Odoo Server (MOVED TO GITHUB)

Merge lp:~openerp-dev/openobject-server/trunk-ui-access-rga into lp:openobject-server

  1. trunk-ui-access-rga
  2. Merge into trunk
Proposed by Harry (OpenERP)
Status: Needs review
Proposed branch: lp:~openerp-dev/openobject-server/trunk-ui-access-rga
Merge into: lp:openobject-server
Diff against target: 125 lines (+61/-1)
3 files modified
openerp/addons/base/ir/ir_ui_view.py (+5/-0)
openerp/addons/base/rng/view.rng (+2/-0)
openerp/addons/base/tests/test_acl.py (+54/-1)
To merge this branch: bzr merge lp:~openerp-dev/openobject-server/trunk-ui-access-rga
Reviewer Review Type Date Requested Status
OpenERP Core Team Pending
Review via email: mp+217226@code.launchpad.net
To post a comment you must log in.

Unmerged revisions

5023. By Ravi Gadhia (OpenERP)

[IMP] add flage 'can_create and 'can_write' in from view m2o field node soclient parse it according display create and create on popup autocomple list of m2o field

5022. By Ravi Gadhia (OpenERP)

[FIX] wrong resolve on previous merge

5021. By Ravi Gadhia (OpenERP)

Merge with trunk

5020. By RGA(OpenERP)

[IMP] for many2one and many2many field add 'can_create' and 'can_write' flage on field node based on it's relation model access right, and change field ui options based on those option ==>lp:~openerp-dev/openerp-web/trunk-ui-access-rga

