The requested operation cannot be completed due to security restrictions. '
'The requested operation cannot be completed due to group security restrictions. '
'Please contact your system administrator.\n\n(Document type: %s, Operation: %s)'
) % (self._description, operation))
@api.multi
def filter_access_groups(self, operation):
if self.env.user.id == SUPERUSER_ID or isinstance(self.env.uid, NoSecurityUid):

2
muk_security/security/ir.model.access.csv
View File

@ -1,3 +1,3 @@
id,name,model_id/id,group_id/id,perm_read,perm_write,perm_create,perm_unlink
access_security_access_groups_user,access_security_access_groups_user,model_muk_security_access_groups,base.group_user,1,1,1
access_security_access_groups_user,access_security_access_groups_user,model_muk_security_access_groups,base.group_user,1,1,1,1
Write Preview
Loading…
Cancel
Save