[FIX] base: attachment security for SUPERUSER

If the superuser is not in the group employee, we should nevertheless give him the access rights to attachments
2015-01-30 15:30:25 +01:00 · 2015-01-30 15:30:25 +01:00 · 57cf6f814b
parent 1d9e5d727a
commit 57cf6f814b
1 changed files with 1 additions and 1 deletions
--- a/openerp/addons/base/ir/ir_attachment.py
+++ b/openerp/addons/base/ir/ir_attachment.py
@ -253,7 +253,7 @@ class ir_attachment(osv.osv):
            ima.check(cr, uid, model, mode)
            self.pool[model].check_access_rule(cr, uid, existing_ids, mode, context=context)
        if require_employee:
-            if not self.pool['res.users'].has_group(cr, uid, 'base.group_user'):
+            if not uid == SUPERUSER_ID and not self.pool['res.users'].has_group(cr, uid, 'base.group_user'):
                raise except_orm(_('Access Denied'), _("Sorry, you are not allowed to access this document."))

    def _search(self, cr, uid, args, offset=0, limit=None, order=None, context=None, count=False, access_rights_uid=None):