From 2cb7551460c1e86fed0d0d3037cae93fa659239a Mon Sep 17 00:00:00 2001 From: Suherdy Yacob Date: Fri, 20 Feb 2026 16:01:30 +0700 Subject: [PATCH] feat: enhance access rules for locations, quants, and stock moves to include warehouse restrictions and handle empty allowed location lists. --- security/ir_rule.xml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/security/ir_rule.xml b/security/ir_rule.xml index 44a08d9..c98f70c 100644 --- a/security/ir_rule.xml +++ b/security/ir_rule.xml @@ -41,7 +41,7 @@ ( [(1, '=', 1)] if user.env.context.get('bypass_user_restriction') or user.has_group('base.group_system') else - ['|', '|', '|', ('id', 'in', user.allowed_location_ids.ids), ('id', 'child_of', user.allowed_location_ids.ids), ('id', 'parent_of', user.allowed_location_ids.ids), ('warehouse_id', 'in', (user.allowed_warehouse_ids + user.allowed_location_ids.warehouse_id).ids)] if (user.allowed_location_ids or user.allowed_warehouse_ids) else [(1, '=', 1)] + ['|', ('usage', '!=', 'internal'), '|', '|', '|', ('id', 'in', user.allowed_location_ids.ids or [0]), ('id', 'child_of', user.allowed_location_ids.ids or [0]), ('id', 'parent_of', user.allowed_location_ids.ids or [0]), ('warehouse_id', 'in', (user.allowed_warehouse_ids + user.allowed_location_ids.warehouse_id).ids)] if (user.allowed_location_ids or user.allowed_warehouse_ids) else [(1, '=', 1)] ) @@ -54,7 +54,7 @@ ( [(1, '=', 1)] if user.env.context.get('bypass_user_restriction') or user.has_group('base.group_system') else - ['|', ('location_id', 'in', user.allowed_location_ids.ids), ('location_id', 'child_of', user.allowed_location_ids.ids)] if user.allowed_location_ids else [(1, '=', 1)] + ['|', '|', ('location_id', 'in', user.allowed_location_ids.ids or [0]), ('location_id', 'child_of', user.allowed_location_ids.ids or [0]), ('location_id.warehouse_id', 'in', (user.allowed_warehouse_ids + user.allowed_location_ids.warehouse_id).ids)] if (user.allowed_location_ids or user.allowed_warehouse_ids) else [(1, '=', 1)] ) @@ -67,8 +67,8 @@ ( [(1, '=', 1)] if user.env.context.get('bypass_user_restriction') or user.has_group('base.group_system') else - ['|', '|', ('location_id', 'in', user.allowed_location_ids.ids), ('location_id', 'child_of', user.allowed_location_ids.ids), - '|', ('location_dest_id', 'in', user.allowed_location_ids.ids), ('location_dest_id', 'child_of', user.allowed_location_ids.ids)] if user.allowed_location_ids else [(1, '=', 1)] + ['|', '|', '|', ('location_id', 'in', user.allowed_location_ids.ids or [0]), ('location_id', 'child_of', user.allowed_location_ids.ids or [0]), ('location_id.warehouse_id', 'in', (user.allowed_warehouse_ids + user.allowed_location_ids.warehouse_id).ids), + '|', '|', ('location_dest_id', 'in', user.allowed_location_ids.ids or [0]), ('location_dest_id', 'child_of', user.allowed_location_ids.ids or [0]), ('location_dest_id.warehouse_id', 'in', (user.allowed_warehouse_ids + user.allowed_location_ids.warehouse_id).ids)] if (user.allowed_location_ids or user.allowed_warehouse_ids) else [(1, '=', 1)] ) @@ -81,8 +81,8 @@ ( [(1, '=', 1)] if user.env.context.get('bypass_user_restriction') or user.has_group('base.group_system') else - ['|', '|', ('location_id', 'in', user.allowed_location_ids.ids), ('location_id', 'child_of', user.allowed_location_ids.ids), - '|', ('location_dest_id', 'in', user.allowed_location_ids.ids), ('location_dest_id', 'child_of', user.allowed_location_ids.ids)] if user.allowed_location_ids else [(1, '=', 1)] + ['|', '|', '|', ('location_id', 'in', user.allowed_location_ids.ids or [0]), ('location_id', 'child_of', user.allowed_location_ids.ids or [0]), ('location_id.warehouse_id', 'in', (user.allowed_warehouse_ids + user.allowed_location_ids.warehouse_id).ids), + '|', '|', ('location_dest_id', 'in', user.allowed_location_ids.ids or [0]), ('location_dest_id', 'child_of', user.allowed_location_ids.ids or [0]), ('location_dest_id.warehouse_id', 'in', (user.allowed_warehouse_ids + user.allowed_location_ids.warehouse_id).ids)] if (user.allowed_location_ids or user.allowed_warehouse_ids) else [(1, '=', 1)] )