[ADD] overwrite check permission method to poston an employee profile
bzr revid: mat@openerp.com-20130327165126-dtoejma9h71m2zpx
This commit is contained in:
parent
abf54323ca
commit
ccf6cf921e
|
@ -23,5 +23,6 @@ import hr_department
|
|||
import hr
|
||||
|
||||
import res_config
|
||||
import mail_message
|
||||
|
||||
# vim:expandtab:smartindent:tabstop=4:softtabstop=4:shiftwidth=4:
|
||||
|
|
|
@ -0,0 +1,40 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
##############################################################################
|
||||
#
|
||||
# OpenERP, Open Source Management Solution
|
||||
# Copyright (C) 2010-Today OpenERP SA (<http://www.openerp.com>)
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>
|
||||
#
|
||||
##############################################################################
|
||||
|
||||
from openerp.osv import osv
|
||||
|
||||
|
||||
class mail_message(osv.Model):
|
||||
""" Messages model: system notification (replacing res.log notifications),
|
||||
comments (OpenChatter discussion) and incoming emails. """
|
||||
_name = 'mail.message'
|
||||
_inherit = 'mail.message'
|
||||
|
||||
def check_related_document(self, cr, uid, model_obj, mids, operation, context=None):
|
||||
"""If the user posting the message to an employee is an employee, only
|
||||
the read access are checked"""
|
||||
|
||||
employee_ids = model_obj.search(cr, uid, [('user_id', '=', uid)], context=context)
|
||||
if len(employee_ids) > 0:
|
||||
model_obj.check_access_rights(cr, uid, 'read')
|
||||
model_obj.check_access_rule(cr, uid, mids, 'read', context=context)
|
||||
else:
|
||||
super(mail_message, self).check_related_document(cr, uid, uid, model_obj, mids, operation, context)
|
|
@ -710,15 +710,12 @@ class mail_message(osv.Model):
|
|||
other_ids = other_ids.difference(set(notified_ids))
|
||||
model_record_ids = _generate_model_record_ids(message_values, other_ids)
|
||||
document_related_ids = []
|
||||
|
||||
for model, doc_dict in model_record_ids.items():
|
||||
model_obj = self.pool.get(model)
|
||||
mids = model_obj.exists(cr, uid, doc_dict.keys())
|
||||
if operation in ['create', 'write', 'unlink']:
|
||||
model_obj.check_access_rights(cr, uid, 'write')
|
||||
model_obj.check_access_rule(cr, uid, mids, 'write', context=context)
|
||||
else:
|
||||
model_obj.check_access_rights(cr, uid, operation)
|
||||
model_obj.check_access_rule(cr, uid, mids, operation, context=context)
|
||||
self.check_related_document(cr, uid, model_obj, mids, operation, context)
|
||||
|
||||
document_related_ids += [mid for mid, message in message_values.iteritems()
|
||||
if message.get('model') == model and message.get('res_id') in mids]
|
||||
|
||||
|
@ -730,6 +727,16 @@ class mail_message(osv.Model):
|
|||
_('The requested operation cannot be completed due to security restrictions. Please contact your system administrator.\n\n(Document type: %s, Operation: %s)') % \
|
||||
(self._description, operation))
|
||||
|
||||
def check_related_document(self, cr, uid, model_obj, mids, operation, context=None):
|
||||
"""Concrete check permission rules for related document"""
|
||||
print(operation, mids, model_obj)
|
||||
if operation in ['create', 'write', 'unlink']:
|
||||
model_obj.check_access_rights(cr, uid, 'write')
|
||||
model_obj.check_access_rule(cr, uid, mids, 'write', context=context)
|
||||
else:
|
||||
model_obj.check_access_rights(cr, uid, operation)
|
||||
model_obj.check_access_rule(cr, uid, mids, operation, context=context)
|
||||
|
||||
def create(self, cr, uid, values, context=None):
|
||||
if context is None:
|
||||
context = {}
|
||||
|
|
Loading…
Reference in New Issue