[FIX] purchase: post message on purchase order as admin if have no read access (would block validating invoice, opw #596294)

bzr revid: mat@openerp.com-20131029095012-4v4qyooblzgpkcz5
2013-10-29 10:50:12 +01:00 · 2013-10-29 10:50:12 +01:00 · 9134b1b6d7
parent 71c11fdbdb 7f9b84150f
commit 9134b1b6d7
1 changed files with 14 additions and 4 deletions
--- a/addons/purchase/purchase.py
+++ b/addons/purchase/purchase.py
@ -1231,17 +1231,27 @@ class account_invoice(osv.Model):
    def invoice_validate(self, cr, uid, ids, context=None):
        res = super(account_invoice, self).invoice_validate(cr, uid, ids, context=context)
        purchase_order_obj = self.pool.get('purchase.order')
-        po_ids = purchase_order_obj.search(cr, uid, [('invoice_ids', 'in', ids)], context=context)
+        # read access on purchase.order object is not required
+        if not purchase_order_obj.check_access_rights(cr, uid, 'read', raise_exception=False):
+            user_id = SUPERUSER_ID
+        else:
+            user_id = uid
+        po_ids = purchase_order_obj.search(cr, user_id, [('invoice_ids', 'in', ids)], context=context)
        for po_id in po_ids:
-            purchase_order_obj.message_post(cr, uid, po_id, body=_("Invoice received"), context=context)
+            purchase_order_obj.message_post(cr, user_id, po_id, body=_("Invoice received"), context=context)
        return res

    def confirm_paid(self, cr, uid, ids, context=None):
        res = super(account_invoice, self).confirm_paid(cr, uid, ids, context=context)
        purchase_order_obj = self.pool.get('purchase.order')
-        po_ids = purchase_order_obj.search(cr, uid, [('invoice_ids', 'in', ids)], context=context)
+        # read access on purchase.order object is not required
+        if not purchase_order_obj.check_access_rights(cr, uid, 'read', raise_exception=False):
+            user_id = SUPERUSER_ID
+        else:
+            user_id = uid
+        po_ids = purchase_order_obj.search(cr, user_id, [('invoice_ids', 'in', ids)], context=context)
        if po_ids:
-            purchase_order_obj.message_post(cr, uid, po_ids, body=_("Invoice paid"), context=context)
+            purchase_order_obj.message_post(cr, user_id, po_ids, body=_("Invoice paid"), context=context)
        return res