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'openerp/addons/base/ir/ir_ui_view.py'
--- openerp/addons/base/ir/ir_ui_view.py 2014-04-22 14:46:51 +0000
+++ openerp/addons/base/ir/ir_ui_view.py 2014-04-25 12:36:52 +0000
@@ -554,6 +554,7 @@
554 fields = xfields554 fields = xfields
555 if node.get('name'):555 if node.get('name'):
556 attrs = {}556 attrs = {}
557 relation = None
557 try:558 try:
558 if node.get('name') in Model._columns:559 if node.get('name') in Model._columns:
559 column = Model._columns[node.get('name')]560 column = Model._columns[node.get('name')]
@@ -563,6 +564,7 @@
563 column = False564 column = False
564565
565 if column:566 if column:
567 relation = self.pool.get(column._obj)
566 children = False568 children = False
567 views = {}569 views = {}
568 for f in node:570 for f in node:
@@ -580,6 +582,9 @@
580582
581 field = model_fields.get(node.get('name'))583 field = model_fields.get(node.get('name'))
582 if field:584 if field:
585 if relation and field['type'] in ('many2one', 'many2many'):
586 for method in ['create', 'write']:
587 node.set('can_'+method, "%s" % relation.check_access_rights(cr, user, method, raise_exception=False))
583 orm.transfer_field_to_modifiers(field, modifiers)588 orm.transfer_field_to_modifiers(field, modifiers)
584589
585 elif node.tag in ('form', 'tree'):590 elif node.tag in ('form', 'tree'):
586591
=== modified file 'openerp/addons/base/rng/view.rng'
--- openerp/addons/base/rng/view.rng 2014-01-24 08:43:19 +0000
+++ openerp/addons/base/rng/view.rng 2014-04-25 12:36:52 +0000
@@ -590,6 +590,8 @@
590 <rng:optional><rng:attribute name="filters"/></rng:optional>590 <rng:optional><rng:attribute name="filters"/></rng:optional>
591 <rng:optional><rng:attribute name="statusbar_visible"/></rng:optional>591 <rng:optional><rng:attribute name="statusbar_visible"/></rng:optional>
592 <rng:optional><rng:attribute name="statusbar_colors"/></rng:optional>592 <rng:optional><rng:attribute name="statusbar_colors"/></rng:optional>
593 <rng:optional><rng:attribute name="can_create" /></rng:optional>
594 <rng:optional><rng:attribute name="can_write" /></rng:optional>
593 <rng:optional><rng:attribute name="interval" /></rng:optional>595 <rng:optional><rng:attribute name="interval" /></rng:optional>
594 <!-- Widget *static* options defined as an arbitrary JSON dict, with596 <!-- Widget *static* options defined as an arbitrary JSON dict, with
595 widget-dependent parameters. To be ignored if widget/client does597 widget-dependent parameters. To be ignored if widget/client does
596598
=== modified file 'openerp/addons/base/tests/test_acl.py'
--- openerp/addons/base/tests/test_acl.py 2014-02-09 00:37:45 +0000
+++ openerp/addons/base/tests/test_acl.py 2014-04-25 12:36:52 +0000
@@ -7,7 +7,8 @@
77
8# test group that demo user should not have8# test group that demo user should not have
9GROUP_TECHNICAL_FEATURES = 'base.group_no_one'9GROUP_TECHNICAL_FEATURES = 'base.group_no_one'
1010GROUP_ERP_MANAGER = 'base.group_erp_manager'
11GROUP_SYSTEM = 'base.group_system'
1112
12class TestACL(common.TransactionCase):13class TestACL(common.TransactionCase):
1314
@@ -16,9 +17,15 @@
16 self.res_currency = self.registry('res.currency')17 self.res_currency = self.registry('res.currency')
17 self.res_partner = self.registry('res.partner')18 self.res_partner = self.registry('res.partner')
18 self.res_users = self.registry('res.users')19 self.res_users = self.registry('res.users')
20 self.res_company = self.registry('res.company')
19 _, self.demo_uid = self.registry('ir.model.data').get_object_reference(self.cr, self.uid, 'base', 'user_demo')21 _, self.demo_uid = self.registry('ir.model.data').get_object_reference(self.cr, self.uid, 'base', 'user_demo')
20 self.tech_group = self.registry('ir.model.data').get_object(self.cr, self.uid,22 self.tech_group = self.registry('ir.model.data').get_object(self.cr, self.uid,
21 *(GROUP_TECHNICAL_FEATURES.split('.')))23 *(GROUP_TECHNICAL_FEATURES.split('.')))
24 self.erp_manager_group = self.registry('ir.model.data').get_object(self.cr, self.uid,
25 *(GROUP_ERP_MANAGER.split('.')))
26
27 self.erp_system_group = self.registry('ir.model.data').get_object(self.cr, self.uid,
28 *(GROUP_SYSTEM.split('.')))
2229
23 def test_field_visibility_restriction(self):30 def test_field_visibility_restriction(self):
24 """Check that model-level ``groups`` parameter effectively restricts access to that31 """Check that model-level ``groups`` parameter effectively restricts access to that
@@ -102,6 +109,52 @@
102 self.assertEqual(cm.exception.args[0], 'Access Denied')109 self.assertEqual(cm.exception.args[0], 'Access Denied')
103 finally:110 finally:
104 self.res_partner._columns['email'].groups = False111 self.res_partner._columns['email'].groups = False
112
113 def test_view_create_edit_button_visibility(self):
114 """Test form view Create, Edit, Delete button visibility based on access right of model"""
115 methods = ['create', 'edit', 'delete']
116
117 # For demo user check Create Edit and Delete button visibility as restricted group user
118 company_view = self.res_company.fields_view_get(self.cr, self.demo_uid, False, 'form')
119 view_arch = etree.fromstring(company_view['arch'])
120 for method in methods:
121 self.assertEqual(view_arch.get(method), 'false', "for `demo` user form view %s button should not visibile" % (method.capitalize()))
122
123 # Make demo user a member of the group_erp_manager(Access Rights) group and check button visibility
124 self.erp_manager_group.write({'users': [(4, self.demo_uid)]})
125 company_view = self.res_company.fields_view_get(self.cr, self.demo_uid, False, 'form')
126 view_arch = etree.fromstring(company_view['arch'])
127 for method in methods:
128 self.assertIsNone(view_arch.get(method), "for `demo` user form view %s button should visibile" % (method.capitalize()))
129
130 #cleanup
131 self.erp_manager_group.write({'users': [(3, self.demo_uid)]})
132
133 def test_m2o_field_create_edit_visibility(self):
134 """Test many2one field Create and Edit option visibility based on access rights of relation field"""
135 methods = ['create', 'write']
136
137 # For demo user check create & edit option visibility of many2one field as restricted group user
138 company_view = self.res_company.fields_view_get(self.cr, self.demo_uid, False, 'form')
139 view_arch = etree.fromstring(company_view['arch'])
140 field_node = view_arch.xpath("//field[@name='currency_id']")
141 self.assertTrue(len(field_node), "currency_id field should be in company from view")
142 currency_node = field_node[0]
143 for method in methods:
144 self.assertEqual(currency_node.get('can_'+method), 'False', "for 'demo' user, company form view currency_id m2o field should not display Create & Edit.. option")
145
146 # Make demo user a member of the system_group(Settings) group and check create & edit option visibility
147 self.erp_system_group.write({'users': [(4, self.demo_uid)]})
148 company_view = self.res_company.fields_view_get(self.cr, self.demo_uid, False, 'form')
149 view_arch = etree.fromstring(company_view['arch'])
150 field_node = view_arch.xpath("//field[@name='currency_id']")
151 self.assertTrue(len(field_node), "currency_id field should be in company from view")
152 currency_node = field_node[0]
153 for method in methods:
154 self.assertEqual(currency_node.get('can_'+method), '1', "for 'demo' user, company form view currency_id m2o field should display Create & Edit.. option")
155
156 #cleanup
157 self.erp_system_group.write({'users': [(3, self.demo_uid)]})
105158
106if __name__ == '__main__':159if __name__ == '__main__':
107 unittest2.main()160 unittest2.main()