from odoo import models, api from odoo.fields import Domain def get_allowed_ids(env, table_name, col_name, user_id): # Use SQL to avoid ORM recursion or self-filtering issues query = f"SELECT {col_name} FROM {table_name} WHERE user_id = %s" env.cr.execute(query, (user_id,)) return [r[0] for r in env.cr.fetchall()] class ApprovalCategory(models.Model): _inherit = 'approval.category' @api.model def _search(self, domain, offset=0, limit=None, order=None, **kwargs): if self.env.context.get('bypass_user_restriction'): return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs) if not self.env.su and not self.env.user.has_group('base.group_system'): allowed_ids = get_allowed_ids(self.env, 'res_users_approval_category_rel', 'category_id', self.env.user.id) if allowed_ids: domain = list(Domain(domain or []) & Domain([('id', 'in', allowed_ids)])) return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs) class ApprovalRequest(models.Model): _inherit = 'approval.request' @api.model def _search(self, domain, offset=0, limit=None, order=None, **kwargs): if self.env.context.get('bypass_user_restriction'): return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs) if not self.env.su and not self.env.user.has_group('base.group_system'): allowed_category_ids = get_allowed_ids(self.env, 'res_users_approval_category_rel', 'category_id', self.env.user.id) if allowed_category_ids: domain = list(Domain(domain or []) & Domain([('category_id', 'in', allowed_category_ids)])) return super()._search(domain, offset=offset, limit=limit, order=order, **kwargs) def action_confirm(self): return super(ApprovalRequest, self.with_context(bypass_user_restriction=True)).action_confirm() def action_approve(self): return super(ApprovalRequest, self.with_context(bypass_user_restriction=True)).action_approve()