From 4c335588a1f5d6d1f03e17aa20e37ffe4197447c Mon Sep 17 00:00:00 2001
From: Bhavik Bagdiya <bba@openerp.com>
Date: Tue, 19 Aug 2014 10:37:54 +0530
Subject: [PATCH 01/25] [FIX] web: grid headers should be aligned properly

---
 addons/web/static/src/css/base.css  | 1 +
 addons/web/static/src/css/base.sass | 1 +
 2 files changed, 2 insertions(+)

diff --git a/addons/web/static/src/css/base.css b/addons/web/static/src/css/base.css
index d221dfba409..463876f92b3 100644
--- a/addons/web/static/src/css/base.css
+++ b/addons/web/static/src/css/base.css
@@ -2842,6 +2842,7 @@
 .openerp .oe_list_content td, .openerp .oe_list_content th {
   padding: 3px 6px;
   line-height: 18px;
+  white-space: nowrap;
 }
 .openerp .oe_list_content th.oe_sortable, .openerp .oe_list_content th.oe_sortable div {
   cursor: pointer;
diff --git a/addons/web/static/src/css/base.sass b/addons/web/static/src/css/base.sass
index 05270c0b68f..b1b866684b1 100644
--- a/addons/web/static/src/css/base.sass
+++ b/addons/web/static/src/css/base.sass
@@ -2287,6 +2287,7 @@ $sheet-padding: 16px
         td, th
             padding: 3px 6px
             line-height: 18px
+            white-space: nowrap
         th.oe_sortable, th.oe_sortable div
             cursor: pointer
         th.oe_sortable div

From b160f99e2d0e5eb2de176f3e3dbcd7f3aa843c22 Mon Sep 17 00:00:00 2001
From: Martin Trigaux <mat@openerp.com>
Date: Fri, 22 Aug 2014 12:49:39 +0200
Subject: [PATCH 02/25] [FIX] fetchmail: do not delete a failing email when
 using POP

In case of IMAP, the email is simply set as read but in case of POP, the email is deleted. To avoid loosing data (e.g. misconfiguration of server), the email is kept for POP.
Bug lp:1296724, opw 605667
---
 addons/fetchmail/fetchmail.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/addons/fetchmail/fetchmail.py b/addons/fetchmail/fetchmail.py
index 515881e8582..4d32cc13139 100644
--- a/addons/fetchmail/fetchmail.py
+++ b/addons/fetchmail/fetchmail.py
@@ -236,12 +236,12 @@ openerp_mailgate: "|/path/to/openerp-mailgate.py --host=localhost -u %(uid)d -p
                                                                  save_original=server.original,
                                                                  strip_attachments=(not server.attach),
                                                                  context=context)
+                            pop_server.dele(num)
                         except Exception:
                             _logger.exception('Failed to process mail from %s server %s.', server.type, server.name)
                             failed += 1
                         if res_id and server.action_id:
                             action_pool.run(cr, uid, [server.action_id.id], {'active_id': res_id, 'active_ids': [res_id], 'active_model': context.get("thread_model", server.object_id.model)})
-                        pop_server.dele(num)
                         cr.commit()
                     _logger.info("Fetched %d email(s) on %s server %s; %d succeeded, %d failed.", numMsgs, server.type, server.name, (numMsgs - failed), failed)
                 except Exception:

From 73546f70ca16ff9bcb51d62273ac3ec6b810e6c4 Mon Sep 17 00:00:00 2001
From: Martin Trigaux <mat@openerp.com>
Date: Fri, 22 Aug 2014 15:29:23 +0200
Subject: [PATCH 03/25] [FIX] point_of_sale: generate bank statement with
 commerical partner

When a pos session is closed & confirmed, the account.move were generated with the commercial partner except for the bank statement which prevented automatic reconciliation.
This patch uses the commercial partner also for bank statement.
Fixes #1558, #1764
---
 addons/point_of_sale/point_of_sale.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/addons/point_of_sale/point_of_sale.py b/addons/point_of_sale/point_of_sale.py
index 2768cf8aa44..a6131bca31b 100644
--- a/addons/point_of_sale/point_of_sale.py
+++ b/addons/point_of_sale/point_of_sale.py
@@ -757,12 +757,12 @@ class pos_order(osv.osv):
             'amount': data['amount'],
             'date': data.get('payment_date', time.strftime('%Y-%m-%d')),
             'name': order.name + ': ' + (data.get('payment_name', '') or ''),
+            'partner_id': order.partner_id and self.pool.get("res.partner")._find_accounting_partner(order.partner_id).id or False,
         }
 
         account_def = property_obj.get(cr, uid, 'property_account_receivable', 'res.partner', context=context)
         args['account_id'] = (order.partner_id and order.partner_id.property_account_receivable \
                              and order.partner_id.property_account_receivable.id) or (account_def and account_def.id) or False
-        args['partner_id'] = order.partner_id and order.partner_id.id or None
 
         if not args['account_id']:
             if not args['partner_id']:

From 7dbb16a85658f4d15585fae195b884634abc012b Mon Sep 17 00:00:00 2001
From: Fekete Mihai <feketemihai@gmail.com>
Date: Fri, 22 Aug 2014 16:34:11 +0300
Subject: [PATCH 04/25] [IMP] stock: stock incoterm converted to uppercase

---
 addons/stock/stock_incoterms.xml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/addons/stock/stock_incoterms.xml b/addons/stock/stock_incoterms.xml
index 42865a8164c..064480d6aea 100644
--- a/addons/stock/stock_incoterms.xml
+++ b/addons/stock/stock_incoterms.xml
@@ -51,15 +51,15 @@
         </record>
         <record id="incoterm_DAT" model="stock.incoterms">
             <field name="code">DAT</field>
-            <field name="name">Delivered At Terminal</field>
+            <field name="name">DELIVERED AT TERMINAL</field>
         </record>
         <record id="incoterm_DAP" model="stock.incoterms">
             <field name="code">DAP</field>
-            <field name="name">Delivered At Place</field>
+            <field name="name">DELIVERED AT PLACE</field>
         </record>
-    <record id="incoterm_DDP" model="stock.incoterms">
+        <record id="incoterm_DDP" model="stock.incoterms">
             <field name="code">DDP</field>
-            <field name="name">Delivered Duty Paid</field>
+            <field name="name">DELIVERED DUTY PAID</field>
         </record>
 
     </data>

From bc3991b4c58d20969816c644dd57bae68b103ba8 Mon Sep 17 00:00:00 2001
From: Ravish Murari <rmu@tinyerp.com>
Date: Thu, 7 Aug 2014 18:04:42 +0530
Subject: [PATCH 05/25] [FIX] board: Do not offer to create dashboard when
 there is no action

