[FIX] same without record rules, python side
bzr revid: mat@openerp.com-20130722115106-b1uldamgbpisf84g
This commit is contained in:
parent
ca4cc04c68
commit
5480f2958e
|
@ -69,11 +69,17 @@ class document_file(osv.osv):
|
|||
]
|
||||
|
||||
def check(self, cr, uid, ids, mode, context=None, values=None):
|
||||
"""Check access wrt. res_model, relax the rule of ir.attachment parent
|
||||
With 'document' installed, everybody will have access to attachments of
|
||||
any resources they can *read*.
|
||||
"""
|
||||
return super(document_file, self).check(cr, uid, ids, mode='read', context=context, values=values)
|
||||
super(document_file, self).check(cr, uid, ids, mode, context=context, values=values)
|
||||
if ids:
|
||||
# use SQL to avoid recursive loop on read
|
||||
cr.execute('SELECT id, parent_id from ir_attachment WHERE id in %s', (tuple(ids),))
|
||||
|
||||
parent_ids = []
|
||||
for attach_id, attach_parent in cr.fetchall():
|
||||
if attach_parent:
|
||||
parent_ids.append(attach_parent)
|
||||
|
||||
self.pool.get('document.directory').check_access_rule(cr, uid, parent_ids, mode, context=context)
|
||||
|
||||
def search(self, cr, uid, args, offset=0, limit=None, order=None, context=None, count=False):
|
||||
# Grab ids, bypassing 'count'
|
||||
|
|
|
@ -37,56 +37,6 @@
|
|||
<field eval="0" name="perm_read"/>
|
||||
<field eval="1" name="perm_create"/>
|
||||
</record>
|
||||
|
||||
<record id="ir_rule_readpublicdocuments0" model="ir.rule">
|
||||
<field name="model_id" ref="base.model_ir_attachment"/>
|
||||
<field name="domain_force">[
|
||||
'|',
|
||||
'|',
|
||||
'|',
|
||||
('parent_id','=',False),
|
||||
('parent_id.group_ids','in',[g.id for g in user.groups_id]),
|
||||
('parent_id.user_id', '=', user.id),
|
||||
'&',
|
||||
('parent_id.user_id', '=', False),
|
||||
('parent_id.group_ids','=',False),
|
||||
'|',
|
||||
'|',
|
||||
('company_id','=',False),
|
||||
('company_id','child_of',[user.company_id.id]),
|
||||
('company_id.child_ids','child_of',[user.company_id.id])]
|
||||
</field>
|
||||
<field name="name">Read public documents</field>
|
||||
<field eval="0" name="global"/>
|
||||
<field eval="[(6,0,[ref('base.group_user')])]" name="groups"/>
|
||||
<field eval="0" name="perm_unlink"/>
|
||||
<field eval="0" name="perm_write"/>
|
||||
<field eval="1" name="perm_read"/>
|
||||
<field eval="0" name="perm_create"/>
|
||||
</record>
|
||||
|
||||
<record id="ir_rule_documentmodifyowndocuments0" model="ir.rule">
|
||||
<field name="model_id" ref="base.model_ir_attachment"/>
|
||||
<field name="domain_force">[
|
||||
'|',
|
||||
('parent_id.user_id', '=', user.id),
|
||||
'&',
|
||||
('parent_id.group_ids','in',[g.id for g in user.groups_id]),
|
||||
('parent_id.user_id','=',False),
|
||||
'|',
|
||||
'|',
|
||||
('company_id','=',False),
|
||||
('company_id','child_of',[user.company_id.id]),
|
||||
('company_id.child_ids','child_of',[user.company_id.id])]
|
||||
</field>
|
||||
<field name="name">Document modify own document</field>
|
||||
<field eval="0" name="global"/>
|
||||
<field eval="[(6,0,[ref('base.group_document_user')])]" name="groups"/>
|
||||
<field eval="1" name="perm_unlink"/>
|
||||
<field eval="1" name="perm_write"/>
|
||||
<field eval="0" name="perm_read"/>
|
||||
<field eval="1" name="perm_create"/>
|
||||
</record>
|
||||
|
||||
|
||||
</data>
|
||||
</openerp>
|
||||
|
|
Loading…
Reference in New Issue