[FIX] mail: security: added read access on notifications.
bzr revid: tde@openerp.com-20120914161657-bst7gz4d3er1i2rl
This commit is contained in:
parent
f641508fe3
commit
55ec1211c0
|
@ -5,7 +5,7 @@ access_mail_mail_all,mail.mail.all,model_mail_mail,,0,0,1,0
|
|||
access_mail_mail_system,mail.mail.system,model_mail_mail,base.group_system,1,1,1,1
|
||||
access_mail_followers_all,mail.followers.all,model_mail_followers,,0,0,0,0
|
||||
access_mail_followers_system,mail.followers.system,model_mail_followers,base.group_system,1,1,1,1
|
||||
access_mail_notification_all,mail.notification.all,model_mail_notification,,0,0,0,0
|
||||
access_mail_notification_all,mail.notification.all,model_mail_notification,,1,0,0,0
|
||||
access_mail_notification_aystem,mail.notification.system,model_mail_notification,base.group_system,1,1,1,1
|
||||
access_mail_group_all,mail.group.all,model_mail_group,,1,0,0,0
|
||||
access_mail_group_user,mail.group.user,model_mail_group,base.group_user,1,1,1,1
|
||||
|
|
|
|
@ -10,5 +10,15 @@
|
|||
<field name="domain_force">['|', '|', ('public', '=', 'public'), ('message_follower_ids', 'in', [user.id]), '&', ('public','=','groups'), ('group_public_id','in', [x.id for x in user.groups_id])]</field>
|
||||
</record>
|
||||
|
||||
<!-- This rule can not be uncommented, because we have a more wide method in mail.message. When we implement a many2one_variable field, we will be able to uncomment this. -->
|
||||
<!-- <record id="mail_message_read_partner_or_author" model="ir.rule">
|
||||
<field name="name">mail.message: read if notified or author</field>
|
||||
<field name="model_id" ref="model_mail_message"/>
|
||||
<field name="domain_force">['|', ('partner_ids', 'in', user.partner_id.id), ('author_id', '=', user.partner_id.id)]</field>
|
||||
<field name="perm_create" eval="False"/>
|
||||
<field name="perm_write" eval="False"/>
|
||||
<field name="perm_unlink" eval="False"/>
|
||||
</record> -->
|
||||
|
||||
</data>
|
||||
</openerp>
|
||||
|
|
Loading…
Reference in New Issue