[FIX] osv_memory: fixed access rights for osv_memory: a user always has full access, but only to her own records, except the superuser

bzr revid: odo@openerp.com-20100805181458-gaq8f8rbp0xwyoy9

bin/addons/base/ir/ir_model.py

@@ -386,6 +386,12 @@ class ir_model_access(osv.osv):
         else:
             model_name = model
 
+        # osv_memory objects can be read by everyone, as they only return
+        # results that belong to the current user (except for superuser)
+        model_obj = self.pool.get(model_name)
+        if isinstance(model_obj, osv.osv_memory):
+            return True
+
         # We check if a specific rule exists
         cr.execute('SELECT MAX(CASE WHEN perm_' + mode + ' THEN 1 ELSE 0 END) '
                    '  FROM ir_model_access a '

bin/osv/orm.py

@@ -1769,7 +1769,7 @@ class orm_memory(orm_template):
 
     def _check_access(self, uid, object_id, mode):
         if uid != 1 and self.datas[object_id]['internal.create_uid'] != uid:
-            raise except_orm(_('AccessError'), '%s access is only allowed on your own records for osv_memory objects' % mode.capitalize())
+            raise except_orm(_('AccessError'), '%s access is only allowed on your own records for osv_memory objects except for the super-user' % mode.capitalize())
 
     def vaccum(self, cr, uid):
         self.check_id += 1
@@ -1963,10 +1963,11 @@ class orm_memory(orm_template):
         if not context:
             context = {}
 
-        # implicit filter on current user
-        if not args:
-            args = []
-        args.insert(0, ('internal.create_uid', '=', user))
+        # implicit filter on current user except for superuser
+        if user != 1:
+            if not args:
+                args = []
+            args.insert(0, ('internal.create_uid', '=', user))
 
         result = self._where_calc(cr, user, args, context=context)
         if result==[]: