Compare commits
16 Commits
main
...
fix_mrp_ac
| Author | SHA1 | Date | |
|---|---|---|---|
| a338b24da3 | |||
| f914c64c5f | |||
| fa34513ecc | |||
| ebb4ea65db | |||
| 9dfecde29e | |||
| 172d6c1349 | |||
| 6ce00d0f2f | |||
| ea5a37bb70 | |||
| d32984dc04 | |||
| 4a228662a3 | |||
| 56f526abd6 | |||
| c347e6f4d1 | |||
| 7a0cf23df9 | |||
| 4eee218534 | |||
| 88494104cc | |||
| f3aa161807 |
37
.gitignore
vendored
Normal file
37
.gitignore
vendored
Normal file
@ -0,0 +1,37 @@
|
||||
# Python
|
||||
__pycache__/
|
||||
*.py[cod]
|
||||
*$py.class
|
||||
|
||||
# Distribution / packaging
|
||||
.Python
|
||||
build/
|
||||
develop-eggs/
|
||||
dist/
|
||||
downloads/
|
||||
eggs/
|
||||
.eggs/
|
||||
lib/
|
||||
lib64/
|
||||
parts/
|
||||
sdist/
|
||||
var/
|
||||
wheels/
|
||||
*.egg-info/
|
||||
.installed.cfg
|
||||
*.egg
|
||||
|
||||
# Odoo
|
||||
*.log
|
||||
.pylintrc
|
||||
.pylint.d/
|
||||
|
||||
# VS Code
|
||||
.vscode/
|
||||
|
||||
# PyCharm
|
||||
.idea/
|
||||
|
||||
# Translations
|
||||
*.pot
|
||||
*.po
|
||||
11
README.md
11
README.md
@ -10,6 +10,7 @@ Restrict visibility of the following records based on User configuration:
|
||||
* **Locations** (`stock.location`)
|
||||
* **Work Centers** (`mrp.workcenter`)
|
||||
* **Approval Categories** (`approval.category`)
|
||||
* **Quality Checks Button** (on Manufacturing Orders and Inventory Transfers)
|
||||
|
||||
## Configuration
|
||||
|
||||
@ -29,6 +30,16 @@ Restrict visibility of the following records based on User configuration:
|
||||
* **Populated List = Restricted**: If one or more records are added, the user will **ONLY** see those specific records.
|
||||
* **Superuser**: The Superuser (OdooBot) and administrators bypassing access rights are not affected by these restrictions.
|
||||
|
||||
## Quality Checks Button Restriction
|
||||
|
||||
The visibility of the "Quality Checks" and "Quality Alert" buttons on **Manufacturing Orders** and **Inventory Transfers** is controlled by a specific user setting.
|
||||
|
||||
To allow a user to see these buttons:
|
||||
1. Navigate to **Settings > Users & Companies > Users**.
|
||||
2. Enable the checkbox **"Is Allowed todo Quality Checks?"** in the **Access Restrictions** tab.
|
||||
|
||||
By default, this setting is unchecked, meaning users will **NOT** see these buttons unless explicitly allowed.
|
||||
|
||||
## Technical Details
|
||||
|
||||
This module overrides the `_search` method on the target models to apply a domain filter based on the current user's allowed list. This ensures consistency across views (list, kanban, many2one dropdowns) and avoids common issues associated with Record Rules.
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
{
|
||||
'name': 'Access Restriction By User',
|
||||
'version': '18.0.1.0.0',
|
||||
'version': '19.0.1.0.1',
|
||||
'summary': 'Restrict access to Warehouses, Picking Types, Locations, Work Centers, and Approvals by User',
|
||||
'description': """
|
||||
Restricts visibility of:
|
||||
@ -16,12 +16,14 @@
|
||||
""",
|
||||
'category': 'Extra Tools',
|
||||
'author': 'Suherdy Yacob',
|
||||
'depends': ['base', 'stock', 'mrp', 'approvals', 'stock_account', 'sale'],
|
||||
'depends': ['base', 'stock', 'mrp', 'approvals', 'stock_account', 'sale', 'quality_mrp'],
|
||||
'data': [
|
||||
'security/ir.model.access.csv',
|
||||
'security/ir_rule.xml',
|
||||
'security/ir_actions_act_window.xml',
|
||||
'views/res_users_views.xml',
|
||||
'views/mrp_production_v19.xml',
|
||||
'views/stock_picking_v19.xml',
|
||||
],
|
||||
'installable': True,
|
||||
'application': False,
|
||||
|
||||
Binary file not shown.
