From 16f358d9e2b67ba804bc7ccef9e69a02e73e4d49 Mon Sep 17 00:00:00 2001
From: "Darshan Kalola (OpenERP)" <dka@tinyerp.com>
Date: Tue, 4 Mar 2014 17:51:48 +0530
Subject: [PATCH] [IMP]]hide the link add a new column,edit and delete in
 kanban if the user has not the right to do it.

bzr revid: dka@tinyerp.com-20140304122148-732fgfqmbpi8cpol
---
 openerp/addons/base/ir/ir_ui_view.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/openerp/addons/base/ir/ir_ui_view.py b/openerp/addons/base/ir/ir_ui_view.py
index d4655bf8b9c..8dfaa539e3a 100644
--- a/openerp/addons/base/ir/ir_ui_view.py
+++ b/openerp/addons/base/ir/ir_ui_view.py
@@ -688,6 +688,16 @@ class view(osv.osv):
             for action, operation in (('create', 'create'), ('delete', 'unlink'), ('edit', 'write')):
                 if not node.get(action) and not Model.check_access_rights(cr, user, operation, raise_exception=False):
                     node.set(action, 'false')
+            if node.tag in ('kanban'):
+                group_by_field = node.get('default_group_by')
+                if group_by_field:
+                    group_by_object = Model.fields_get(cr, user, None, context)[group_by_field]
+                    if (group_by_object['type'] == 'many2one'):
+                        group_by_model = Model.pool.get(group_by_object['relation'])
+                        for action, operation in (('group_create', 'create'), ('group_delete', 'unlink'), ('group_edit', 'write')):
+                            if not node.get(action) and not group_by_model.check_access_rights(cr, user, operation, raise_exception=False):
+                                node.set(action, 'false')
+
         arch = etree.tostring(node, encoding="utf-8").replace('\t', '')
         for k in fields.keys():
             if k not in fields_def: