From 6188bc6e9d7936c01e70dde7dd3e4b8367010c6f Mon Sep 17 00:00:00 2001 From: Lionel Sausin Date: Fri, 20 Nov 2015 11:02:29 +0100 Subject: [PATCH] [DOC] Add words of caution about `sudo` Closes #9655 --- openerp/models.py | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/openerp/models.py b/openerp/models.py index 44f19052d7b..a3284f54093 100644 --- a/openerp/models.py +++ b/openerp/models.py @@ -5306,6 +5306,11 @@ class BaseModel(object): """ Returns a new version of this recordset attached to the provided environment + .. warning:: + The new environment will not benefit from the current + environment's data cache, so later data access may incur extra + delays while re-fetching from the database. + :type env: :class:`~openerp.api.Environment` """ return self._browse(env, self._ids) @@ -5315,6 +5320,25 @@ class BaseModel(object): Returns a new version of this recordset attached to the provided user. + + By default this returns a `SUPERUSER` recordset, where access control + and record rules are bypassed. + + .. note:: + Using `sudo` could cause data access to cross the boundaries of + record rules, possibly mixing records that are meant to be + isolated (e.g. records from different companies in multi-company + environments). + + It may lead to un-intuitive results in methods which select one + record among many - for example getting the default company, or + selecting a Bill of Materials. + + .. note:: + Because the record rules and access control will have to be + re-evaluated, the new recordset will not benefit from the current + environment's data cache, so later data access may incur extra + delays while re-fetching from the database. """ return self.with_env(self.env(user=user))