@ -1,4 +1,12 @@
|
||||
from . import res_users
|
||||
from . import restricted_models
|
||||
from . import sale_order
|
||||
|
||||
from . import mrp_production
|
||||
from . import stock_picking
|
||||
from . import mrp_consumption_warning
|
||||
from . import mrp_production_backorder
|
||||
from . import approval_request
|
||||
from . import procurement_group
|
||||
from . import stock_move
|
||||
from . import report_stock_quantity
|
||||
from . import purchase_order
|
||||
|
||||
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
40
models/approval_request.py
Normal file
40
models/approval_request.py
Normal file
@ -0,0 +1,40 @@
|
||||
from odoo import models, api
|
||||
from odoo.fields import Domain
|
||||
|
||||
def get_allowed_ids(env, table_name, col_name, user_id):
|
||||
# Use SQL to avoid ORM recursion or self-filtering issues
|
||||
query = f"SELECT {col_name} FROM {table_name} WHERE user_id = %s"
|
||||
env.cr.execute(query, (user_id,))
|
||||
return [r[0] for r in env.cr.fetchall()]
|
||||
|
||||
class ApprovalCategory(models.Model):
|
||||
_inherit = 'approval.category'
|
||||
|
||||
@api.model
|
||||
def _search(self, domain, offset=0, limit=None, order=None, **kwargs):
|
||||
if self.env.context.get('bypass_user_restriction'):
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs)
|
||||
if not self.env.su and not self.env.user.has_group('base.group_system'):
|
||||
allowed_ids = get_allowed_ids(self.env, 'res_users_approval_category_rel', 'category_id', self.env.user.id)
|
||||
if allowed_ids:
|
||||
domain = list(Domain(domain or []) & Domain([('id', 'in', allowed_ids)]))
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs)
|
||||
|
||||
class ApprovalRequest(models.Model):
|
||||
_inherit = 'approval.request'
|
||||
|
||||
@api.model
|
||||
def _search(self, domain, offset=0, limit=None, order=None, **kwargs):
|
||||
if self.env.context.get('bypass_user_restriction'):
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs)
|
||||
if not self.env.su and not self.env.user.has_group('base.group_system'):
|
||||
allowed_category_ids = get_allowed_ids(self.env, 'res_users_approval_category_rel', 'category_id', self.env.user.id)
|
||||
if allowed_category_ids:
|
||||
domain = list(Domain(domain or []) & Domain([('category_id', 'in', allowed_category_ids)]))
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs)
|
||||
|
||||
def action_confirm(self):
|
||||
return super(ApprovalRequest, self.with_context(bypass_user_restriction=True)).action_confirm()
|
||||
|
||||
def action_approve(self):
|
||||
return super(ApprovalRequest, self.with_context(bypass_user_restriction=True)).action_approve()
|
||||
10
models/mrp_consumption_warning.py
Normal file
10
models/mrp_consumption_warning.py
Normal file
@ -0,0 +1,10 @@
|
||||
from odoo import models
|
||||
|
||||
class MrpConsumptionWarning(models.TransientModel):
|
||||
_inherit = 'mrp.consumption.warning'
|
||||
|
||||
def action_confirm(self):
|
||||
return super(MrpConsumptionWarning, self.with_context(bypass_user_restriction=True)).action_confirm()
|
||||
|
||||
def action_set_qty(self):
|
||||
return super(MrpConsumptionWarning, self.with_context(bypass_user_restriction=True)).action_set_qty()
|
||||
21
models/mrp_production.py
Normal file
21
models/mrp_production.py
Normal file
@ -0,0 +1,21 @@
|
||||
from odoo import models, fields, api
|
||||
|
||||
class MrpProduction(models.Model):
|
||||
_inherit = 'mrp.production'
|
||||
|
||||
hide_quality_check_button = fields.Boolean(compute='_compute_hide_quality_check_button')
|
||||
|
||||
@api.depends_context('uid')
|
||||
