[FIX] pass the res_model and res_id (user who has hr/employee rights able to invite others.)
bzr revid: bth@tinyerp.com-20121204100651-3xg8q22uszm38gm0
This commit is contained in:
Bhumi Thakkar (Open ERP)
parent
a249acbbdd
commit
1c23e4c671
|
|
@ -580,10 +580,6 @@ class mail_message(osv.Model):
|
|||
model_record_ids = {}
|
||||
cr.execute('SELECT DISTINCT id, model, res_id, author_id FROM "%s" WHERE id = ANY (%%s)' % self._table, (ids,))
|
||||
for id, rmod, rid, author_id in cr.fetchall():
|
||||
if partner_id != author_id:
|
||||
raise orm.except_orm(_('Access Denied'),
|
||||
_('The requested operation cannot be completed due to security restrictions. Please contact your system administrator.\n\n(Document type: %s, Operation: %s)') % \
|
||||
(self._description, operation))
|
||||
message_values[id] = {'res_model': rmod, 'res_id': rid, 'author_id': author_id}
|
||||
if rmod:
|
||||
model_record_ids.setdefault(rmod, dict()).setdefault(rid, set()).add(id)
|
||||
|
|
@ -646,6 +642,9 @@ class mail_message(osv.Model):
|
|||
other_ids = other_ids - set(document_related_ids)
|
||||
if not other_ids:
|
||||
return
|
||||
raise orm.except_orm(_('Access Denied'),
|
||||
_('The requested operation cannot be completed due to security restrictions. Please contact your system administrator.\n\n(Document type: %s, Operation: %s)') % \
|
||||
(self._description, operation))
|
||||
|
||||
def create(self, cr, uid, values, context=None):
|
||||
if not values.get('message_id') and values.get('res_id') and values.get('model'):
|
||||
|
|
|
|||
|
|
@ -74,6 +74,8 @@ class invite_wizard(osv.osv_memory):
|
|||
for follower_id in new_follower_ids:
|
||||
mail_mail = self.pool.get('mail.mail')
|
||||
mail_id = mail_mail.create(cr, uid, {
|
||||
'model': wizard.res_model,
|
||||
'res_id': wizard.res_id,
|
||||
'subject': 'Invitation to follow %s' % document.name_get()[0][1],
|
||||
'body_html': '%s' % wizard.message,
|
||||
'auto_delete': True,
|
||||
|
|
|
|||
Loading…
Reference in New Issue