[FIX] mail, crm: fixed some access rights issues when using chatter on a document without access rights with portal users.
bzr revid: tde@openerp.com-20130417085927-wg07siehk2uhrkpu
This commit is contained in:
Thibault Delavallée
parent
3d1e5d6998
commit
c2f02f6798
|
|
@ -23,8 +23,9 @@ from openerp.addons.base_status.base_stage import base_stage
|
||||||
import crm
|
import crm
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
from operator import itemgetter
|
from operator import itemgetter
|
||||||
from openerp.osv import fields, osv
|
from openerp.osv import fields, osv, orm
|
||||||
import time
|
import time
|
||||||
|
from openerp import SUPERUSER_ID
|
||||||
from openerp import tools
|
from openerp import tools
|
||||||
from openerp.tools.translate import _
|
from openerp.tools.translate import _
|
||||||
from openerp.tools import html2plaintext
|
from openerp.tools import html2plaintext
|
||||||
|
|
@ -972,15 +973,18 @@ class crm_lead(base_stage, format_address, osv.osv):
|
||||||
def message_get_reply_to(self, cr, uid, ids, context=None):
|
def message_get_reply_to(self, cr, uid, ids, context=None):
|
||||||
""" Override to get the reply_to of the parent project. """
|
""" Override to get the reply_to of the parent project. """
|
||||||
return [lead.section_id.message_get_reply_to()[0] if lead.section_id else False
|
return [lead.section_id.message_get_reply_to()[0] if lead.section_id else False
|
||||||
for lead in self.browse(cr, uid, ids, context=context)]
|
for lead in self.browse(cr, SUPERUSER_ID, ids, context=context)]
|
||||||
|
|
||||||
def message_get_suggested_recipients(self, cr, uid, ids, context=None):
|
def message_get_suggested_recipients(self, cr, uid, ids, context=None):
|
||||||
recipients = super(crm_lead, self).message_get_suggested_recipients(cr, uid, ids, context=context)
|
recipients = super(crm_lead, self).message_get_suggested_recipients(cr, uid, ids, context=context)
|
||||||
for lead in self.browse(cr, uid, ids, context=context):
|
try:
|
||||||
if lead.partner_id:
|
for lead in self.browse(cr, uid, ids, context=context):
|
||||||
self._message_add_suggested_recipient(cr, uid, recipients, lead, partner=lead.partner_id, reason=_('Customer'))
|
if lead.partner_id:
|
||||||
elif lead.email_from:
|
self._message_add_suggested_recipient(cr, uid, recipients, lead, partner=lead.partner_id, reason=_('Customer'))
|
||||||
self._message_add_suggested_recipient(cr, uid, recipients, lead, email=lead.email_from, reason=_('Customer Email'))
|
elif lead.email_from:
|
||||||
|
self._message_add_suggested_recipient(cr, uid, recipients, lead, email=lead.email_from, reason=_('Customer Email'))
|
||||||
|
except (osv.except_osv, orm.except_orm): # no read access rights -> just ignore suggested recipients because this imply modifying followers
|
||||||
|
pass
|
||||||
return recipients
|
return recipients
|
||||||
|
|
||||||
def message_new(self, cr, uid, msg, custom_values=None, context=None):
|
def message_new(self, cr, uid, msg, custom_values=None, context=None):
|
||||||
|
|
|
||||||
|
|
@ -33,7 +33,7 @@ from email.message import Message
|
||||||
from openerp import tools
|
from openerp import tools
|
||||||
from openerp import SUPERUSER_ID
|
from openerp import SUPERUSER_ID
|
||||||
from openerp.addons.mail.mail_message import decode
|
from openerp.addons.mail.mail_message import decode
|
||||||
from openerp.osv import fields, osv
|
from openerp.osv import fields, osv, orm
|
||||||
from openerp.tools.safe_eval import safe_eval as eval
|
from openerp.tools.safe_eval import safe_eval as eval
|
||||||
from openerp.tools.translate import _
|
from openerp.tools.translate import _
|
||||||
|
|
||||||
|
|
@ -419,7 +419,7 @@ class mail_thread(osv.AbstractModel):
|
||||||
return ["%s@%s" % (record['alias_name'], record['alias_domain'])
|
return ["%s@%s" % (record['alias_name'], record['alias_domain'])
|
||||||
if record.get('alias_domain') and record.get('alias_name')
|
if record.get('alias_domain') and record.get('alias_name')
|
||||||
else False
|
else False
|
||||||
for record in self.read(cr, uid, ids, ['alias_name', 'alias_domain'], context=context)]
|
for record in self.read(cr, SUPERUSER_ID, ids, ['alias_name', 'alias_domain'], context=context)]
|
||||||
|
|
||||||
#------------------------------------------------------
|
#------------------------------------------------------
|
||||||
# Mail gateway
|
# Mail gateway
|
||||||
|
|
@ -1156,7 +1156,10 @@ class mail_thread(osv.AbstractModel):
|
||||||
""" Add partners to the records followers. """
|
""" Add partners to the records followers. """
|
||||||
user_pid = self.pool.get('res.users').read(cr, uid, uid, ['partner_id'], context=context)['partner_id'][0]
|
user_pid = self.pool.get('res.users').read(cr, uid, uid, ['partner_id'], context=context)['partner_id'][0]
|
||||||
if set(partner_ids) == set([user_pid]):
|
if set(partner_ids) == set([user_pid]):
|
||||||
self.check_access_rights(cr, uid, 'read')
|
try:
|
||||||
|
self.check_access_rights(cr, uid, 'read')
|
||||||
|
except (osv.except_osv, orm.except_orm):
|
||||||
|
return
|
||||||
else:
|
else:
|
||||||
self.check_access_rights(cr, uid, 'write')
|
self.check_access_rights(cr, uid, 'write')
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue