odoo
/
odoo
2
0
Fork 0
Code Pull Requests Releases Activity

document: ACL setup, based on ir.rules 

bzr revid: p_christ@hol.gr-20101027102428-pyanpwxzhta3zqy3
This commit is contained in:
P. Christeas 2010-10-27 13:24:28 +03:00
parent 4dae4d0dbf
commit 9624ef2907
4 changed files with 64 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
addons/document/document_data.xml
View File

@ -16,13 +16,13 @@
<record model="document.directory" id="dir_root">
<field name="name">Documents</field>
<field name="user_id" ref="base.user_root"/>
<field name="user_id" eval="False"/>
<field name="storage_id" ref="storage_default"/>
<field name="ressource_id">0</field>
</record>
<record model="document.directory" id="dir_my_folder">
<field name="name">My Folder</field>
<field name="name">Admin Folder</field>
<field name="parent_id" ref="dir_root"/>
<field name="user_id" ref="base.user_root"/>
<field name="ressource_id">0</field>
@ -37,7 +37,7 @@
<field name="ressource_id">0</field>
<field name="ressource_type_id" search="[('model','=','res.partner.category')]" />
<field name="user_id" ref="base.user_root"/>
<field name="user_id" eval="False"/>
</record>
<record model="document.directory" id="dir_partner">
@ -46,7 +46,7 @@
<field name="domain">[('category_id','in',[active_id])]</field>
<field name="ressource_type_id" search="[('model','=','res.partner')]" />
<field name="ressource_parent_type_id" search="[('model','=','res.partner.category')]" />
<field name="user_id" ref="base.user_root"/>
<field name="user_id" eval="False"/>
<field name="ressource_id">0</field>
</record>
@ -55,14 +55,14 @@
<field name="name">Personal Folders</field>
<field name="parent_id" ref="dir_root"/>
<field name="type">ressource</field>
<field name="user_id" eval="False"/>
<field name="ressource_type_id" ref="base.model_res_users" />
<field name="ressource_id">0</field>
</record>
<record model="document.directory" id="dir_product">
<field name="name">Products</field>
<field name="user_id" ref="base.user_root"/>
<field name="user_id" eval="False"/>
<field name="parent_id" ref="dir_root"/>
<field name="ressource_id">0</field>
@ -70,7 +70,7 @@
<record model="document.directory" id="dir_sale_order">
<field name="name">Sales Order</field>
<field name="user_id" ref="base.user_root"/>
<field name="user_id" eval="False"/>
<field name="parent_id" ref="dir_root"/>
<field name="ressource_id">0</field>
@ -78,7 +78,7 @@
<record model="document.directory" id="dir_sale_order_all">
<field name="name">All Sales Order</field>
<field name="user_id" ref="base.user_root"/>
<field name="user_id" eval="False"/>
<field name="parent_id" ref="dir_sale_order"/>
<field name="ressource_id">0</field>
@ -86,7 +86,7 @@
<record model="document.directory" id="dir_sale_order_quote">
<field name="name">Quotations</field>
<field name="user_id" ref="base.user_root"/>
<field name="user_id" eval="False"/>
<field name="parent_id" ref="dir_sale_order"/>
<field name="ressource_id">0</field>
@ -94,7 +94,7 @@
<record model="document.directory" id="dir_project">
<field name="name">Projects</field>
<field name="user_id" ref="base.user_root"/>
<field name="user_id" eval="False"/>
<field name="parent_id" ref="dir_root"/>
<field name="ressource_id">0</field>

24
addons/document/security/document_security.xml
View File

@ -14,6 +14,28 @@
<field name="groups_id" eval="[(6,0,[ref('base.group_system')])]"/>
</record>
<record id="ir_rule_readpublicdirectories0" model="ir.rule">
<field name="model_id" ref="document.model_document_directory"/>
<field name="domain_force">['|',('user_id', '=', False), ('user_id', '=', user.id), '|', ('group_ids','=',False), ('group_ids','in',user.groups_id), '|', ('company_id','=',False), ('company_id','child_of',[user.company_id.id])]</field>
<field name="name">Read public directories</field>
<field eval="0" name="global"/>
<field eval="[(6,0,[ref('base.group_user')])]" name="groups"/>
<field eval="0" name="perm_unlink"/>
<field eval="0" name="perm_write"/>
<field eval="1" name="perm_read"/>
<field eval="0" name="perm_create"/>
</record>
<record id="ir_rule_documentmodifyowndirectories0" model="ir.rule">
<field name="model_id" ref="document.model_document_directory"/>
<field name="domain_force">[('user_id', '=', user.id), '|', ('group_ids','=',False), ('group_ids','in',user.groups_id), '|', ('company_id','=',False), ('company_id','child_of',[user.company_id.id]) ]</field>
<field name="name">Document modify own directories</field>
<field eval="0" name="global"/>
<field eval="[(6,0,[ref('base.group_document_user')])]" name="groups"/>
<field eval="1" name="perm_unlink"/>
<field eval="1" name="perm_write"/>
<field eval="0" name="perm_read"/>
<field eval="1" name="perm_create"/>
</record>
</data>
</openerp>

1
addons/document/security/ir.model.access.csv
View File

@ -1,6 +1,7 @@
"id","name","model_id:id","group_id:id","perm_read","perm_write","perm_create","perm_unlink"
"access_document_directory_all","document.directory all","model_document_directory",,1,0,0,0
"access_document_directory_group_document_manager","document.directory document manager","model_document_directory","base.group_system",1,1,1,1
"access_document_directory_group_knowledge","document.directory modify","model_document_directory","base.group_document_user",1,1,1,1
"access_document_directory_group_system","document.directory group system","model_document_directory","base.group_system",1,1,1,1
"access_document_directory_content_all","document.directory.content all","model_document_directory_content",,1,0,0,0
"access_document_directory_content_group_document_manager","document.directory.content document manager","model_document_directory_content","base.group_system",1,1,1,1

1 id name model_id:id group_id:id perm_read perm_write perm_create perm_unlink
2 access_document_directory_all document.directory all model_document_directory 1 0 0 0
3 access_document_directory_group_document_manager document.directory document manager model_document_directory base.group_system 1 1 1 1
4 access_document_directory_group_knowledge document.directory modify model_document_directory base.group_document_user 1 1 1 1
5 access_document_directory_group_system document.directory group system model_document_directory base.group_system 1 1 1 1
6 access_document_directory_content_all document.directory.content all model_document_directory_content 1 0 0 0
7 access_document_directory_content_group_document_manager document.directory.content document manager model_document_directory_content base.group_system 1 1 1 1

30
addons/document_ftp/test/document_ftp_test5.yml Normal file
View File

@ -0,0 +1,30 @@
-
In order to check the permissions setup and functionality of the
document module:
-
I create a testing user for the documents
-
I assign some ... group to the testing user
-
I create a "group testing" user, which also belongs to the same ... group
-
I create a "blocked" user.
-
I create (as root) a testing folder in the document hierarchy, and
assign ownership to the testing user, groups to the ... group.
-
I create a "private" folder inside the testing folder.
-
I try to read the testing folder as the testing user
-
I try to read the folder as the group user, it should fail.
-
I try to read the folder as the blocked user.
-
I create a "group" folder, with the ... group.
-
I try to read the "group" folder as the testing user
-
I try to read the "group" folder as the group user
-
I try to read the "group" folder as the blocked user