def _compute_hide_quality_check_button(self):
|
||||
for record in self:
|
||||
record.hide_quality_check_button = not self.env.user.allowed_quality_checks
|
||||
|
||||
def action_confirm(self):
|
||||
return super(MrpProduction, self.with_context(bypass_user_restriction=True)).action_confirm()
|
||||
|
||||
def button_mark_done(self):
|
||||
return super(MrpProduction, self.with_context(bypass_user_restriction=True)).button_mark_done()
|
||||
|
||||
@api.model_create_multi
|
||||
def create(self, vals_list):
|
||||
return super(MrpProduction, self.with_context(bypass_user_restriction=True)).create(vals_list)
|
||||
10
models/mrp_production_backorder.py
Normal file
10
models/mrp_production_backorder.py
Normal file
@ -0,0 +1,10 @@
|
||||
from odoo import models
|
||||
|
||||
class MrpProductionBackorder(models.TransientModel):
|
||||
_inherit = 'mrp.production.backorder'
|
||||
|
||||
def action_backorder(self):
|
||||
return super(MrpProductionBackorder, self.with_context(bypass_user_restriction=True)).action_backorder()
|
||||
|
||||
def action_close_mo(self):
|
||||
return super(MrpProductionBackorder, self.with_context(bypass_user_restriction=True)).action_close_mo()
|
||||
8
models/procurement_group.py
Normal file
8
models/procurement_group.py
Normal file
@ -0,0 +1,8 @@
|
||||
from odoo import models, api
|
||||
|
||||
class StockRule(models.Model):
|
||||
_inherit = 'stock.rule'
|
||||
|
||||
@api.model
|
||||
def run(self, procurements, raise_user_error=True):
|
||||
return super(StockRule, self.with_context(bypass_user_restriction=True)).run(procurements, raise_user_error=raise_user_error)
|
||||
10
models/purchase_order.py
Normal file
10
models/purchase_order.py
Normal file
@ -0,0 +1,10 @@
|
||||
from odoo import models
|
||||
|
||||
class PurchaseOrder(models.Model):
|
||||
_inherit = 'purchase.order'
|
||||
|
||||
def button_confirm(self):
|
||||
return super(PurchaseOrder, self.with_context(bypass_user_restriction=True)).button_confirm()
|
||||
|
||||
def button_approve(self, force=False):
|
||||
return super(PurchaseOrder, self.with_context(bypass_user_restriction=True)).button_approve(force=force)
|
||||
23
models/report_stock_quantity.py
Normal file
23
models/report_stock_quantity.py
Normal file
@ -0,0 +1,23 @@
|
||||
from odoo import models, api
|
||||
from odoo.osv import expression
|
||||
|
||||
class ReportStockQuantity(models.Model):
|
||||
_inherit = 'report.stock.quantity'
|
||||
|
||||
@api.model
|
||||
def _search(self, domain, offset=0, limit=None, order=None, **kwargs):
|
||||
user = self.env.user
|
||||
# START Custom Restriction Logic
|
||||
# Bylass for System admins or explicit bypass context
|
||||
if not user.has_group('base.group_system') and not self.env.context.get('bypass_user_restriction'):
|
||||
allowed_wh = user.allowed_warehouse_ids | user.allowed_location_ids.warehouse_id
|
||||
# If user has specific allowed warehouses/locations, restrict report
|
||||
if allowed_wh:
|
||||
domain = expression.AND([domain, [('warehouse_id', 'in', allowed_wh.ids)]])
|
||||
|
||||
# Note: If allowed_wh is empty but allowed_location_ids is NOT empty, it means
|
||||
# the allowed locations don't belong to any warehouse (unlikely) or just user config issue.
|
||||
# If BOTH are empty, we fall back to standard access (All).
|
||||
# END Custom Restriction Logic
|
||||
|
||||
return super()._search(domain, offset, limit, order, **kwargs)
|
||||
@ -47,3 +47,10 @@ class ResUsers(models.Model):
|
||||
string="Allowed Approvals",
|
||||
help="Approval Categories this user is allowed to access. Leave empty to restrict access to none."
