[FIX] web: read_ids of data.js use method search_read if check_access_rule option is true.
This fix is related to revision 3985 revid:dle@openerp.com-20140326142040-pls0dk2kd03z55ro, which did not worked for buffered dataset (virtual one2many line in view form search_read is used instead of read to not return records for which we lose the access rights bzr revid: dle@openerp.com-20140327112456-iyceuf9dnn07hwke
This commit is contained in:
parent
e80a179d02
commit
f652402dd7
|
@ -457,9 +457,17 @@ instance.web.DataSet = instance.web.Class.extend(instance.web.PropertiesMixin,
|
|||
return $.Deferred().resolve([]);
|
||||
|
||||
options = options || {};
|
||||
return this._model.call('read',
|
||||
[ids, fields || false],
|
||||
{context: this.get_context(options.context)})
|
||||
var method = 'read';
|
||||
var ids_arg = ids;
|
||||
var context = this.get_context(options.context);
|
||||
if (options.check_access_rule === true){
|
||||
method = 'search_read';
|
||||
ids_arg = [['id', 'in', ids]];
|
||||
context.active_test = false;
|
||||
}
|
||||
return this._model.call(method,
|
||||
[ids_arg, fields || false],
|
||||
{context: context})
|
||||
.then(function (records) {
|
||||
if (records.length <= 1) { return records; }
|
||||
var indexes = {};
|
||||
|
|
|
@ -962,21 +962,17 @@ instance.web.FormView = instance.web.View.extend(instance.web.form.FieldManagerM
|
|||
} else {
|
||||
var fields = _.keys(self.fields_view.fields);
|
||||
fields.push('display_name');
|
||||
// Use of search_read instead of read to check if we can still read the record (security rules)
|
||||
return self.dataset.call('search_read', [[['id', '=', self.dataset.ids[self.dataset.index]]], fields],
|
||||
return self.dataset.read_index(fields,
|
||||
{
|
||||
context: {
|
||||
'bin_size': true,
|
||||
'future_display_name': true,
|
||||
'active_test': false
|
||||
}
|
||||
'future_display_name': true
|
||||
},
|
||||
check_access_rule: true
|
||||
}).then(function(r) {
|
||||
if (_.isEmpty(r)){
|
||||
self.do_action('history_back');
|
||||
}
|
||||
else{
|
||||
self.trigger('load_record', r[0]);
|
||||
}
|
||||
self.trigger('load_record', r);
|
||||
}).fail(function (){
|
||||
self.do_action('history_back');
|
||||
});
|
||||
}
|
||||
});
|
||||
|
|
|
@ -533,14 +533,14 @@ instance.web.ListView = instance.web.View.extend( /** @lends instance.web.ListVi
|
|||
},
|
||||
reload_record: function (record) {
|
||||
var self = this;
|
||||
// Use of search_read instead of read to check if we can still read the record (security rules)
|
||||
return this.dataset.call('search_read', [
|
||||
[['id', '=', record.get('id')]],
|
||||
return this.dataset.read_ids(
|
||||
[record.get('id')],
|
||||
_.pluck(_(this.columns).filter(function (r) {
|
||||
return r.tag === 'field';
|
||||
}), 'name')]
|
||||
}), 'name'),
|
||||
{check_access_rule: true}
|
||||
).done(function (records) {
|
||||
var values = _.isEmpty(records) ? undefined : records[0];
|
||||
var values = records[0];
|
||||
if (!values) {
|
||||
self.records.remove(record);
|
||||
return;
|
||||
|
|
|
@ -329,9 +329,9 @@ openerp.testing.section('list.edition.onwrite', {
|
|||
throw new Error(JSON.stringify(_.toArray(arguments)));
|
||||
});
|
||||
mock('demo:search_read', function (args, kwargs) {
|
||||
if (_.isEqual(args[0], [['id', '=', 1]])) {
|
||||
if (_.isEqual(args[0], [['id', 'in', [1]]])) {
|
||||
return [{id: 1, a: 'some value'}];
|
||||
} else if (_.isEqual(args[0], [['id', '=', 42]])) {
|
||||
} else if (_.isEqual(args[0], [['id', 'in', [42]]])) {
|
||||
return [ {id: 42, a: 'foo'} ];
|
||||
}
|
||||
throw new Error(JSON.stringify(_.toArray(arguments)));
|
||||
|
|
|
@ -22,7 +22,8 @@ openerp.testing.section('list.buttons', {
|
|||
throw new Error(JSON.stringify(_.toArray(arguments)));
|
||||
});
|
||||
mock('demo:search_read', function (args, kwargs) {
|
||||
if (_.isEqual(args[0], [['id', '=', 2]])) {
|
||||
console.log(args);
|
||||
if (_.isEqual(args[0], [['id', 'in', [2]]])) {
|
||||
return [];
|
||||
}
|
||||
throw new Error(JSON.stringify(_.toArray(arguments)));
|
||||
|
|
Loading…
Reference in New Issue