[FIX] mail: check create access only for acess rights, not access rules (too permissive)

bzr revid: mat@openerp.com-20130821153918-pdtf4mhcdycfdf3p
This commit is contained in:
Martin Trigaux 2013-08-21 17:39:18 +02:00
parent 11d50f0afc
commit b03203fd3a
1 changed files with 1 additions and 4 deletions

View File

@ -724,10 +724,7 @@ class mail_message(osv.Model):
if operation in ['create', 'write', 'unlink']:
if not model_obj.check_access_rights(cr, uid, 'write', raise_exception=False):
model_obj.check_access_rights(cr, uid, 'create')
try:
model_obj.check_access_rule(cr, uid, mids, 'write', context=context)
except orm.except_orm, e:
model_obj.check_access_rule(cr, uid, mids, 'create', context=context)
model_obj.check_access_rule(cr, uid, mids, 'write', context=context)
else:
model_obj.check_access_rights(cr, uid, operation)
model_obj.check_access_rule(cr, uid, mids, operation, context=context)