admin.suherdy/access_restriction_by_user
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: enforce access restrictions when allowed lists are empty and update field help messages to reflect this behavior.

Browse Source
This commit is contained in:
Suherdy Yacob 2026-01-06 09:02:57 +07:00
parent 6601b57833
commit 023fa4d544
4 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
models/__pycache__/res_users.cpython-312.pyc
View File

Binary file not shown.

BIN
models/__pycache__/restricted_models.cpython-312.pyc
View File

Binary file not shown.

10
models/res_users.py
View File

@ -9,7 +9,7 @@ class ResUsers(models.Model):
'user_id', 'user_id',
'warehouse_id', 'warehouse_id',
string="Allowed Warehouses", string="Allowed Warehouses",
help="Warehouses this user is allowed to access. Leave empty to allow all." help="Warehouses this user is allowed to access. Leave empty to restrict access to none."
) )
allowed_picking_type_ids = fields.Many2many( allowed_picking_type_ids = fields.Many2many(
@ -18,7 +18,7 @@ class ResUsers(models.Model):
'user_id', 'user_id',
'picking_type_id', 'picking_type_id',
string="Allowed Picking Types", string="Allowed Picking Types",
help="Picking Types this user is allowed to access. Leave empty to allow all." help="Picking Types this user is allowed to access. Leave empty to restrict access to none."
) )
allowed_location_ids = fields.Many2many( allowed_location_ids = fields.Many2many(
@ -27,7 +27,7 @@ class ResUsers(models.Model):
'user_id', 'user_id',
'location_id', 'location_id',
string="Allowed Locations", string="Allowed Locations",
help="Locations this user is allowed to access. Leave empty to allow all." help="Locations this user is allowed to access. Leave empty to restrict access to none."
) )
allowed_workcenter_ids = fields.Many2many( allowed_workcenter_ids = fields.Many2many(
@ -36,7 +36,7 @@ class ResUsers(models.Model):
'user_id', 'user_id',
'workcenter_id', 'workcenter_id',
string="Allowed Work Centers", string="Allowed Work Centers",
help="Work Centers this user is allowed to access. Leave empty to allow all." help="Work Centers this user is allowed to access. Leave empty to restrict access to none."
) )
allowed_approval_category_ids = fields.Many2many( allowed_approval_category_ids = fields.Many2many(
@ -45,5 +45,5 @@ class ResUsers(models.Model):
'user_id', 'user_id',
'category_id', 'category_id',
string="Allowed Approvals", string="Allowed Approvals",
help="Approval Categories this user is allowed to access. Leave empty to allow all." help="Approval Categories this user is allowed to access. Leave empty to restrict access to none."
) )

10
models/restricted_models.py
View File

@ -6,7 +6,7 @@ class StockWarehouse(models.Model):
@api.model @api.model
def _search(self, domain, offset=0, limit=None, order=None): def _search(self, domain, offset=0, limit=None, order=None):
if not self.env.su and self.env.user.allowed_warehouse_ids: if not self.env.su:
domain = expression.AND([domain or [], [('id', 'in', self.env.user.allowed_warehouse_ids.ids)]]) domain = expression.AND([domain or [], [('id', 'in', self.env.user.allowed_warehouse_ids.ids)]])
return super()._search(domain, offset=offset, limit=limit, order=order) return super()._search(domain, offset=offset, limit=limit, order=order)
@ -15,7 +15,7 @@ class StockPickingType(models.Model):
@api.model @api.model
def _search(self, domain, offset=0, limit=None, order=None): def _search(self, domain, offset=0, limit=None, order=None):
if not self.env.su and self.env.user.allowed_picking_type_ids: if not self.env.su:
domain = expression.AND([domain or [], [('id', 'in', self.env.user.allowed_picking_type_ids.ids)]]) domain = expression.AND([domain or [], [('id', 'in', self.env.user.allowed_picking_type_ids.ids)]])
return super()._search(domain, offset=offset, limit=limit, order=order) return super()._search(domain, offset=offset, limit=limit, order=order)
@ -24,7 +24,7 @@ class StockLocation(models.Model):
@api.model @api.model
def _search(self, domain, offset=0, limit=None, order=None): def _search(self, domain, offset=0, limit=None, order=None):
if not self.env.su and self.env.user.allowed_location_ids: if not self.env.su:
domain = expression.AND([domain or [], [('id', 'in', self.env.user.allowed_location_ids.ids)]]) domain = expression.AND([domain or [], [('id', 'in', self.env.user.allowed_location_ids.ids)]])
return super()._search(domain, offset=offset, limit=limit, order=order) return super()._search(domain, offset=offset, limit=limit, order=order)
@ -33,7 +33,7 @@ class MrpWorkcenter(models.Model):
@api.model @api.model
def _search(self, domain, offset=0, limit=None, order=None): def _search(self, domain, offset=0, limit=None, order=None):
if not self.env.su and self.env.user.allowed_workcenter_ids: if not self.env.su:
domain = expression.AND([domain or [], [('id', 'in', self.env.user.allowed_workcenter_ids.ids)]]) domain = expression.AND([domain or [], [('id', 'in', self.env.user.allowed_workcenter_ids.ids)]])
return super()._search(domain, offset=offset, limit=limit, order=order) return super()._search(domain, offset=offset, limit=limit, order=order)
@ -42,6 +42,6 @@ class ApprovalCategory(models.Model):
@api.model @api.model
def _search(self, domain, offset=0, limit=None, order=None): def _search(self, domain, offset=0, limit=None, order=None):
if not self.env.su and self.env.user.allowed_approval_category_ids: if not self.env.su:
domain = expression.AND([domain or [], [('id', 'in', self.env.user.allowed_approval_category_ids.ids)]]) domain = expression.AND([domain or [], [('id', 'in', self.env.user.allowed_approval_category_ids.ids)]])
return super()._search(domain, offset=offset, limit=limit, order=order) return super()._search(domain, offset=offset, limit=limit, order=order)