[FIX] osv_memory: fixed access rights for osv_memory: a user always has full access, but only to her own records, except the superuser
bzr revid: odo@openerp.com-20100805181458-gaq8f8rbp0xwyoy9
This commit is contained in:
parent
846f4cab75
commit
5fe9188615
|
@ -386,6 +386,12 @@ class ir_model_access(osv.osv):
|
|||
else:
|
||||
model_name = model
|
||||
|
||||
# osv_memory objects can be read by everyone, as they only return
|
||||
# results that belong to the current user (except for superuser)
|
||||
model_obj = self.pool.get(model_name)
|
||||
if isinstance(model_obj, osv.osv_memory):
|
||||
return True
|
||||
|
||||
# We check if a specific rule exists
|
||||
cr.execute('SELECT MAX(CASE WHEN perm_' + mode + ' THEN 1 ELSE 0 END) '
|
||||
' FROM ir_model_access a '
|
||||
|
|
|
@ -1769,7 +1769,7 @@ class orm_memory(orm_template):
|
|||
|
||||
def _check_access(self, uid, object_id, mode):
|
||||
if uid != 1 and self.datas[object_id]['internal.create_uid'] != uid:
|
||||
raise except_orm(_('AccessError'), '%s access is only allowed on your own records for osv_memory objects' % mode.capitalize())
|
||||
raise except_orm(_('AccessError'), '%s access is only allowed on your own records for osv_memory objects except for the super-user' % mode.capitalize())
|
||||
|
||||
def vaccum(self, cr, uid):
|
||||
self.check_id += 1
|
||||
|
@ -1963,10 +1963,11 @@ class orm_memory(orm_template):
|
|||
if not context:
|
||||
context = {}
|
||||
|
||||
# implicit filter on current user
|
||||
if not args:
|
||||
args = []
|
||||
args.insert(0, ('internal.create_uid', '=', user))
|
||||
# implicit filter on current user except for superuser
|
||||
if user != 1:
|
||||
if not args:
|
||||
args = []
|
||||
args.insert(0, ('internal.create_uid', '=', user))
|
||||
|
||||
result = self._where_calc(cr, user, args, context=context)
|
||||
if result==[]:
|
||||
|
|
Loading…
Reference in New Issue