In case we have no defined action (e.g. redirection by python code), adding a dashboard should not be possible as the rendering based on the action.
This patch hides the 'Add to Dashboard' button in search view (opw 611288)
---
 addons/board/static/src/js/dashboard.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/addons/board/static/src/js/dashboard.js b/addons/board/static/src/js/dashboard.js
index 65737ad234e..d2587c87add 100644
--- a/addons/board/static/src/js/dashboard.js
+++ b/addons/board/static/src/js/dashboard.js
@@ -424,7 +424,7 @@ instance.web.SearchView.include({
     add_common_inputs: function() {
         this._super();
         var vm = this.getParent().getParent();
-        if (vm.inner_action && vm.inner_action.views) {
+        if (vm.inner_action && vm.inner_action.id && vm.inner_action.views) {
             (new instance.board.AddToDashboard(this));
         }
     }

From 9b3f3fecfe5e5487dce6c24b1ee18a5b23faf474 Mon Sep 17 00:00:00 2001
From: Denis Ledoux <dle@odoo.com>
Date: Mon, 25 Aug 2014 14:51:03 +0200
Subject: [PATCH 06/25] [FIX] hr_holidays: employees cannot approve their
 holidays

Nor modify once approved

It wasn't possible for employees to approve their holidays themself, thanks to the GUI, but this was possible through xmlrpc calls, or when altering the html directly in the browser.
Besides, this was also possible to edit the holiday through the same trick once the holiday validated
---
 addons/hr_holidays/hr_holidays.py       |  4 ++++
 addons/hr_holidays/security/ir_rule.xml | 11 +++++++++++
 2 files changed, 15 insertions(+)

diff --git a/addons/hr_holidays/hr_holidays.py b/addons/hr_holidays/hr_holidays.py
index fbe72a1898c..38130149825 100644
--- a/addons/hr_holidays/hr_holidays.py
+++ b/addons/hr_holidays/hr_holidays.py
@@ -305,10 +305,14 @@ class hr_holidays(osv.osv):
         if context is None:
             context = {}
         context = dict(context, mail_create_nolog=True)
+        if values.get('state') and values['state'] not in ['draft', 'confirm', 'cancel'] and not self.pool['res.users'].has_group(cr, uid, 'base.group_hr_user'):
+            raise osv.except_osv(_('Warning!'), _('You cannot set a leave request as \'%s\'. Contact a human resource manager.') % values.get('state'))
         return super(hr_holidays, self).create(cr, uid, values, context=context)
 
     def write(self, cr, uid, ids, vals, context=None):
         check_fnct = self.pool.get('hr.holidays.status').check_access_rights
+        if vals.get('state') and vals['state'] not in ['draft', 'confirm', 'cancel'] and not self.pool['res.users'].has_group(cr, uid, 'base.group_hr_user'):
+            raise osv.except_osv(_('Warning!'), _('You cannot set a leave request as \'%s\'. Contact a human resource manager.') % vals.get('state'))
         for  holiday in self.browse(cr, uid, ids, context=context):
             if holiday.state in ('validate','validate1') and not check_fnct(cr, uid, 'write', raise_exception=False):
                 raise osv.except_osv(_('Warning!'),_('You cannot modify a leave request that has been approved. Contact a human resource manager.'))
diff --git a/addons/hr_holidays/security/ir_rule.xml b/addons/hr_holidays/security/ir_rule.xml
index ff0270026a4..3aa2d4db052 100644
--- a/addons/hr_holidays/security/ir_rule.xml
+++ b/addons/hr_holidays/security/ir_rule.xml
@@ -5,6 +5,17 @@
         <field name="name">Employee Holidays</field>
         <field model="ir.model" name="model_id" ref="model_hr_holidays"/>
         <field name="domain_force">[('employee_id.user_id','=',user.id)]</field>
+        <field name="perm_create" eval="False"/>
+        <field name="perm_write" eval="False"/>
+        <field name="perm_unlink" eval="False"/>
+        <field name="groups" eval="[(4,ref('base.group_user'))]"/>
+    </record>
+
+    <record id="property_rule_holidays_employee_write" model="ir.rule">
+        <field name="name">Employee Holidays Create, Write, Unlink</field>
+        <field model="ir.model" name="model_id" ref="model_hr_holidays"/>
+        <field name="domain_force">[('employee_id.user_id','=',user.id), ('state', 'in', ['draft', 'confirm', 'cancel'])]</field>
+        <field name="perm_read" eval="False"/>
         <field name="groups" eval="[(4,ref('base.group_user'))]"/>
     </record>
     

From 231a478ca975eea50b7f72e5ca775b0a2eb8227b Mon Sep 17 00:00:00 2001
From: Martin Trigaux <mat@openerp.com>
Date: Mon, 25 Aug 2014 16:19:29 +0200
Subject: [PATCH 07/25] [FIX] website_sale: pager in product list

Keep the reference to category and search view in pager.
Update the search template to include form and keep correct reference to the category (as a slug and not a parameter).
Fixes #688
---
 addons/website_sale/controllers/main.py |  7 +++++-
 addons/website_sale/views/templates.xml | 31 ++++++++++++-------------
 2 files changed, 21 insertions(+), 17 deletions(-)

diff --git a/addons/website_sale/controllers/main.py b/addons/website_sale/controllers/main.py
index 79b04fa5ee6..0de92eb5d44 100644
--- a/addons/website_sale/controllers/main.py
+++ b/addons/website_sale/controllers/main.py
@@ -149,8 +149,13 @@ class website_sale(http.Controller):
             context['pricelist'] = int(self.get_pricelist())
         product_obj = pool.get('product.template')
 
+        url = "/shop"
         product_count = product_obj.search_count(cr, uid, domain, context=context)
-        pager = request.website.pager(url="/shop", total=product_count, page=page, step=PPG, scope=7, url_args=post)
+        if search:
+            post["search"] = search
+        if category:
+            url = "/shop/category/%s" % slug(category)
+        pager = request.website.pager(url=url, total=product_count, page=page, step=PPG, scope=7, url_args=post)
         product_ids = product_obj.search(cr, uid, domain, limit=PPG+10, offset=pager['offset'], order='website_published desc, website_sequence desc', context=context)
         products = product_obj.browse(cr, uid, product_ids, context=context)
 
diff --git a/addons/website_sale/views/templates.xml b/addons/website_sale/views/templates.xml
index f4becb6ce45..6fe87097afb 100644
--- a/addons/website_sale/views/templates.xml
+++ b/addons/website_sale/views/templates.xml
@@ -29,18 +29,21 @@
   </xpath>
 </template>
 <template id="search" name="Search hidden fields">
-  <t t-if="attrib_values">
-    <t t-foreach="attrib_values" t-as="a">
-      <input type="hidden" name="attrib" t-att-value="'%s,%s' % (a[0], a[1])"/>
+  <form t-att-action="keep('/shop'+ ('/category/'+slug(category)) if category else '', search=0)" method="get" t-att-class="search_class">
+
+    <t t-if="attrib_values">
+      <t t-foreach="attrib_values" t-as="a">
+        <input type="hidden" name="attrib" t-att-value="'%s,%s' % (a[0], a[1])"/>
+      </t>
     </t>
-  </t>
-  <input t-if="category" type="hidden" name="category" t-att-value="int(category or 0)"/>
-  <div class="input-group">
-    <input type="text" name="search" class="search-query form-control" placeholder="Search..." t-att-value="search"/>
-    <span class="input-group-btn">
-      <a class="btn btn-default a-submit"><i class="fa fa-search"/></a>
-    </span>
+    <div class="input-group">
+      <input type="text" name="search" class="search-query form-control" placeholder="Search..." t-att-value="search"/>
+      <span class="input-group-btn">
+        <a class="btn btn-default a-submit"><i class="fa fa-search"/></a>
+      </span>
   </div>
+
+  </form>
 </template>
 
