[FIX] base: attachment security for SUPERUSER
If the superuser is not in the group employee, we should nevertheless give him the access rights to attachments
This commit is contained in:
parent
1d9e5d727a
commit
57cf6f814b
|
@ -253,7 +253,7 @@ class ir_attachment(osv.osv):
|
||||||
ima.check(cr, uid, model, mode)
|
ima.check(cr, uid, model, mode)
|
||||||
self.pool[model].check_access_rule(cr, uid, existing_ids, mode, context=context)
|
self.pool[model].check_access_rule(cr, uid, existing_ids, mode, context=context)
|
||||||
if require_employee:
|
if require_employee:
|
||||||
if not self.pool['res.users'].has_group(cr, uid, 'base.group_user'):
|
if not uid == SUPERUSER_ID and not self.pool['res.users'].has_group(cr, uid, 'base.group_user'):
|
||||||
raise except_orm(_('Access Denied'), _("Sorry, you are not allowed to access this document."))
|
raise except_orm(_('Access Denied'), _("Sorry, you are not allowed to access this document."))
|
||||||
|
|
||||||
def _search(self, cr, uid, args, offset=0, limit=None, order=None, context=None, count=False, access_rights_uid=None):
|
def _search(self, cr, uid, args, offset=0, limit=None, order=None, context=None, count=False, access_rights_uid=None):
|
||||||
|
|
Loading…
Reference in New Issue