[FIX] base: attachment security for SUPERUSER
If the superuser is not in the group employee, we should nevertheless give him the access rights to attachments
This commit is contained in:
parent
1d9e5d727a
commit
57cf6f814b
|
@ -253,7 +253,7 @@ class ir_attachment(osv.osv):
|
|||
ima.check(cr, uid, model, mode)
|
||||
self.pool[model].check_access_rule(cr, uid, existing_ids, mode, context=context)
|
||||
if require_employee:
|
||||
if not self.pool['res.users'].has_group(cr, uid, 'base.group_user'):
|
||||
if not uid == SUPERUSER_ID and not self.pool['res.users'].has_group(cr, uid, 'base.group_user'):
|
||||
raise except_orm(_('Access Denied'), _("Sorry, you are not allowed to access this document."))
|
||||
|
||||
def _search(self, cr, uid, args, offset=0, limit=None, order=None, context=None, count=False, access_rights_uid=None):
|
||||
|
|
Loading…
Reference in New Issue