 <template id="404">
@@ -125,9 +128,7 @@
         <div class="container oe_website_sale">
           <div class="products_pager">
             <div class="row">
-              <form t-att-action="keep('/shop',search=0)" method="get" class="pagination form-inline col-md-3">
-                <t t-call="website_sale.search"/>
-              </form>
+              <t t-call="website_sale.search"><t t-set="search_class">pagination form-inline col-md-3</t></t>
               <t t-call="website.pager"/>
             </div>
           </div>
@@ -353,9 +354,7 @@
                 </ol>
             </div>
             <div class="col-sm-3">
-              <form t-att-action="keep(search=0)" method="get" class="pull-right">
-                  <t t-call="website_sale.search"/>
-              </form>
+              <t t-call="website_sale.search"><t t-set="search_class">pull-right</t></t>
             </div>
             <div class="col-sm-4" groups="base.group_sale_manager">
                 <t t-call="website.publish_management">

From 180c4734a6eeca87f9a69873a48fe707570e3849 Mon Sep 17 00:00:00 2001
From: Daniel Dico <dd@oerp.ca>
Date: Mon, 25 Aug 2014 11:19:43 -0400
Subject: [PATCH 08/25] [FIX] product_visible_discount: use order date to
 compute currency instead of current date

---
 addons/product_visible_discount/product_visible_discount.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/addons/product_visible_discount/product_visible_discount.py b/addons/product_visible_discount/product_visible_discount.py
index 6ce35a741e2..595deba1983 100644
--- a/addons/product_visible_discount/product_visible_discount.py
+++ b/addons/product_visible_discount/product_visible_discount.py
@@ -90,9 +90,11 @@ class sale_order_line(osv.osv):
             if so_pricelist.visible_discount and list_price[pricelist] != 0 and new_list_price != 0:
                 if product.company_id and so_pricelist.currency_id.id != product.company_id.currency_id.id:
                     # new_list_price is in company's currency while price in pricelist currency
+                    ctx = context.copy()
+                    ctx['date'] = date_order
                     new_list_price = self.pool['res.currency'].compute(cr, uid,
                         product.company_id.currency_id.id, so_pricelist.currency_id.id,
-                        new_list_price, context=context)
+                        new_list_price, context=ctx)
                 discount = (new_list_price - price) / new_list_price * 100
                 if discount > 0:
                     result['price_unit'] = new_list_price

From f880d89cc473d725405bd694550e64b6a56f9d96 Mon Sep 17 00:00:00 2001
From: Daniel Dico <dd@oerp.ca>
Date: Mon, 25 Aug 2014 11:16:35 -0400
Subject: [PATCH 09/25] [FIX] sale_order_line: use order date to compute
 currency instead of current date

---
 addons/sale_margin/sale_margin.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/addons/sale_margin/sale_margin.py b/addons/sale_margin/sale_margin.py
index dc8c4dfff3c..72d252a7c11 100644
--- a/addons/sale_margin/sale_margin.py
+++ b/addons/sale_margin/sale_margin.py
@@ -31,11 +31,15 @@ class sale_order_line(osv.osv):
             lang=lang, update_tax=update_tax, date_order=date_order, packaging=packaging, fiscal_position=fiscal_position, flag=flag, context=context)
         if not pricelist:
             return res
+        if context is None:
+            context = {}
         frm_cur = self.pool.get('res.users').browse(cr, uid, uid).company_id.currency_id.id
         to_cur = self.pool.get('product.pricelist').browse(cr, uid, [pricelist])[0].currency_id.id
         if product:
             purchase_price = self.pool.get('product.product').browse(cr, uid, product).standard_price
-            price = self.pool.get('res.currency').compute(cr, uid, frm_cur, to_cur, purchase_price, round=False)
+            ctx = context.copy()
+            ctx['date'] = date_order
+            price = self.pool.get('res.currency').compute(cr, uid, frm_cur, to_cur, purchase_price, round=False, context=ctx)
             res['value'].update({'purchase_price': price})
         return res
 

From 4b446550c620280884cd29de9b56b51fae672aab Mon Sep 17 00:00:00 2001
From: TheCloneMaster <the.clone.master@gmail.com>
Date: Mon, 25 Aug 2014 01:16:45 -0600
Subject: [PATCH 10/25] [FIX] hw_escpos:  Replaced "tab" by space

call to self.open() had a tab instead of spaces
---
 addons/hw_escpos/escpos/printer.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/addons/hw_escpos/escpos/printer.py b/addons/hw_escpos/escpos/printer.py
index dd5aa93e361..523f9a39779 100644
--- a/addons/hw_escpos/escpos/printer.py
+++ b/addons/hw_escpos/escpos/printer.py
@@ -31,7 +31,7 @@ class Usb(Escpos):
         self.interface = interface
         self.in_ep     = in_ep
         self.out_ep    = out_ep
-	self.open()
+        self.open()
 
 
     def open(self):

From e7f8425a3add575b17e1c0c75e19e699f48847b0 Mon Sep 17 00:00:00 2001
From: Denis Ledoux <dle@odoo.com>
Date: Tue, 26 Aug 2014 10:56:44 +0200
Subject: [PATCH 11/25] Revert "[FIX] web: grid headers should be aligned
 properly"

