diff --git a/openerp/osv/orm.py b/openerp/osv/orm.py index 5e19ebc6aed..9ee5d5416d5 100644 --- a/openerp/osv/orm.py +++ b/openerp/osv/orm.py @@ -383,20 +383,16 @@ class browse_record(object): raise KeyError(error_msg) # if the field is a classic one or a many2one, we'll fetch all classic and many2one fields - fields_to_fetch = [] - if col._prefetch: + if col._prefetch and not col.groups: # gen the list of "local" (ie not inherited) fields which are classic or many2one - fields_to_fetch = filter(lambda x: x[1]._classic_write and x[1]._prefetch, self._table._columns.items()) + field_filter = lambda x: x[1]._classic_write and x[1]._prefetch and not x[1].groups + fields_to_fetch = filter(field_filter, self._table._columns.items()) # gen the list of inherited fields inherits = map(lambda x: (x[0], x[1][2]), self._table._inherit_fields.items()) # complete the field list with the inherited fields which are classic or many2one - fields_to_fetch += filter(lambda x: x[1]._classic_write and x[1]._prefetch, inherits) - - # filter out non accessible fields - accessible_fields = self._table.check_field_access_rights(self._cr, self._uid, 'read', fields=None, context=self._context) - fields_to_fetch = [f for f in fields_to_fetch if f[0] in accessible_fields] - - if not fields_to_fetch: + fields_to_fetch += filter(field_filter, inherits) + # otherwise we fetch only that field + else: fields_to_fetch = [(name, col)] ids = filter(lambda id: name not in self._data[id], self._data.keys()) diff --git a/openerp/tests/test_acl.py b/openerp/tests/test_acl.py index b3a7f123888..e80390cd5a2 100644 --- a/openerp/tests/test_acl.py +++ b/openerp/tests/test_acl.py @@ -96,9 +96,10 @@ class TestACL(common.TransactionCase): # accessing fields must no raise exceptions... part.name # ... except they are restricted - with self.assertRaises(AttributeError): + with self.assertRaises(openerp.osv.orm.except_orm) as cm: part.email + self.assertEqual(cm.exception.args[0], 'Access Denied') finally: self.res_partner._columns['email'].groups = False