odoo
/
odoo
2
0
Fork 0
Code Pull Requests Releases Activity

[FIX] project, task, issue, portal: fixed access rules for employees/portal users + added an help on privacy_visibility. 

bzr revid: tde@openerp.com-20130426130259-35j0v7lg7unxhzzp
This commit is contained in:
Thibault Delavallée 2013-04-26 15:02:59 +02:00
parent bc79d1cdd7
commit 8c31d9772a
6 changed files with 58 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
addons/portal_project/security/portal_security.xml
View File

@ -33,10 +33,8 @@
</record> </record>
<record model="ir.rule" id="project.task_visibility_rule"> <record model="ir.rule" id="project.task_visibility_rule">
<field name="name">Project/Task: employees: public, portal, employee or following or assigned</field> <field name="name">Project/Task: employees: public, portal, employee or (followers and following)</field>
<field name="domain_force">['|', <field name="domain_force">['|',
('user_id', '=', user.id),
'|',
('project_id.privacy_visibility', 'in', ['public', 'portal', 'employees']), ('project_id.privacy_visibility', 'in', ['public', 'portal', 'employees']),
'&amp;', '&amp;',
('project_id.privacy_visibility', '=', 'followers'), ('project_id.privacy_visibility', '=', 'followers'),
@ -45,15 +43,16 @@
</record> </record>
<record id="portal_task_rule" model="ir.rule"> <record id="portal_task_rule" model="ir.rule">
<field name="name">Project/Task: portal users: public or portal and following</field> <field name="name">Project/Task: portal users: public or (portal and colleagues following) or (followers and following)</field>
<field name="model_id" ref="project.model_project_task"/> <field name="model_id" ref="project.model_project_task"/>
<field name="domain_force">['|', <field name="domain_force">['|', '|',
('project_id.privacy_visibility', '=', 'public'), ('project_id.privacy_visibility', 'in', ['public']),
'&amp;', '&amp;',
('project_id.privacy_visibility', 'in', ['portal', 'followers']), ('project_id.privacy_visibility', '=', 'portal'),
'|', ('message_follower_ids', 'child_of', [user.partner_id.commercial_partner_id.id]),
('message_follower_ids','in', [user.partner_id.id]), '&amp;',
('user_id', '=', user.id), ('project_id.privacy_visibility', '=', 'followers'),
('message_follower_ids', 'in', [user.partner_id.id]),
]</field> ]</field>
<field name="groups" eval="[(4, ref('portal.group_portal'))]"/> <field name="groups" eval="[(4, ref('portal.group_portal'))]"/>
</record> </record>

20
addons/portal_project_issue/security/portal_security.xml
View File

@ -3,23 +3,23 @@
<data noupdate="1"> <data noupdate="1">
<record id="portal_issue_rule" model="ir.rule"> <record id="portal_issue_rule" model="ir.rule">
<field name="name">Project/Issue: portal users: public or portal and following</field> <field name="name">Project/Issue: portal users: public or (portal and colleagues following) or (followers and following)</field>
<field name="model_id" ref="project_issue.model_project_issue"/> <field name="model_id" ref="project_issue.model_project_issue"/>
<field name="domain_force">[ '&amp;', <field name="domain_force">['|', '|',
('project_id.privacy_visibility', 'in', ['public', 'portal', 'followers']), ('project_id.privacy_visibility', 'in', ['public']),
'|', '|', '&amp;',
('message_follower_ids','in', [user.partner_id.id]), ('project_id.privacy_visibility', '=', 'portal'),
('user_id', '=', user.id), ('message_follower_ids', 'child_of', [user.partner_id.commercial_partner_id.id]),
('partner_id', 'child_of', [user.commercial_partner_id.id]) '&amp;',
('project_id.privacy_visibility', '=', 'followers'),
('message_follower_ids', 'in', [user.partner_id.id]),
]</field> ]</field>
<field name="groups" eval="[(4, ref('portal.group_portal'))]"/> <field name="groups" eval="[(4, ref('portal.group_portal'))]"/>
</record> </record>
<record model="ir.rule" id="project_issue.issue_user_rule"> <record model="ir.rule" id="project_issue.issue_user_rule">
<field name="name">Project/Issue: employees: public, portal, employee or following or assigned</field> <field name="name">Project/Issue: employees: public, portal, employee or (followers and following)</field>
<field name="domain_force">['|', <field name="domain_force">['|',
('user_id', '=', user.id),
'|',
('project_id.privacy_visibility', 'in', ['public', 'portal', 'employees']), ('project_id.privacy_visibility', 'in', ['public', 'portal', 'employees']),
'&amp;', '&amp;',
('project_id.privacy_visibility', '=', 'followers'), ('project_id.privacy_visibility', '=', 'followers'),

