feat: Add a new ir.rule to restrict access to MRP Routing Workcenters based on user permissions.

2026-03-10 09:59:49 +07:00 · 2026-03-10 09:59:49 +07:00 · 5b6a217b83
commit 5b6a217b83
parent 975f763672
1 changed files with 13 additions and 0 deletions
--- a/security/ir_rule.xml
+++ b/security/ir_rule.xml
@ -100,6 +100,19 @@
            </field>
        </record>

+        <!-- MRP Routing Workcenter (Operations) -->
+        <record id="mrp_routing_workcenter_allowed_rule" model="ir.rule">
+            <field name="name">MRP Routing Workcenter Allowed Access</field>
+            <field name="model_id" ref="mrp.model_mrp_routing_workcenter"/>
+            <field name="groups" eval="[(4, ref('base.group_user'))]"/>
+            <field name="domain_force">
+                (
+                [(1, '=', 1)] if user.env.context.get('bypass_user_restriction') or user.has_group('base.group_system') else
+                [('workcenter_id', 'in', user.sql_allowed_workcenter_ids())] if user.sql_allowed_workcenter_ids() else [(1, '=', 1)]
+                )
+            </field>
+        </record>
+        
        <!-- Approval Category -->
        <record id="approval_category_allowed_rule" model="ir.rule">
            <field name="name">Approval Category Allowed Access</field>