|
||||
)
|
||||
|
||||
allowed_quality_checks = fields.Boolean(
|
||||
string="Is Allowed todo Quality Checks?",
|
||||
default=False,
|
||||
help="If checked, this user can see the Quality Checks button on Manufacturing Orders.",
|
||||
prefetch=False,
|
||||
)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
import logging
|
||||
from odoo import models, api
|
||||
from odoo.osv import expression
|
||||
from odoo.fields import Domain
|
||||
|
||||
_logger = logging.getLogger(__name__)
|
||||
|
||||
@ -14,82 +14,42 @@ class StockWarehouse(models.Model):
|
||||
_inherit = 'stock.warehouse'
|
||||
|
||||
@api.model
|
||||
def _search(self, domain, offset=0, limit=None, order=None):
|
||||
def _search(self, domain, offset=0, limit=None, order=None, **kwargs):
|
||||
if self.env.context.get('bypass_user_restriction'):
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order)
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs)
|
||||
if not self.env.su and not self.env.user.has_group('base.group_system'):
|
||||
allowed_ids = get_allowed_ids(self.env, 'res_users_stock_warehouse_rel', 'warehouse_id', self.env.user.id)
|
||||
if allowed_ids:
|
||||
domain = expression.AND([domain or [], [('id', 'in', allowed_ids)]])
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order)
|
||||
domain = Domain(domain or []) & Domain([('id', 'in', allowed_ids)])
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs)
|
||||
|
||||
class StockPickingType(models.Model):
|
||||
_inherit = 'stock.picking.type'
|
||||
|
||||
@api.model
|
||||
def _search(self, domain, offset=0, limit=None, order=None):
|
||||
def _search(self, domain, offset=0, limit=None, order=None, **kwargs):
|
||||
if self.env.context.get('bypass_user_restriction'):
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order)
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs)
|
||||
if not self.env.su and not self.env.user.has_group('base.group_system'):
|
||||
allowed_ids = get_allowed_ids(self.env, 'res_users_stock_picking_type_rel', 'picking_type_id', self.env.user.id)
|
||||
if allowed_ids:
|
||||
domain = expression.AND([domain or [], [('id', 'in', allowed_ids)]])
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order)
|
||||
domain = Domain(domain or []) & Domain([('id', 'in', allowed_ids)])
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs)
|
||||
|
||||
|
||||
|
||||
class StockLocation(models.Model):
|
||||
_inherit = 'stock.location'
|
||||
|
||||
@api.model
|
||||
def _search(self, domain, offset=0, limit=None, order=None):
|
||||
if self.env.context.get('bypass_user_restriction'):
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order)
|
||||
if not self.env.su and not self.env.user.has_group('base.group_system'):
|
||||
allowed_ids = get_allowed_ids(self.env, 'res_users_stock_location_rel', 'location_id', self.env.user.id)
|
||||
if allowed_ids:
|
||||
restrict_domain = [
|
||||
'|', '|',
|
||||
('id', 'parent_of', allowed_ids),
|
||||
('id', 'child_of', allowed_ids),
|
||||
('usage', 'not in', ['internal', 'transit'])
|
||||
]
|
||||
domain = expression.AND([domain or [], restrict_domain])
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order)
|
||||
|
||||
class MrpWorkcenter(models.Model):
|
||||
_inherit = 'mrp.workcenter'
|
||||
|
||||
@api.model
|
||||
def _search(self, domain, offset=0, limit=None, order=None):
|
||||
if self.env.context.get('bypass_user_restriction'):
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order)
|
||||
if not self.env.su and not self.env.user.has_group('base.group_system'):
|
||||
allowed_ids = get_allowed_ids(self.env, 'res_users_mrp_workcenter_rel', 'workcenter_id', self.env.user.id)
|
||||
if allowed_ids:
|
||||
domain = expression.AND([domain or [], [('id', 'in', allowed_ids)]])
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order)
|
||||
# @api.model
|
||||
# def _search(self, domain, offset=0, limit=None, order=None, **kwargs):
|
||||
# if self.env.context.get('bypass_user_restriction'):
|
||||
# return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs)
|
||||
# if not self.env.su and not self.env.user.has_group('base.group_system'):
|
||||
# allowed_ids = get_allowed_ids(self.env, 'res_users_mrp_workcenter_rel', 'workcenter_id', self.env.user.id)
|