15
addons/portal_project_long_term/security/portal_security.xml
View File

@ -3,15 +3,16 @@
<data> <data>
<record id="portal_project_long_term_rule" model="ir.rule"> <record id="portal_project_long_term_rule" model="ir.rule">
<field name="name">Project/Phase: portal users: public or portal and following</field> <field name="name">Project/Phase: portal users: public or (portal and colleagues following) or (followers and following)</field>
<field name="model_id" ref="project_long_term.model_project_phase"/> <field name="model_id" ref="project_long_term.model_project_phase"/>
<field name="domain_force">['|', <field name="domain_force">['|', '|',
('project_id.privacy_visibility', '=', 'public'), ('project_id.privacy_visibility', 'in', ['public']),
'&amp;', '&amp;',
('project_id.privacy_visibility', 'in', ['portal', 'followers']), ('project_id.privacy_visibility', '=', 'portal'),
'|', ('message_follower_ids', 'child_of', [user.partner_id.commercial_partner_id.id]),
('message_follower_ids','in', [user.partner_id.id]), '&amp;',
('user_id', '=', user.id), ('project_id.privacy_visibility', '=', 'followers'),
('message_follower_ids', '=', [user.partner_id.id]),
]</field> ]</field>
<field name="groups" eval="[(4, ref('portal.group_portal'))]"/> <field name="groups" eval="[(4, ref('portal.group_portal'))]"/>
</record> </record>

14
addons/project/project.py
View File

@ -210,7 +210,7 @@ class project(osv.osv):
def _get_visibility_selection(self, cr, uid, context=None): def _get_visibility_selection(self, cr, uid, context=None):
""" Overriden in portal_project to offer more options """ """ Overriden in portal_project to offer more options """
return [('public', 'All Users'), return [('public', 'Public'),
('employees', 'Employees Only'), ('employees', 'Employees Only'),
('followers', 'Followers Only')] ('followers', 'Followers Only')]
@ -275,7 +275,17 @@ class project(osv.osv):
"with Tasks (or optionally Issues if the Issue Tracker module is installed)."), "with Tasks (or optionally Issues if the Issue Tracker module is installed)."),
'alias_model': fields.selection(_alias_models, "Alias Model", select=True, required=True, 'alias_model': fields.selection(_alias_models, "Alias Model", select=True, required=True,
help="The kind of document created when an email is received on this project's email alias"), help="The kind of document created when an email is received on this project's email alias"),
'privacy_visibility': fields.selection(_visibility_selection, 'Privacy / Visibility', required=True), 'privacy_visibility': fields.selection(_visibility_selection, 'Privacy / Visibility', required=True,
help="Holds visibility of the tasks or issues that belong to the current project:\n"
"- Public: everybody sees everything; if portal is activated, portal users\n"
" see all tasks or issues; if anonymous portal is activated, visitors\n"
" see all tasks or issues\n"
"- Portal (only available if Portal is installed): employees see everything;\n"
" if portal is activated, portal users see the tasks or issues followed by\n"
" them or by someone of their company\n"
"- Employees Only: employees see all tasks or issues\n"
"- Followers Only: employees see only the followed tasks or issues; if portal\n"
" is activated, portal users see the followed tasks or issues."),
'state': fields.selection([('template', 'Template'),('draft','New'),('open','In Progress'), ('cancelled', 'Cancelled'),('pending','Pending'),('close','Closed')], 'Status', required=True,), 'state': fields.selection([('template', 'Template'),('draft','New'),('open','In Progress'), ('cancelled', 'Cancelled'),('pending','Pending'),('close','Closed')], 'Status', required=True,),
'doc_count':fields.function(_get_attached_docs, string="Number of documents attached", type='int') 'doc_count':fields.function(_get_attached_docs, string="Number of documents attached", type='int')
} }

4
addons/project/security/project_security.xml
View File

@ -75,11 +75,9 @@
</record> </record>
<record model="ir.rule" id="task_visibility_rule"> <record model="ir.rule" id="task_visibility_rule">
<field name="name">Project/Task: employees: public or employee or following or assigned</field> <field name="name">Project/Task: employees: public or employee or (followers and following)</field>
<field name="model_id" ref="model_project_task"/> <field name="model_id" ref="model_project_task"/>
<field name="domain_force">['|', <field name="domain_force">['|',
('user_id', '=', user.id),
'|',
('project_id.privacy_visibility', 'in', ['public', 'employees']), ('project_id.privacy_visibility', 'in', ['public', 'employees']),
'&amp;', '&amp;',
('project_id.privacy_visibility', '=', 'followers'), ('project_id.privacy_visibility', '=', 'followers'),

4
addons/project_issue/security/project_issue_security.xml
View File

@ -10,15 +10,13 @@
</record> </record>
<record model="ir.rule" id="issue_user_rule"> <record model="ir.rule" id="issue_user_rule">
<field name="name">Project/Issue: employees: public or employee or following or assigned</field> <field name="name">Project/Issue: employees: public or employee or (followers and following)</field>
<field name="model_id" ref="model_project_issue"/> <field name="model_id" ref="model_project_issue"/>
<field name="domain_force">['|', <field name="domain_force">['|',
'|',
('project_id.privacy_visibility', 'in', ['public', 'employees']), ('project_id.privacy_visibility', 'in', ['public', 'employees']),
'&amp;', '&amp;',
('project_id.privacy_visibility', '=', 'followers'), ('project_id.privacy_visibility', '=', 'followers'),
('message_follower_ids', 'in', [user.id]), ('message_follower_ids', 'in', [user.id]),
('user_id', '=', user.id),
]</field> ]</field>
<field name="groups" eval="[(4,ref('base.group_user'))]"/> <field name="groups" eval="[(4,ref('base.group_user'))]"/>
</record> </record>