[FIX] apply same visibility rules as base
This commit is contained in:
parent
d0493ee847
commit
8d750ecdc8
|
@ -5,6 +5,8 @@ from passlib.context import CryptContext
|
||||||
import openerp
|
import openerp
|
||||||
from openerp.osv import fields, osv
|
from openerp.osv import fields, osv
|
||||||
|
|
||||||
|
openerp.addons.base.res.res_users.USER_PRIVATE_FIELDS.append('password_crypt')
|
||||||
|
|
||||||
_logger = logging.getLogger(__name__)
|
_logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
default_crypt_context = CryptContext(
|
default_crypt_context = CryptContext(
|
||||||
|
|
|
@ -37,6 +37,9 @@ from openerp.http import request
|
||||||
|
|
||||||
_logger = logging.getLogger(__name__)
|
_logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
# Only users who can modify the user (incl. the user herself) see the real contents of these fields
|
||||||
|
USER_PRIVATE_FIELDS = ['password']
|
||||||
|
|
||||||
#----------------------------------------------------------
|
#----------------------------------------------------------
|
||||||
# Basic res.groups and res.users
|
# Basic res.groups and res.users
|
||||||
#----------------------------------------------------------
|
#----------------------------------------------------------
|
||||||
|
@ -280,8 +283,10 @@ class res_users(osv.osv):
|
||||||
|
|
||||||
def read(self, cr, uid, ids, fields=None, context=None, load='_classic_read'):
|
def read(self, cr, uid, ids, fields=None, context=None, load='_classic_read'):
|
||||||
def override_password(o):
|
def override_password(o):
|
||||||
if 'password' in o and ('id' not in o or o['id'] != uid):
|
if ('id' not in o or o['id'] != uid):
|
||||||
o['password'] = '********'
|
for f in USER_PRIVATE_FIELDS:
|
||||||
|
if f in o:
|
||||||
|
o[f] = '********'
|
||||||
return o
|
return o
|
||||||
|
|
||||||
if fields and (ids == [uid] or ids == uid):
|
if fields and (ids == [uid] or ids == uid):
|
||||||
|
|
Loading…
Reference in New Issue