This reverts commit 4c335588a1f5d6d1f03e17aa20e37ffe4197447c.
It leads to table widths inconsistencies: The tables take more width then before, and overflow much more than before. This can be seen in "Accounting" > "Journal Entries", in the list of the form view
---
 addons/web/static/src/css/base.css  | 1 -
 addons/web/static/src/css/base.sass | 1 -
 2 files changed, 2 deletions(-)

diff --git a/addons/web/static/src/css/base.css b/addons/web/static/src/css/base.css
index 463876f92b3..d221dfba409 100644
--- a/addons/web/static/src/css/base.css
+++ b/addons/web/static/src/css/base.css
@@ -2842,7 +2842,6 @@
 .openerp .oe_list_content td, .openerp .oe_list_content th {
   padding: 3px 6px;
   line-height: 18px;
-  white-space: nowrap;
 }
 .openerp .oe_list_content th.oe_sortable, .openerp .oe_list_content th.oe_sortable div {
   cursor: pointer;
diff --git a/addons/web/static/src/css/base.sass b/addons/web/static/src/css/base.sass
index b1b866684b1..05270c0b68f 100644
--- a/addons/web/static/src/css/base.sass
+++ b/addons/web/static/src/css/base.sass
@@ -2287,7 +2287,6 @@ $sheet-padding: 16px
         td, th
             padding: 3px 6px
             line-height: 18px
-            white-space: nowrap
         th.oe_sortable, th.oe_sortable div
             cursor: pointer
         th.oe_sortable div

From a65a95fbf7db3c61a5752a574de774ba4bc8e30f Mon Sep 17 00:00:00 2001
From: Cedric Snauwaert <csn@openerp.com>
Date: Tue, 26 Aug 2014 11:26:28 +0200
Subject: [PATCH 12/25] [FIX] web: fix blur problem in FieldMany2One widget
 when clicking on autocomplete option inside a wizard

---
 addons/web/static/src/js/view_form.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/addons/web/static/src/js/view_form.js b/addons/web/static/src/js/view_form.js
index 6c9379f958d..7507fc3e317 100644
--- a/addons/web/static/src/js/view_form.js
+++ b/addons/web/static/src/js/view_form.js
@@ -3568,10 +3568,10 @@ instance.web.form.FieldMany2One = instance.web.form.AbstractField.extend(instanc
             focusout: anyoneLoosesFocus,
             focus: function () { self.trigger('focused'); },
             autocompleteopen: function () { ignore_blur = true; },
-            autocompleteclose: function () { ignore_blur = false; },
+            autocompleteclose: function () { setTimeout(function() {ignore_blur = false;},0); },
             blur: function () {
                 // autocomplete open
-                if (ignore_blur) { return; }
+                if (ignore_blur) { $(this).focus(); return; }
                 if (_(self.getChildren()).any(function (child) {
                     return child instanceof instance.web.form.AbstractFormPopup;
                 })) { return; }

From 80017b04c2fefe895659f56e5e8d34bd59093e13 Mon Sep 17 00:00:00 2001
From: Denis Ledoux <dle@odoo.com>
Date: Tue, 26 Aug 2014 12:50:04 +0200
Subject: [PATCH 13/25] [FIX] security: ir.config_parameter should not be
 readable by externals

---
 addons/mail/mail_alias.py                        | 2 +-
 addons/mail/static/src/js/announcement.js        | 2 ++
 addons/web/static/src/js/chrome.js               | 3 +++
 openerp/addons/base/security/ir.model.access.csv | 2 +-
 4 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/addons/mail/mail_alias.py b/addons/mail/mail_alias.py
index 91ee6bd1f33..bd935498bc8 100644
--- a/addons/mail/mail_alias.py
+++ b/addons/mail/mail_alias.py
@@ -59,7 +59,7 @@ class mail_alias(osv.Model):
 
     def _get_alias_domain(self, cr, uid, ids, name, args, context=None):
         ir_config_parameter = self.pool.get("ir.config_parameter")
-        domain = ir_config_parameter.get_param(cr, uid, "mail.catchall.domain", context=context)
+        domain = ir_config_parameter.get_param(cr, SUPERUSER_ID, "mail.catchall.domain", context=context)
         return dict.fromkeys(ids, domain or "")
 
     _columns = {
diff --git a/addons/mail/static/src/js/announcement.js b/addons/mail/static/src/js/announcement.js
index 0dd438d13af..d76e32a5fe8 100644
--- a/addons/mail/static/src/js/announcement.js
+++ b/addons/mail/static/src/js/announcement.js
@@ -36,6 +36,8 @@ openerp_announcement = function(instance) {
                 });
 
                 $('head').append($css);
+            }).fail(function(result, ev){
+                ev.preventDefault();
             });
         }
     });
diff --git a/addons/web/static/src/js/chrome.js b/addons/web/static/src/js/chrome.js
index 9d69b908f4d..04f903ff9aa 100644
--- a/addons/web/static/src/js/chrome.js
+++ b/addons/web/static/src/js/chrome.js
@@ -1155,6 +1155,9 @@ instance.web.UserMenu =  instance.web.Widget.extend({
                     scope: 'userinfo',
                 };
                 instance.web.redirect('https://accounts.openerp.com/oauth2/auth?'+$.param(params));
+            }).fail(function(result, ev){
+                ev.preventDefault();
+                instance.web.redirect('https://accounts.openerp.com/web');
             });
         }
     },
diff --git a/openerp/addons/base/security/ir.model.access.csv b/openerp/addons/base/security/ir.model.access.csv
index 3fa980f4368..04416f23758 100644
--- a/openerp/addons/base/security/ir.model.access.csv
+++ b/openerp/addons/base/security/ir.model.access.csv
@@ -111,7 +111,7 @@
 "access_multi_company_default user","multi_company_default all","model_multi_company_default",,1,0,0,0
 "access_multi_company_default manager","multi_company_default Manager","model_multi_company_default","group_erp_manager",1,1,1,1
 "access_ir_filter all","ir_filters all","model_ir_filters",,1,1,1,1
-"access_ir_config_parameter","ir_config_parameter","model_ir_config_parameter",,1,0,0,0
+"access_ir_config_parameter","ir_config_parameter","model_ir_config_parameter","group_user",1,0,0,0
 "access_ir_config_parameter_system","ir_config_parameter_system","model_ir_config_parameter","group_system",1,1,1,1
 "access_ir_mail_server","ir_mail_server","model_ir_mail_server","group_system",1,1,1,1
 "access_ir_actions_client","ir_actions_client all","model_ir_actions_client",,1,0,0,0

