[FIX] menu access rights + access rights improvements

bzr revid: fp@tinyerp.com-20100611125543-f1c911v16w2jhd83

bin/addons/base/ir/ir_ui_menu.py

@@ -68,15 +68,15 @@ class ir_ui_menu(osv.osv):
         self._cache = {}
 
     def search(self, cr, uid, args, offset=0, limit=None, order=None,
-               context=None, count=False):
+            context=None, count=False):
 
         super_offset = cond(uid == 1, offset, 0)
         super_limit = cond(uid == 1, limit, None)
         super_count = cond(uid == 1, count, False)
 
         ids = super(ir_ui_menu, self).search(cr, uid, args, super_offset,
-                                             super_limit, order,
-                                             context=context, count=super_count)
+            super_limit, order, context=context, count=super_count)
+
         if uid == 1:
             return ids
 
@@ -104,9 +104,9 @@ class ir_ui_menu(osv.osv):
                 restrict_to_groups = [g.id for g in menu.groups_id]
                 if not user_groups.intersection(restrict_to_groups):
                     continue
-                result.append(menu.id)
-                self._cache[key] = True
-                continue
+                #result.append(menu.id)
+                #self._cache[key] = True
+                #continue
 
             if menu.action:
                 # we check if the user has access to the action of the menu

bin/addons/base/ir/ir_values.py

@@ -233,11 +233,13 @@ class ir_values(osv.osv):
                         pos+=1
                 try:
                     datas = self.pool.get(model).read(cr, uid, [id], fields, context)
-                except except_orm:
+                except except_orm, e:
+                    print 'false 1',model,fields,e
                     return False
                 datas= datas and datas[0] or None
                 if not datas:
                     #ir_del(cr, uid, x[0])
+                    print 'false 2'
                     return False
             else:
                 datas = pickle.loads(str(x[2].encode('utf-8')))
@@ -246,8 +248,10 @@ class ir_values(osv.osv):
                 return (x[0],x[1],datas,meta2)
             return (x[0],x[1],datas)
         keys = []
+        print 'avant', result
         res = filter(bool, map(lambda x: _result_get(x, keys), list(result)))
         res2 = res[:]
+        print 'avant', res2
         for r in res:
             if type(r[2])==type({}) and 'type' in r[2]:
                 if r[2]['type'] in ('ir.actions.report.xml','ir.actions.act_window','ir.actions.wizard'):
@@ -263,6 +267,7 @@ class ir_values(osv.osv):
     #                else:
     #                    #raise osv.except_osv('Error !','You have not permission to perform operation !!!')
     #                    res2.remove(r)
+        print 'apres', res2
         return res2
 ir_values()
 

bin/addons/base/security/ir.model.access.csv

@@ -76,7 +76,7 @@
 "access_res_partner_som_group_user","res_partner_som group_user","model_res_partner_som","group_partner_manager",1,1,1,1
 "access_res_partner_som_group_partner_manager","res_partner_som group_partner_manager","model_res_partner_som","group_user",1,0,0,0
 "access_res_partner_title_group_user","res_partner_title group_user","model_res_partner_title","group_partner_manager",1,1,1,1
-"access_res_partner_title_group_partner_manager","res_partner_title group_partner_manager","model_res_partner_title","group_user",1,0,0,0
+"access_res_partner_title_group_partner_manager","res_partner_title group_partner_manager","model_res_partner_title",,1,0,0,0
 "access_res_request_group_user","res_request group_user","model_res_request",,1,1,1,1
 "access_res_request_history_group_user","res_request_history group_user","model_res_request_history",,1,1,1,1
 "access_res_request_link_group_system","res_request_link group_system","model_res_request_link","group_system",1,1,1,1