||||
# if allowed_ids:
|
||||
# domain = Domain(domain or []) & Domain([('id', 'in', allowed_ids)])
|
||||
# return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs)
|
||||
|
||||
class ApprovalCategory(models.Model):
|
||||
_inherit = 'approval.category'
|
||||
|
||||
@api.model
|
||||
def _search(self, domain, offset=0, limit=None, order=None):
|
||||
if self.env.context.get('bypass_user_restriction'):
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order)
|
||||
if not self.env.su and not self.env.user.has_group('base.group_system'):
|
||||
allowed_ids = get_allowed_ids(self.env, 'res_users_approval_category_rel', 'category_id', self.env.user.id)
|
||||
if allowed_ids:
|
||||
domain = expression.AND([domain or [], [('id', 'in', allowed_ids)]])
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order)
|
||||
|
||||
class ApprovalRequest(models.Model):
|
||||
_inherit = 'approval.request'
|
||||
|
||||
@api.model
|
||||
def _search(self, domain, offset=0, limit=None, order=None):
|
||||
if self.env.context.get('bypass_user_restriction'):
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order)
|
||||
if not self.env.su and not self.env.user.has_group('base.group_system'):
|
||||
allowed_category_ids = get_allowed_ids(self.env, 'res_users_approval_category_rel', 'category_id', self.env.user.id)
|
||||
if allowed_category_ids:
|
||||
domain = expression.AND([domain or [], [('category_id', 'in', allowed_category_ids)]])
|
||||
return super()._search(domain, offset=offset, limit=limit, order=order)
|
||||
|
||||
@ -4,4 +4,10 @@ class SaleOrder(models.Model):
|
||||
_inherit = 'sale.order'
|
||||
|
||||
def action_confirm(self):
|
||||
return super(SaleOrder, self.with_context(bypass_user_restriction=True)).action_confirm()
|
||||
return super(SaleOrder, self.sudo()).action_confirm()
|
||||
|
||||
def _action_confirm(self):
|
||||
return super(SaleOrder, self.sudo())._action_confirm()
|
||||
|
||||
def _action_launch_stock_rule(self, previous_product_uom_qty=False):
|
||||
return super(SaleOrder, self.sudo())._action_launch_stock_rule(previous_product_uom_qty=previous_product_uom_qty)
|
||||
|
||||
8
models/stock_move.py
Normal file
8
models/stock_move.py
Normal file
@ -0,0 +1,8 @@
|
||||
from odoo import models, api
|
||||
|
||||
class StockMove(models.Model):
|
||||
_inherit = 'stock.move'
|
||||
|
||||
@api.model_create_multi
|
||||
def create(self, vals_list):
|
||||
return super(StockMove, self.with_context(bypass_user_restriction=True)).create(vals_list)
|
||||
21
models/stock_picking.py
Normal file
21
models/stock_picking.py
Normal file
@ -0,0 +1,21 @@
|
||||
from odoo import models, fields, api
|
||||
|
||||
class StockPicking(models.Model):
|
||||
_inherit = 'stock.picking'
|
||||
|
||||
hide_quality_check_button = fields.Boolean(compute='_compute_hide_quality_check_button')
|
||||
|
||||
@api.depends_context('uid')
|
||||
def _compute_hide_quality_check_button(self):
|
||||
for record in self:
|
||||
record.hide_quality_check_button = not self.env.user.allowed_quality_checks
|
||||
|
||||
def action_confirm(self):
|
||||
return super(StockPicking, self.with_context(bypass_user_restriction=True)).action_confirm()
|
||||
|
||||
def button_validate(self):
|
||||
return super(StockPicking, self.with_context(bypass_user_restriction=True)).button_validate()
|
||||
|
||||
@api.model_create_multi
|
||||
def create(self, vals_list):
|
||||
return super(StockPicking, self.with_context(bypass_user_restriction=True)).create(vals_list)
|
||||
@ -1,2 +1,2 @@
|
||||
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
|
||||
access_stock_valuation_layer_internal_user,stock.valuation.layer.internal.user,stock_account.model_stock_valuation_layer,base.group_user,1,0,0,0
|
||||
|
||||
|
||||
|
@ -1,96 +1,129 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<odoo>
|
||||
<data>
|
||||
<!-- Permissive Rules to allow Read access, avoiding Access Errors.
|
||||
Actual visibility restriction is handled by _search method in models/restricted_models.py. -->
|
||||
<!--
|
||||
RESTRICTIVE RULES
|
||||
These rules restrict access based on User's allowed fields.
|
||||
They include a context check 'bypass_user_restriction' to allow system/sudo operations to pass if needed.