From 72d3697fbc77eca9ad8abf43a81bb13a0a8bfb65 Mon Sep 17 00:00:00 2001
From: Denis Ledoux <dle@odoo.com>
Date: Tue, 26 Aug 2014 12:55:48 +0200
Subject: [PATCH 14/25] [FIX] security: externals should be able to read
 attachements

without having the rights to read ir.config_parameter
---
 openerp/addons/base/ir/ir_attachment.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/openerp/addons/base/ir/ir_attachment.py b/openerp/addons/base/ir/ir_attachment.py
index 43d13126f3b..2c0af45ee66 100644
--- a/openerp/addons/base/ir/ir_attachment.py
+++ b/openerp/addons/base/ir/ir_attachment.py
@@ -121,7 +121,7 @@ class ir_attachment(osv.osv):
         if context is None:
             context = {}
         result = {}
-        location = self.pool.get('ir.config_parameter').get_param(cr, uid, 'ir_attachment.location')
+        location = self.pool.get('ir.config_parameter').get_param(cr, SUPERUSER_ID, 'ir_attachment.location')
         bin_size = context.get('bin_size')
         for attach in self.browse(cr, uid, ids, context=context):
             if location and attach.store_fname:
@@ -136,7 +136,7 @@ class ir_attachment(osv.osv):
             return True
         if context is None:
             context = {}
-        location = self.pool.get('ir.config_parameter').get_param(cr, uid, 'ir_attachment.location')
+        location = self.pool.get('ir.config_parameter').get_param(cr, SUPERUSER_ID, 'ir_attachment.location')
         file_size = len(value.decode('base64'))
         if location:
             attach = self.browse(cr, uid, id, context=context)
@@ -284,7 +284,7 @@ class ir_attachment(osv.osv):
         if isinstance(ids, (int, long)):
             ids = [ids]
         self.check(cr, uid, ids, 'unlink', context=context)
-        location = self.pool.get('ir.config_parameter').get_param(cr, uid, 'ir_attachment.location')
+        location = self.pool.get('ir.config_parameter').get_param(cr, SUPERUSER_ID, 'ir_attachment.location')
         if location:
             for attach in self.browse(cr, uid, ids, context=context):
                 if attach.store_fname:

From 53582c2ea6c165a03d03cbb52bd8525eff444d90 Mon Sep 17 00:00:00 2001
From: Denis Ledoux <dle@odoo.com>
Date: Tue, 26 Aug 2014 13:31:41 +0200
Subject: [PATCH 15/25] [FIX] security: res.groups should be readable by admins
 only

---
 addons/portal/acquirer.py                        | 3 ++-
 openerp/addons/base/security/ir.model.access.csv | 1 -
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/addons/portal/acquirer.py b/addons/portal/acquirer.py
index 9c18b597a1b..c48853b1706 100644
--- a/addons/portal/acquirer.py
+++ b/addons/portal/acquirer.py
@@ -22,6 +22,7 @@
 import logging
 from urllib import quote as quote
 
+from openerp import SUPERUSER_ID
 from openerp.osv import osv, fields
 from openerp.tools.translate import _
 from openerp.tools import float_repr
@@ -75,7 +76,7 @@ class acquirer(osv.Model):
             link = '#action=account.action_account_config'
             payment_header = _('You can finish the configuration in the <a href="%s">Bank&Cash settings</a>') % link
             amount = _('No online payment acquirers configured')
-            group_ids = self.pool.get('res.users').browse(cr, uid, uid, context=context).groups_id
+            group_ids = self.pool.get('res.users').browse(cr, SUPERUSER_ID, uid, context=context).groups_id
             if any(group.is_portal for group in group_ids):
                 return ''
         else:
diff --git a/openerp/addons/base/security/ir.model.access.csv b/openerp/addons/base/security/ir.model.access.csv
index 04416f23758..54f34858360 100644
--- a/openerp/addons/base/security/ir.model.access.csv
+++ b/openerp/addons/base/security/ir.model.access.csv
@@ -53,7 +53,6 @@
 "access_res_currency_group_system","res_currency group_system","model_res_currency","group_system",1,1,1,1
 "access_res_currency_rate_group_system","res_currency_rate group_system","model_res_currency_rate","group_system",1,1,1,1
 "access_res_groups_group_erp_manager","res_groups group_erp_manager","model_res_groups","group_erp_manager",1,1,1,1
-"access_res_groups_group_user","res_groups group_user","model_res_groups",,1,0,0,0
 "access_res_lang_group_all","res_lang group_all","model_res_lang",,1,0,0,0
 "access_res_lang_group_user","res_lang group_user","model_res_lang","group_system",1,1,1,1
 "access_res_partner_group_partner_manager","res_partner group_partner_manager","model_res_partner","group_partner_manager",1,1,1,1

From 3f7f2a51faa5659f5ae0d22ab722a15be076981e Mon Sep 17 00:00:00 2001
From: Denis Ledoux <dle@odoo.com>
Date: Tue, 26 Aug 2014 15:35:47 +0200
Subject: [PATCH 16/25] [FIX] security: remove read access on company critical
 fields

---
 addons/auth_ldap/users_ldap.py   | 2 +-
 addons/base_gengo/res_company.py | 8 ++++----
 addons/pad/pad.py                | 3 ++-
 addons/pad/res_company.py        | 2 +-
 4 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/addons/auth_ldap/users_ldap.py b/addons/auth_ldap/users_ldap.py
index f6a5d5f25de..a09b6839ab9 100644
--- a/addons/auth_ldap/users_ldap.py
+++ b/addons/auth_ldap/users_ldap.py
@@ -238,7 +238,7 @@ class res_company(osv.osv):
     _inherit = "res.company"
     _columns = {
         'ldaps': fields.one2many(
-            'res.company.ldap', 'company', 'LDAP Parameters'),
+            'res.company.ldap', 'company', 'LDAP Parameters', groups="base.group_system"),
     }
 res_company()
 
diff --git a/addons/base_gengo/res_company.py b/addons/base_gengo/res_company.py
index 3d038ac0813..448df8d558c 100644
--- a/addons/base_gengo/res_company.py
+++ b/addons/base_gengo/res_company.py
@@ -26,10 +26,10 @@ class res_company(osv.Model):
     _name = "res.company"
     _inherit = "res.company"
     _columns = {
-           "gengo_private_key": fields.text("Gengo Private Key"),
-           "gengo_public_key": fields.text("Gengo Public Key"),
-           "gengo_comment": fields.text("Comments", help="This comment will be automatically be enclosed in each an every request sent to Gengo"),
-           "gengo_auto_approve": fields.boolean("Auto Approve Translation ?", help="Jobs are Automatically Approved by Gengo."),
+           "gengo_private_key": fields.text("Gengo Private Key", groups="base.group_system"),
+           "gengo_public_key": fields.text("Gengo Public Key", groups="base.group_user"),
+           "gengo_comment": fields.text("Comments", help="This comment will be automatically be enclosed in each an every request sent to Gengo", groups="base.group_user"),
+           "gengo_auto_approve": fields.boolean("Auto Approve Translation ?", help="Jobs are Automatically Approved by Gengo.", groups="base.group_user"),
     }
 
