filter menu using actions groups
bzr revid: christophe@tinyerp.com-20080923162456-3mimhd96ve8qfs4y
This commit is contained in:
parent
de8973b153
commit
b751bebc98
|
@ -66,16 +66,25 @@ class ir_ui_menu(osv.osv):
|
|||
context=context)
|
||||
if uid==1:
|
||||
return ids
|
||||
user_groups = self.pool.get('res.users').read(cr, uid, [uid])[0]['groups_id']
|
||||
user_groups = set(self.pool.get('res.users').read(cr, uid, uid)['groups_id'])
|
||||
result = []
|
||||
for menu in self.browse(cr, uid, ids):
|
||||
if not len(menu.groups_id):
|
||||
result.append(menu.id)
|
||||
restrict_to_groups = menu.groups_id
|
||||
if not restrict_to_groups:
|
||||
if menu.action:
|
||||
# if the menu itself has no restrictions, we get the groups of
|
||||
# the action of the menu
|
||||
try:
|
||||
m, oid = menu.action.split(',', 1)
|
||||
data = self.pool.get(m).read(cr, uid, int(oid), context=context)
|
||||
if data and 'groups_id' in data:
|
||||
restrict_to_groups = data['groups_id']
|
||||
except:
|
||||
pass
|
||||
|
||||
if restrict_to_groups and not user_groups.intersection(restrict_to_groups):
|
||||
continue
|
||||
for g in menu.groups_id:
|
||||
if g.id in user_groups:
|
||||
result.append(menu.id)
|
||||
break
|
||||
result.append(menu.id)
|
||||
return result
|
||||
|
||||
def _get_full_name(self, cr, uid, ids, name, args, context):
|
||||
|
@ -122,8 +131,7 @@ class ir_ui_menu(osv.osv):
|
|||
('key2', '=', 'tree_but_open'), ('res_id', 'in', ids)],
|
||||
context=context)
|
||||
values_action = {}
|
||||
for value in values_obj.browse(cursor, user, value_ids,
|
||||
context=context):
|
||||
for value in values_obj.browse(cursor, user, value_ids, context=context):
|
||||
values_action[value.res_id] = value.value
|
||||
for menu_id in ids:
|
||||
res[menu_id] = values_action.get(menu_id, False)
|
||||
|
|
|
@ -118,12 +118,18 @@ class users(osv.osv):
|
|||
'context_tz': fields.selection(_tz_get, 'Timezone', size=64)
|
||||
}
|
||||
def read(self,cr, uid, ids, fields=None, context=None, load='_classic_read'):
|
||||
def override_password(o):
|
||||
if 'password' in o:
|
||||
o['password'] = '********'
|
||||
return o
|
||||
|
||||
result = super(users, self).read(cr, uid, ids, fields, context, load)
|
||||
canwrite = self.pool.get('ir.model.access').check(cr, uid, 'res.users', 'write', raise_exception=False)
|
||||
if not canwrite:
|
||||
for r in result:
|
||||
if 'password' in r:
|
||||
r['password'] = '********'
|
||||
if isinstance(ids, (int, float)):
|
||||
result = override_password(result)
|
||||
else:
|
||||
result = map(override_password, result)
|
||||
return result
|
||||
|
||||
_sql_constraints = [
|
||||
|
|
Loading…
Reference in New Issue