odoo
/
odoo
2
0
Fork 0
Code Pull Requests Releases Activity

[FIX] mail, crm: fixed some access rights issues when using chatter on a document without access rights with portal users. 

bzr revid: tde@openerp.com-20130417085927-wg07siehk2uhrkpu
This commit is contained in:
Thibault Delavallée 2013-04-17 10:59:27 +02:00
parent 3d1e5d6998
commit c2f02f6798
2 changed files with 17 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
addons/crm/crm_lead.py
View File

@ -23,8 +23,9 @@ from openerp.addons.base_status.base_stage import base_stage
import crm
from datetime import datetime
from operator import itemgetter
from openerp.osv import fields, osv
from openerp.osv import fields, osv, orm
import time
from openerp import SUPERUSER_ID
from openerp import tools
from openerp.tools.translate import _
from openerp.tools import html2plaintext
@ -972,15 +973,18 @@ class crm_lead(base_stage, format_address, osv.osv):
def message_get_reply_to(self, cr, uid, ids, context=None):
""" Override to get the reply_to of the parent project. """
return [lead.section_id.message_get_reply_to()[0] if lead.section_id else False
for lead in self.browse(cr, uid, ids, context=context)]
for lead in self.browse(cr, SUPERUSER_ID, ids, context=context)]
def message_get_suggested_recipients(self, cr, uid, ids, context=None):
recipients = super(crm_lead, self).message_get_suggested_recipients(cr, uid, ids, context=context)
for lead in self.browse(cr, uid, ids, context=context):
if lead.partner_id:
self._message_add_suggested_recipient(cr, uid, recipients, lead, partner=lead.partner_id, reason=_('Customer'))
elif lead.email_from:
self._message_add_suggested_recipient(cr, uid, recipients, lead, email=lead.email_from, reason=_('Customer Email'))
try:
for lead in self.browse(cr, uid, ids, context=context):
if lead.partner_id:
self._message_add_suggested_recipient(cr, uid, recipients, lead, partner=lead.partner_id, reason=_('Customer'))
elif lead.email_from:
self._message_add_suggested_recipient(cr, uid, recipients, lead, email=lead.email_from, reason=_('Customer Email'))
except (osv.except_osv, orm.except_orm): # no read access rights -> just ignore suggested recipients because this imply modifying followers
pass
return recipients
def message_new(self, cr, uid, msg, custom_values=None, context=None):

9
addons/mail/mail_thread.py
View File

@ -33,7 +33,7 @@ from email.message import Message
from openerp import tools
from openerp import SUPERUSER_ID
from openerp.addons.mail.mail_message import decode
from openerp.osv import fields, osv
from openerp.osv import fields, osv, orm
from openerp.tools.safe_eval import safe_eval as eval
from openerp.tools.translate import _
@ -419,7 +419,7 @@ class mail_thread(osv.AbstractModel):
return ["%s@%s" % (record['alias_name'], record['alias_domain'])
if record.get('alias_domain') and record.get('alias_name')
else False
for record in self.read(cr, uid, ids, ['alias_name', 'alias_domain'], context=context)]
for record in self.read(cr, SUPERUSER_ID, ids, ['alias_name', 'alias_domain'], context=context)]
#------------------------------------------------------
# Mail gateway
@ -1156,7 +1156,10 @@ class mail_thread(osv.AbstractModel):
""" Add partners to the records followers. """
user_pid = self.pool.get('res.users').read(cr, uid, uid, ['partner_id'], context=context)['partner_id'][0]
if set(partner_ids) == set([user_pid]):
self.check_access_rights(cr, uid, 'read')
try:
self.check_access_rights(cr, uid, 'read')
except (osv.except_osv, orm.except_orm):
return
else:
self.check_access_rights(cr, uid, 'write')