     _defaults = {
diff --git a/addons/pad/pad.py b/addons/pad/pad.py
index 1379e06f184..b79d2f01ca8 100644
--- a/addons/pad/pad.py
+++ b/addons/pad/pad.py
@@ -5,6 +5,7 @@ import re
 import string
 import urllib2
 import logging
+from openerp import SUPERUSER_ID
 from openerp.tools.translate import _
 from openerp.tools import html2plaintext
 from py_etherpad import EtherpadLiteClient
@@ -19,7 +20,7 @@ class pad_common(osv.osv_memory):
         return bool(user.company_id.pad_server)
 
     def pad_generate_url(self, cr, uid, context=None):
-        company = self.pool.get('res.users').browse(cr, uid, uid, context=context).company_id;
+        company = self.pool.get('res.users').browse(cr, SUPERUSER_ID, uid, context=context).company_id
 
         pad = {
             "server" : company.pad_server,
diff --git a/addons/pad/res_company.py b/addons/pad/res_company.py
index 95f1d9c1118..02c034c3df6 100644
--- a/addons/pad/res_company.py
+++ b/addons/pad/res_company.py
@@ -5,7 +5,7 @@ class company_pad(osv.osv):
     _inherit = 'res.company'
     _columns = {
         'pad_server': fields.char('Pad Server', help="Etherpad lite server. Example: beta.primarypad.com"),
-        'pad_key': fields.char('Pad Api Key', help="Etherpad lite api key."),
+        'pad_key': fields.char('Pad Api Key', help="Etherpad lite api key.", groups="base.group_system"),
     }
 
 

From dd86d41eb4d1e756901b9d1fedbd242c98a08f41 Mon Sep 17 00:00:00 2001
From: Denis Ledoux <dle@odoo.com>
Date: Tue, 26 Aug 2014 16:17:24 +0200
Subject: [PATCH 17/25] [FIX] security: disallow read on ir.sequence for
 externals

---
 openerp/addons/base/security/ir.model.access.csv | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openerp/addons/base/security/ir.model.access.csv b/openerp/addons/base/security/ir.model.access.csv
index 54f34858360..27333efa20c 100644
--- a/openerp/addons/base/security/ir.model.access.csv
+++ b/openerp/addons/base/security/ir.model.access.csv
@@ -28,7 +28,7 @@
 "access_ir_property_group_user_manager","ir_property group_manager","model_ir_property","base.group_partner_manager",1,1,1,0
 "access_ir_rule_group_user","ir_rule group_user","model_ir_rule",,1,0,0,0
 "access_ir_rule_group_erp_manager","ir_rule group_erp_manager","model_ir_rule","group_erp_manager",1,1,1,1
-"access_ir_sequence_group_user","ir_sequence group_user","model_ir_sequence",,1,0,0,0
+"access_ir_sequence_group_user","ir_sequence group_user","model_ir_sequence","group_user",1,0,0,0
 "access_ir_sequence_group_system","ir_sequence group_system","model_ir_sequence","group_system",1,1,1,1
 "access_ir_sequence_type_group_user","ir_sequence_type group_user","model_ir_sequence_type",,1,0,0,0
 "access_ir_sequence_type_group_system","ir_sequence_type group_system","model_ir_sequence_type","group_system",1,1,1,1

From 1f4f0c07681a3fd512c6f388e4c090e2e19d5baf Mon Sep 17 00:00:00 2001
From: Denis Ledoux <dle@odoo.com>
Date: Tue, 26 Aug 2014 17:32:04 +0200
Subject: [PATCH 18/25] [FIX] email_template: security, email_template no
 rights for externals

---
 addons/email_template/security/ir.model.access.csv         | 2 +-
 addons/email_template/wizard/mail_compose_message.py       | 2 +-
 addons/email_template/wizard/mail_compose_message_view.xml | 1 +
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/addons/email_template/security/ir.model.access.csv b/addons/email_template/security/ir.model.access.csv
index adce0420793..80be050ecbc 100644
--- a/addons/email_template/security/ir.model.access.csv
+++ b/addons/email_template/security/ir.model.access.csv
@@ -1,3 +1,3 @@
 id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
-access_email_template,email.template,model_email_template,,1,1,1,0
+access_email_template,email.template,model_email_template,base.group_user,1,1,1,0
 access_email_template_system,email.template system,model_email_template,base.group_system,1,1,1,1
diff --git a/addons/email_template/wizard/mail_compose_message.py b/addons/email_template/wizard/mail_compose_message.py
index 22bb53beae3..f39cc7f3a90 100644
--- a/addons/email_template/wizard/mail_compose_message.py
+++ b/addons/email_template/wizard/mail_compose_message.py
@@ -58,7 +58,7 @@ class mail_compose_message(osv.TransientModel):
 
     _columns = {
         # incredible hack of the day: size=-1 means we want an int db column instead of an str one
-        'template_id': fields.selection(_get_templates, 'Template', size=-1),
+        'template_id': fields.selection(_get_templates, 'Template', size=-1, groups="base.group_user"),
     }
 
     def send_mail(self, cr, uid, ids, context=None):
diff --git a/addons/email_template/wizard/mail_compose_message_view.xml b/addons/email_template/wizard/mail_compose_message_view.xml
index 34a2112e1ac..01c81e12bf3 100644
--- a/addons/email_template/wizard/mail_compose_message_view.xml
+++ b/addons/email_template/wizard/mail_compose_message_view.xml
@@ -6,6 +6,7 @@
             <field name="name">mail.compose.message.form</field>
             <field name="model">mail.compose.message</field>
             <field name="inherit_id" ref="mail.email_compose_message_wizard_form"/>
+            <field name="groups_id" eval="[(4,ref('base.group_user'))]"/>
             <field name="arch" type="xml">
                 <xpath expr="//footer" position="inside">
                     <group class="oe_right" col="1">

From 362221b6f544b550383defec630530a65a6d3cf0 Mon Sep 17 00:00:00 2001
From: Denis Ledoux <dle@odoo.com>
Date: Tue, 26 Aug 2014 18:10:14 +0200
Subject: [PATCH 19/25] [FIX] resource: security, resource not readable by
 externals

---
 addons/resource/security/ir.model.access.csv | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/addons/resource/security/ir.model.access.csv b/addons/resource/security/ir.model.access.csv
index 533ad419274..b4dc86e2250 100644
--- a/addons/resource/security/ir.model.access.csv
+++ b/addons/resource/security/ir.model.access.csv
@@ -2,5 +2,5 @@ id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
 access_resource_calendar,resource.calendar,model_resource_calendar,base.group_system,1,1,1,1
 access_resource_calendar_attendance,resource.calendar.attendance,model_resource_calendar_attendance,base.group_system,1,1,1,1
 access_resource_resource,resource.resource,model_resource_resource,base.group_system,1,0,0,0
-access_resource_resource_all,resource.resource all,model_resource_resource,,1,0,0,0
+access_resource_resource_all,resource.resource all,model_resource_resource,base.group_user,1,0,0,0
 access_resource_calendar_leaves,resource.calendar.leaves,model_resource_calendar_leaves,base.group_system,1,1,1,1

From 23df2ec28a996e624ed44f3f248df9662a1ff88f Mon Sep 17 00:00:00 2001
From: Nicolas Seinlet <nse@odoo.com>
Date: Wed, 27 Aug 2014 11:48:40 +0200
Subject: [PATCH 20/25] [FIX] sale: on create, set taxes if product_id_change
 called