|
||||
-->
|
||||
|
||||
<record id="stock_warehouse_permissive_rule" model="ir.rule">
|
||||
<field name="name">Stock Warehouse Permissive Access</field>
|
||||
<!-- Stock Warehouse -->
|
||||
<record id="stock_warehouse_allowed_rule" model="ir.rule">
|
||||
<field name="name">Stock Warehouse Allowed Access</field>
|
||||
<field name="model_id" ref="stock.model_stock_warehouse"/>
|
||||
<field name="groups" eval="[(4, ref('base.group_user'))]"/>
|
||||
<field name="domain_force">[(1, '=', 1)]</field>
|
||||
<field name="perm_read" eval="True"/>
|
||||
<field name="perm_write" eval="False"/>
|
||||
<field name="perm_create" eval="False"/>
|
||||
<field name="perm_unlink" eval="False"/>
|
||||
<field name="domain_force">
|
||||
(
|
||||
[(1, '=', 1)] if user.env.context.get('bypass_user_restriction') or user.has_group('base.group_system') else
|
||||
[('id', 'in', user.allowed_warehouse_ids.ids)] if user.allowed_warehouse_ids else [(1, '=', 1)]
|
||||
)
|
||||
</field>
|
||||
</record>
|
||||
|
||||
<record id="stock_picking_type_permissive_rule" model="ir.rule">
|
||||
<field name="name">Stock Picking Type Permissive Access</field>
|
||||
<!-- Stock Picking Type -->
|
||||
<record id="stock_picking_type_allowed_rule" model="ir.rule">
|
||||
<field name="name">Stock Picking Type Allowed Access</field>
|
||||
<field name="model_id" ref="stock.model_stock_picking_type"/>
|
||||
<field name="groups" eval="[(4, ref('base.group_user'))]"/>
|
||||
<field name="domain_force">[(1, '=', 1)]</field>
|
||||
<field name="perm_read" eval="True"/>
|
||||
<field name="perm_write" eval="False"/>
|
||||
<field name="perm_create" eval="False"/>
|
||||
<field name="perm_unlink" eval="False"/>
|
||||
<field name="domain_force">
|
||||
(
|
||||
[(1, '=', 1)] if user.env.context.get('bypass_user_restriction') or user.has_group('base.group_system') else
|
||||
['|', ('id', 'in', user.allowed_picking_type_ids.ids), ('warehouse_id', 'in', (user.allowed_warehouse_ids + user.allowed_location_ids.warehouse_id).ids)] if (user.allowed_picking_type_ids or user.allowed_warehouse_ids or user.allowed_location_ids) else [(1, '=', 1)]
|
||||
)
|
||||
</field>
|
||||
</record>
|
||||
|
||||
<record id="stock_location_permissive_rule" model="ir.rule">
|
||||
<field name="name">Stock Location Permissive Access</field>
|
||||
<!-- Stock Location -->
|
||||
<record id="stock_location_allowed_rule" model="ir.rule">
|
||||
<field name="name">Stock Location Allowed Access</field>
|
||||
<field name="model_id" ref="stock.model_stock_location"/>
|
||||
<field name="groups" eval="[(4, ref('base.group_user'))]"/>
|
||||
<field name="domain_force">[(1, '=', 1)]</field>
|
||||
<field name="perm_read" eval="True"/>
|
||||
<field name="perm_write" eval="False"/>
|
||||
<field name="perm_create" eval="False"/>
|
||||
<field name="perm_unlink" eval="False"/>
|
||||
<field name="domain_force">
|
||||
(
|
||||
[(1, '=', 1)] if user.env.context.get('bypass_user_restriction') or user.has_group('base.group_system') else
|
||||
['|', '|', '|', ('id', 'in', user.allowed_location_ids.ids), ('id', 'child_of', user.allowed_location_ids.ids), ('id', 'parent_of', user.allowed_location_ids.ids), ('warehouse_id', 'in', (user.allowed_warehouse_ids + user.allowed_location_ids.warehouse_id).ids)] if (user.allowed_location_ids or user.allowed_warehouse_ids) else [(1, '=', 1)]
|
||||
)
|
||||
</field>
|
||||
</record>
|
||||
|
||||
<record id="mrp_workcenter_permissive_rule" model="ir.rule">
|
||||
<field name="name">MRP Workcenter Permissive Access</field>
|
||||
<field name="model_id" ref="mrp.model_mrp_workcenter"/>
|
||||
<field name="groups" eval="[(4, ref('base.group_user'))]"/>
|
||||
<field name="domain_force">[(1, '=', 1)]</field>
|
||||
<field name="perm_read" eval="True"/>
|
||||
<field name="perm_write" eval="False"/>
|
||||
<field name="perm_create" eval="False"/>
|
||||
<field name="perm_unlink" eval="False"/>
|
||||
</record>
|
||||
|
||||
<record id="approval_category_permissive_rule" model="ir.rule">
|
||||
<field name="name">Approval Category Permissive Access</field>
|
||||
<field name="model_id" ref="approvals.model_approval_category"/>
|
||||
<field name="groups" eval="[(4, ref('base.group_user'))]"/>
