From f914c64c5f5a00b5489eed1f2073bdc358df66ed Mon Sep 17 00:00:00 2001
From: Suherdy Yacob <suherdy.yacob@mapan.co.id>
Date: Thu, 12 Feb 2026 16:23:17 +0700
Subject: [PATCH] feat: Re-enable user restrictions for stock picking types and
 introduce purchase order bypass for confirmation and approval.

---
 models/__init__.py          |  1 +
 models/purchase_order.py    | 10 ++++++++++
 models/restricted_models.py | 18 +++++++++---------
 3 files changed, 20 insertions(+), 9 deletions(-)
 create mode 100644 models/purchase_order.py

diff --git a/models/__init__.py b/models/__init__.py
index 97419cc..60a5ea5 100644
--- a/models/__init__.py
+++ b/models/__init__.py
@@ -7,3 +7,4 @@ from . import approval_request
 from . import procurement_group
 from . import stock_move
 from . import report_stock_quantity
+from . import purchase_order
diff --git a/models/purchase_order.py b/models/purchase_order.py
new file mode 100644
index 0000000..d18ac95
--- /dev/null
+++ b/models/purchase_order.py
@@ -0,0 +1,10 @@
+from odoo import models
+
+class PurchaseOrder(models.Model):
+    _inherit = 'purchase.order'
+
+    def button_confirm(self):
+        return super(PurchaseOrder, self.with_context(bypass_user_restriction=True)).button_confirm()
+
+    def button_approve(self, force=False):
+        return super(PurchaseOrder, self.with_context(bypass_user_restriction=True)).button_approve(force=force)
diff --git a/models/restricted_models.py b/models/restricted_models.py
index 074e1d0..1cfd635 100644
--- a/models/restricted_models.py
+++ b/models/restricted_models.py
@@ -26,15 +26,15 @@ class StockWarehouse(models.Model):
 class StockPickingType(models.Model):
     _inherit = 'stock.picking.type'
 
-    # @api.model
-    # def _search(self, domain, offset=0, limit=None, order=None, **kwargs):
-    #     if self.env.context.get('bypass_user_restriction'):
-    #         return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs)
-    #     if not self.env.su and not self.env.user.has_group('base.group_system'):
-    #         allowed_ids = get_allowed_ids(self.env, 'res_users_stock_picking_type_rel', 'picking_type_id', self.env.user.id)
-    #         if allowed_ids:
-    #             domain = Domain(domain or []) & Domain([('id', 'in', allowed_ids)])
-    #     return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs)
+    @api.model
+    def _search(self, domain, offset=0, limit=None, order=None, **kwargs):
+        if self.env.context.get('bypass_user_restriction'):
+            return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs)
+        if not self.env.su and not self.env.user.has_group('base.group_system'):
+            allowed_ids = get_allowed_ids(self.env, 'res_users_stock_picking_type_rel', 'picking_type_id', self.env.user.id)
+            if allowed_ids:
+                domain = Domain(domain or []) & Domain([('id', 'in', allowed_ids)])
+        return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs)