From 68777c5860cadafd939751269d4820e4c014ec98 Mon Sep 17 00:00:00 2001 From: Raphael Collet Date: Tue, 2 Sep 2014 10:50:52 +0200 Subject: [PATCH] [IMP] models: inherited fields are related fields read as the current user Add an attribute 'related_sudo' (True by default) for related fields. A related field is computed as superuser if related_sudo is True. Add explicit related fields 'name' and 'email' on 'res.users', as these should be readable by the public user with module website_forum. --- openerp/addons/base/res/res_users.py | 5 +++++ openerp/fields.py | 16 ++++++++++------ openerp/models.py | 7 +++++-- 3 files changed, 20 insertions(+), 8 deletions(-) diff --git a/openerp/addons/base/res/res_users.py b/openerp/addons/base/res/res_users.py index 023bccb2efa..a0e0bd1fe82 100644 --- a/openerp/addons/base/res/res_users.py +++ b/openerp/addons/base/res/res_users.py @@ -188,6 +188,11 @@ class res_users(osv.osv): 'company_ids':fields.many2many('res.company','res_company_users_rel','user_id','cid','Companies'), } + # overridden inherited fields to bypass access rights, in case you have + # access to the user but not its corresponding partner + name = openerp.fields.Char(related='partner_id.name') + email = openerp.fields.Char(related='partner_id.email') + def on_change_login(self, cr, uid, ids, login, context=None): if login and tools.single_email_re.match(login): return {'value': {'email': login}} diff --git a/openerp/fields.py b/openerp/fields.py index d0055ebcb3e..3c4744a89e0 100644 --- a/openerp/fields.py +++ b/openerp/fields.py @@ -280,6 +280,7 @@ class Field(object): inverse = None # inverse(recs) inverses field on recs search = None # search(recs, operator, value) searches on self related = None # sequence of field names, for related fields + related_sudo = True # whether related fields should be read as admin company_dependent = False # whether `self` is company-dependent (property field) default = None # default value @@ -427,13 +428,16 @@ class Field(object): def _compute_related(self, records): """ Compute the related field `self` on `records`. """ - for record, sudo_record in zip(records, records.sudo()): - # bypass access rights check when traversing the related path - value = sudo_record if record.id else record - # traverse the intermediate fields, and keep at most one record + # when related_sudo, bypass access rights checks when reading values + others = records.sudo() if self.related_sudo else records + for record, other in zip(records, others): + if not record.id: + # draft record, do not switch to another environment + other = record + # traverse the intermediate fields; follow the first record at each step for name in self.related[:-1]: - value = value[name][:1] - record[self.name] = value[self.related[-1]] + other = other[name][:1] + record[self.name] = other[self.related[-1]] def _inverse_related(self, records): """ Inverse the related field `self` on `records`. """ diff --git a/openerp/models.py b/openerp/models.py index 33bf9ba734e..ef5c2bb6a62 100644 --- a/openerp/models.py +++ b/openerp/models.py @@ -2937,8 +2937,11 @@ class BaseModel(object): for parent_model, parent_field in reversed(cls._inherits.items()): for attr, field in cls.pool[parent_model]._fields.iteritems(): if attr not in cls._fields: - new_field = field.copy(related=(parent_field, attr), _origin=field) - cls._add_field(attr, new_field) + cls._add_field(attr, field.copy( + related=(parent_field, attr), + related_sudo=False, + _origin=field, + )) cls._inherits_reload_src()