|
||||
<field name="domain_force">[(1, '=', 1)]</field>
|
||||
<field name="perm_read" eval="True"/>
|
||||
<field name="perm_write" eval="False"/>
|
||||
<field name="perm_create" eval="False"/>
|
||||
<field name="perm_unlink" eval="False"/>
|
||||
</record>
|
||||
|
||||
<!-- New rules to satisfy Inventory Reporting requirements -->
|
||||
<record id="stock_valuation_layer_permissive_rule" model="ir.rule">
|
||||
<field name="name">Stock Valuation Layer Permissive Access</field>
|
||||
<field name="model_id" ref="stock_account.model_stock_valuation_layer"/>
|
||||
<field name="groups" eval="[(4, ref('base.group_user'))]"/>
|
||||
<field name="domain_force">[(1, '=', 1)]</field>
|
||||
<field name="perm_read" eval="True"/>
|
||||
<field name="perm_write" eval="False"/>
|
||||
<field name="perm_create" eval="False"/>
|
||||
<field name="perm_unlink" eval="False"/>
|
||||
</record>
|
||||
|
||||
<record id="stock_quant_permissive_rule" model="ir.rule">
|
||||
<field name="name">Stock Quant Permissive Access</field>
|
||||
<!-- Stock Quant (The critical one for Reports) -->
|
||||
<record id="stock_quant_allowed_rule" model="ir.rule">
|
||||
<field name="name">Stock Quant Allowed Access</field>
|
||||
<field name="model_id" ref="stock.model_stock_quant"/>
|
||||
<field name="groups" eval="[(4, ref('base.group_user'))]"/>
|
||||
<field name="domain_force">[(1, '=', 1)]</field>
|
||||
<field name="perm_read" eval="True"/>
|
||||
<field name="perm_write" eval="False"/>
|
||||
<field name="perm_create" eval="False"/>
|
||||
<field name="perm_unlink" eval="False"/>
|
||||
<field name="domain_force">
|
||||
(
|
||||
[(1, '=', 1)] if user.env.context.get('bypass_user_restriction') or user.has_group('base.group_system') else
|
||||
['|', ('location_id', 'in', user.allowed_location_ids.ids), ('location_id', 'child_of', user.allowed_location_ids.ids)] if user.allowed_location_ids else [(1, '=', 1)]
|
||||
)
|
||||
</field>
|
||||
</record>
|
||||
|
||||
<record id="approval_request_permissive_rule" model="ir.rule">
|
||||
<field name="name">Approval Request Permissive Access</field>
|
||||
<field name="model_id" ref="approvals.model_approval_request"/>
|
||||
<!-- Stock Move -->
|
||||
<record id="stock_move_allowed_rule" model="ir.rule">
|
||||
<field name="name">Stock Move Allowed Access</field>
|
||||
<field name="model_id" ref="stock.model_stock_move"/>
|
||||
<field name="groups" eval="[(4, ref('base.group_user'))]"/>
|
||||
<field name="domain_force">[(1, '=', 1)]</field>
|
||||
<field name="perm_read" eval="True"/>
|
||||
<field name="perm_write" eval="False"/>
|
||||
<field name="perm_create" eval="False"/>
|
||||
<field name="perm_unlink" eval="False"/>
|
||||
<field name="domain_force">
|
||||
(
|
||||
[(1, '=', 1)] if user.env.context.get('bypass_user_restriction') or user.has_group('base.group_system') else
|
||||
['|', '|', ('location_id', 'in', user.allowed_location_ids.ids), ('location_id', 'child_of', user.allowed_location_ids.ids),
|
||||
'|', ('location_dest_id', 'in', user.allowed_location_ids.ids), ('location_dest_id', 'child_of', user.allowed_location_ids.ids)] if user.allowed_location_ids else [(1, '=', 1)]
|
||||
)
|
||||
</field>
|
||||
</record>
|
||||
|
||||
<!-- Stock Move Line -->
|
||||
<record id="stock_move_line_allowed_rule" model="ir.rule">
|
||||
<field name="name">Stock Move Line Allowed Access</field>
|
||||
<field name="model_id" ref="stock.model_stock_move_line"/>
|
||||
<field name="groups" eval="[(4, ref('base.group_user'))]"/>
|
||||
<field name="domain_force">
|
||||
(
|
||||
[(1, '=', 1)] if user.env.context.get('bypass_user_restriction') or user.has_group('base.group_system') else
|
||||
['|', '|', ('location_id', 'in', user.allowed_location_ids.ids), ('location_id', 'child_of', user.allowed_location_ids.ids),
|
||||
'|', ('location_dest_id', 'in', user.allowed_location_ids.ids), ('location_dest_id', 'child_of', user.allowed_location_ids.ids)] if user.allowed_location_ids else [(1, '=', 1)]
|
||||
)
|
||||
</field>
|
||||
</record>
|
||||
|
||||
<!-- MRP Workcenter -->
|
||||
<record id="mrp_workcenter_allowed_rule" model="ir.rule">
|
||||
<field name="name">MRP Workcenter Allowed Access</field>
|
||||