---
 addons/sale/sale.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/addons/sale/sale.py b/addons/sale/sale.py
index 8326fb4a1e5..b3fa9a0ef9a 100644
--- a/addons/sale/sale.py
+++ b/addons/sale/sale.py
@@ -862,6 +862,8 @@ class sale_order_line(osv.osv):
                 flag=False,  # Force name update
                 context=context
             )['value']
+            if defaults.get('tax_id'):
+                defaults['tax_id'] = [[6, 0, defaults['tax_id']]]
             values = dict(defaults, **values)
         return super(sale_order_line, self).create(cr, uid, values, context=context)
 

From 46c71cd18d3e42e269409213106316cba748a110 Mon Sep 17 00:00:00 2001
From: Antoine Huvelle <antoine.huvelle@gmail.com>
Date: Wed, 27 Aug 2014 14:25:32 +0200
Subject: [PATCH 21/25] [IMP] stock: filter for procurement.type view

Shouldn't allow to select view in the location field. Otherwise you'll end having pickings composed of stock moves using view stock locations.
---
 addons/stock/stock_view.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/addons/stock/stock_view.xml b/addons/stock/stock_view.xml
index 32bc27a0940..f4ef1d66407 100644
--- a/addons/stock/stock_view.xml
+++ b/addons/stock/stock_view.xml
@@ -1659,7 +1659,7 @@
                 <xpath expr="//group[@name='propagation_group']" position="before">
                     <group attrs="{'invisible': [('action', '!=', 'move')]}" string="Moving Options">
                         <field name="procure_method" groups="stock.group_adv_location"/>
-                        <field name="location_src_id" attrs="{'required': [('action', '=', 'move')]}"/>
+                        <field name="location_src_id" attrs="{'required': [('action', '=', 'move')]}"  domain="[('usage','!=','view')]" />
                         <field name="partner_address_id" groups="stock.group_adv_location" context="{'show_address': 1}" options="{'always_reload': 1}"/>
                         <label for="delay" string="Delay"  groups="stock.group_adv_location"/>
                         <div groups="stock.group_adv_location">

From df5633dcab8a009a68cc85d8fe1bef2cafb413c6 Mon Sep 17 00:00:00 2001
From: Ravi Gohil <rgo@tinyerp.com>
Date: Thu, 7 Aug 2014 04:07:09 +0530
Subject: [PATCH 22/25] [FIX] account: avoid date and cache issues

Explicitely refresh invoice browse_record(...) in order to have correct 'date' in account.move.
Use context_today() date instead of time.strftime() for date_invoice. (opw 611210)
---
 addons/account/account_invoice.py | 27 +++++++++++++--------------
 1 file changed, 13 insertions(+), 14 deletions(-)

diff --git a/addons/account/account_invoice.py b/addons/account/account_invoice.py
index 6c938e22f17..1e4bc7ad230 100644
--- a/addons/account/account_invoice.py
+++ b/addons/account/account_invoice.py
@@ -566,7 +566,7 @@ class account_invoice(osv.osv):
         if isinstance(ids, (int, long)):
             ids = [ids]
         if not date_invoice:
-            date_invoice = time.strftime('%Y-%m-%d')
+            date_invoice = fields.date.context_today(self, cr, uid)
         if not payment_term_id:
             inv = self.browse(cr, uid, ids[0])
             #To make sure the invoice due date should contain due date which is entered by user when there is no payment term defined
@@ -840,7 +840,7 @@ class account_invoice(osv.osv):
         cur_obj = self.pool.get('res.currency')
         for i in invoice_move_lines:
             if inv.currency_id.id != company_currency:
-                context.update({'date': inv.date_invoice or time.strftime('%Y-%m-%d')})
+                context.update({'date': inv.date_invoice or fields.date.context_today(self, cr, uid, context=context)})
                 i['currency_id'] = inv.currency_id.id
                 i['amount_currency'] = i['price']
                 i['price'] = cur_obj.compute(cr, uid, inv.currency_id.id,
@@ -912,7 +912,8 @@ class account_invoice(osv.osv):
             ctx = context.copy()
             ctx.update({'lang': inv.partner_id.lang})
             if not inv.date_invoice:
-                self.write(cr, uid, [inv.id], {'date_invoice': fields.date.context_today(self,cr,uid,context=context)}, context=ctx)
+                self.write(cr, uid, [inv.id], {'date_invoice': fields.date.context_today(self, cr, uid, context=context)}, context=ctx)
+                inv.refresh()
             company_currency = self.pool['res.company'].browse(cr, uid, inv.company_id.id).currency_id.id
             # create the analytical lines
             # one move line per invoice line
@@ -1008,11 +1009,9 @@ class account_invoice(osv.osv):
                     'ref': ref
             })
 
-            date = inv.date_invoice or time.strftime('%Y-%m-%d')
-
             part = self.pool.get("res.partner")._find_accounting_partner(inv.partner_id)
 
-            line = map(lambda x:(0,0,self.line_get_convert(cr, uid, x, part.id, date, context=ctx)),iml)
+            line = map(lambda x:(0,0,self.line_get_convert(cr, uid, x, part.id, inv.date_invoice, context=ctx)),iml)
 
             line = self.group_lines(cr, uid, iml, line, inv)
 
@@ -1028,7 +1027,7 @@ class account_invoice(osv.osv):
                 'ref': inv.reference and inv.reference or inv.name,
                 'line_id': line,
                 'journal_id': journal_id,
-                'date': date,
+                'date': inv.date_invoice,
                 'narration': inv.comment,
                 'company_id': inv.company_id.id,
             }
@@ -1244,7 +1243,7 @@ class account_invoice(osv.osv):
             refund_journal_ids = obj_journal.search(cr, uid, [('type','=','sale_refund')], context=context)
 
         if not date:
-            date = time.strftime('%Y-%m-%d')
+            date = fields.date.context_today(self, cr, uid, context=context)
         invoice_data.update({
             'type': type_dict[invoice['type']],
             'date_invoice': date,
@@ -1681,7 +1680,7 @@ class account_invoice_tax(osv.osv):
         if company_id:
             company_currency = company_obj.read(cr, uid, [company_id], ['currency_id'])[0]['currency_id'][0]
         if currency_id and company_currency:
-            base = cur_obj.compute(cr, uid, currency_id, company_currency, base*factor, context={'date': date_invoice or time.strftime('%Y-%m-%d')}, round=False)
+            base = cur_obj.compute(cr, uid, currency_id, company_currency, base*factor, context={'date': date_invoice or fields.date.context_today(self, cr, uid)}, round=False)
         return {'value': {'base_amount':base}}
 
     def amount_change(self, cr, uid, ids, amount, currency_id=False, company_id=False, date_invoice=False):
@@ -1694,7 +1693,7 @@ class account_invoice_tax(osv.osv):
         if company_id:
             company_currency = company_obj.read(cr, uid, [company_id], ['currency_id'])[0]['currency_id'][0]
         if currency_id and company_currency:
-            amount = cur_obj.compute(cr, uid, currency_id, company_currency, amount*factor, context={'date': date_invoice or time.strftime('%Y-%m-%d')}, round=False)
+            amount = cur_obj.compute(cr, uid, currency_id, company_currency, amount*factor, context={'date': date_invoice or fields.date.context_today(self, cr, uid)}, round=False)
         return {'value': {'tax_amount': amount}}
 