<field name="model_id" ref="mrp.model_mrp_workcenter"/>
|
||||
<field name="groups" eval="[(4, ref('base.group_user'))]"/>
|
||||
<field name="domain_force">
|
||||
(
|
||||
[(1, '=', 1)] if user.env.context.get('bypass_user_restriction') or user.has_group('base.group_system') else
|
||||
[('id', 'in', user.allowed_workcenter_ids.ids)] if user.allowed_workcenter_ids else [(1, '=', 1)]
|
||||
)
|
||||
</field>
|
||||
</record>
|
||||
|
||||
<!-- Approval Category -->
|
||||
<record id="approval_category_allowed_rule" model="ir.rule">
|
||||
<field name="name">Approval Category Allowed Access</field>
|
||||
<field name="model_id" ref="approvals.model_approval_category"/>
|
||||
<field name="groups" eval="[(4, ref('base.group_user'))]"/>
|
||||
<field name="domain_force">
|
||||
(
|
||||
[(1, '=', 1)] if user.env.context.get('bypass_user_restriction') or user.has_group('base.group_system') else
|
||||
[('id', 'in', user.allowed_approval_category_ids.ids)] if user.allowed_approval_category_ids else [(1, '=', 1)]
|
||||
)
|
||||
</field>
|
||||
</record>
|
||||
|
||||
<!-- Report Stock Quantity -->
|
||||
<record id="report_stock_quantity_allowed_rule" model="ir.rule">
|
||||
<field name="name">Report Stock Quantity Allowed Access</field>
|
||||
<field name="model_id" ref="stock.model_report_stock_quantity"/>
|
||||
<field name="global" eval="True"/>
|
||||
<field name="domain_force">
|
||||
(
|
||||
[(1, '=', 1)] if user.env.context.get('bypass_user_restriction') or user.has_group('base.group_system') else
|
||||
[('warehouse_id', 'in', (user.allowed_warehouse_ids + user.allowed_location_ids.warehouse_id).ids)] if (user.allowed_warehouse_ids or user.allowed_location_ids) else [(1, '=', 1)]
|
||||
)
|
||||
</field>
|
||||
</record>
|
||||
|
||||
</data>
|
||||
|
||||
20
views/mrp_production_v19.xml
Normal file
20
views/mrp_production_v19.xml
Normal file
@ -0,0 +1,20 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<odoo>
|
||||
<record id="mrp_production_view_form_inherit_access_restriction_v19" model="ir.ui.view">
|
||||
<field name="name">mrp.production.view.form.inherit.access.restriction</field>
|
||||
<field name="model">mrp.production</field>
|
||||
<field name="priority">99999</field>
|
||||
<field name="inherit_id" ref="mrp.mrp_production_form_view"/>
|
||||
<field name="arch" type="xml">
|
||||
<sheet position="inside">
|
||||
<field name="hide_quality_check_button" invisible="1"/>
|
||||
</sheet>
|
||||
<xpath expr="//button[@name='check_quality']" position="attributes">
|
||||
<attribute name="invisible">hide_quality_check_button</attribute>
|
||||
</xpath>
|
||||
<xpath expr="//button[@name='button_quality_alert']" position="attributes">
|
||||
<attribute name="invisible">hide_quality_check_button</attribute>
|
||||
</xpath>
|
||||
</field>
|
||||
</record>
|
||||
</odoo>
|
||||
@ -16,6 +16,7 @@
|
||||
<group string="Manufacturing & others">
|
||||
<field name="allowed_workcenter_ids" widget="many2many_tags"/>
|
||||
<field name="allowed_approval_category_ids" widget="many2many_tags"/>
|
||||
<field name="allowed_quality_checks"/>
|
||||
</group>
|
||||
</group>
|
||||
</page>
|
||||
|
||||
20
views/stock_picking_v19.xml
Normal file
20
views/stock_picking_v19.xml
Normal file
@ -0,0 +1,20 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<odoo>
|
||||
<record id="stock_picking_view_form_inherit_access_restriction_v19" model="ir.ui.view">
|
||||
<field name="name">stock.picking.view.form.inherit.access.restriction</field>
|
||||
<field name="model">stock.picking</field>
|
||||
<field name="priority">1000</field>
|
||||
<field name="inherit_id" ref="stock.view_picking_form"/>
|
||||
<field name="arch" type="xml">
|
||||
<xpath expr="//sheet" position="inside">
|
||||
<field name="hide_quality_check_button" invisible="1"/>
|
||||
</xpath>
|
||||
<xpath expr="//button[@name='check_quality']" position="attributes">
|
||||
<attribute name="invisible">hide_quality_check_button</attribute>
|
||||
</xpath>
|
||||
<xpath expr="//button[@name='button_quality_alert']" position="attributes">
|
||||
<attribute name="invisible">hide_quality_check_button</attribute>
|
||||
</xpath>
|
||||
</field>
|
||||
</record>
|
||||
</odoo>
|
||||
Loading…
Reference in New Issue
Block a user