     _order = 'sequence'
@@ -1723,15 +1722,15 @@ class account_invoice_tax(osv.osv):
                 if inv.type in ('out_invoice','in_invoice'):
                     val['base_code_id'] = tax['base_code_id']
                     val['tax_code_id'] = tax['tax_code_id']
-                    val['base_amount'] = cur_obj.compute(cr, uid, inv.currency_id.id, company_currency, val['base'] * tax['base_sign'], context={'date': inv.date_invoice or time.strftime('%Y-%m-%d')}, round=False)
-                    val['tax_amount'] = cur_obj.compute(cr, uid, inv.currency_id.id, company_currency, val['amount'] * tax['tax_sign'], context={'date': inv.date_invoice or time.strftime('%Y-%m-%d')}, round=False)
+                    val['base_amount'] = cur_obj.compute(cr, uid, inv.currency_id.id, company_currency, val['base'] * tax['base_sign'], context={'date': inv.date_invoice or fields.date.context_today(self, cr, uid, context=context)}, round=False)
+                    val['tax_amount'] = cur_obj.compute(cr, uid, inv.currency_id.id, company_currency, val['amount'] * tax['tax_sign'], context={'date': inv.date_invoice or fields.date.context_today(self, cr, uid, context=context)}, round=False)
                     val['account_id'] = tax['account_collected_id'] or line.account_id.id
                     val['account_analytic_id'] = tax['account_analytic_collected_id']
                 else:
                     val['base_code_id'] = tax['ref_base_code_id']
                     val['tax_code_id'] = tax['ref_tax_code_id']
-                    val['base_amount'] = cur_obj.compute(cr, uid, inv.currency_id.id, company_currency, val['base'] * tax['ref_base_sign'], context={'date': inv.date_invoice or time.strftime('%Y-%m-%d')}, round=False)
-                    val['tax_amount'] = cur_obj.compute(cr, uid, inv.currency_id.id, company_currency, val['amount'] * tax['ref_tax_sign'], context={'date': inv.date_invoice or time.strftime('%Y-%m-%d')}, round=False)
+                    val['base_amount'] = cur_obj.compute(cr, uid, inv.currency_id.id, company_currency, val['base'] * tax['ref_base_sign'], context={'date': inv.date_invoice or fields.date.context_today(self, cr, uid, context=context)}, round=False)
+                    val['tax_amount'] = cur_obj.compute(cr, uid, inv.currency_id.id, company_currency, val['amount'] * tax['ref_tax_sign'], context={'date': inv.date_invoice or fields.date.context_today(self, cr, uid, context=context)}, round=False)
                     val['account_id'] = tax['account_paid_id'] or line.account_id.id
                     val['account_analytic_id'] = tax['account_analytic_paid_id']
 

From 3509e15cc9abd8ee662acbe8a450c534d5a48645 Mon Sep 17 00:00:00 2001
From: Leonardo Donelli <learts92@gmail.com>
Date: Fri, 27 Jun 2014 17:30:16 +0200
Subject: [PATCH 23/25] [IMP] report_sxw: missing parameter without_company for
 display_address

Fixes #811
---
 openerp/report/report_sxw.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/openerp/report/report_sxw.py b/openerp/report/report_sxw.py
index bde915b8919..9f0f62b07f5 100644
--- a/openerp/report/report_sxw.py
+++ b/openerp/report/report_sxw.py
@@ -324,8 +324,11 @@ class rml_parse(object):
                 res='%s %s'%(currency_obj.symbol, res)
         return res
 
-    def display_address(self, address_browse_record):
-        return self.pool.get('res.partner')._display_address(self.cr, self.uid, address_browse_record)
+    def display_address(self, address_browse_record, without_company=False):
+        return self.pool.get('res.partner')._display_address(
+            self.cr, self.uid, address_browse_record,
+            without_company=without_company
+        )
 
     def repeatIn(self, lst, name,nodes_parent=False):
         ret_lst = []

From d662aeaa275d0516367758e5e51387eac11fb68f Mon Sep 17 00:00:00 2001
From: Max Mumford <maxmumford@gmail.com>
Date: Wed, 27 Aug 2014 17:13:14 +0200
Subject: [PATCH 24/25] [FIX] stock: missing quantity parameter from
 get_price_from_picking

---
 addons/delivery/stock.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/addons/delivery/stock.py b/addons/delivery/stock.py
index 38f8d0769fc..3c058bf0cf2 100644
--- a/addons/delivery/stock.py
+++ b/addons/delivery/stock.py
@@ -91,9 +91,10 @@ class stock_picking(osv.osv):
                     _('The carrier %s (id: %d) has no delivery grid!') \
                             % (picking.carrier_id.name,
                                 picking.carrier_id.id))
+        quantity = sum([line.product_uom_qty for line in picking.move_lines])
         price = grid_obj.get_price_from_picking(cr, uid, grid_id,
                 invoice.amount_untaxed, picking.weight, picking.volume,
-                context=context)
+                quantity, context=context)
         account_id = picking.carrier_id.product_id.property_account_income.id
         if not account_id:
             account_id = picking.carrier_id.product_id.categ_id\

From 04a56d8f6b401da3c6849dd5581938657e6f450f Mon Sep 17 00:00:00 2001
From: Denis Ledoux <dle@odoo.com>
Date: Wed, 27 Aug 2014 18:13:53 +0200
Subject: [PATCH 25/25] [FIX] website_blog: controllers blog expects a date,
 not a datetime

---
 addons/website_blog/controllers/main.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/addons/website_blog/controllers/main.py b/addons/website_blog/controllers/main.py
index 2e1477e8f2d..6b43f49e700 100644
--- a/addons/website_blog/controllers/main.py
+++ b/addons/website_blog/controllers/main.py
@@ -37,7 +37,7 @@ class WebsiteBlog(http.Controller):
         groups = blog_post_obj.read_group(request.cr, request.uid, [], ['name', 'create_date'],
             groupby="create_date", orderby="create_date asc", context=request.context)
         for group in groups:
-            group['date'] = "%s_%s" % (group['__domain'][0][2], group['__domain'][1][2])
+            group['date'] = "%s_%s" % (group['__domain'][0][2][:10], group['__domain'][1][2][:10])
         return groups
 
     @http.route([