From f7273ecbc7c02772e76dcac90dee6e1cdd78b28e Mon Sep 17 00:00:00 2001
From: Christophe Simonis <chs@tinyerp.com>
Date: Mon, 27 Oct 2008 13:54:13 +0100
Subject: [PATCH] admin user is not restricted by roles

bzr revid: chs@tinyerp.com-20081027125413-lusm89mme25cclm8
---
 bin/osv/orm.py           | 17 +++++++++--------
 bin/workflow/wkf_expr.py |  4 ++--
 2 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/bin/osv/orm.py b/bin/osv/orm.py
index 7dabec92dbc..62d414c1eb3 100644
--- a/bin/osv/orm.py
+++ b/bin/osv/orm.py
@@ -831,14 +831,15 @@ class orm_template(object):
                     continue
 
                 ok = True
-
-                serv = netsvc.LocalService('object_proxy')
-                user_roles = serv.execute_cr(cr, user, 'res.users', 'read', [user], ['roles_id'])[0]['roles_id']
-                cr.execute("select role_id from wkf_transition where signal='%s'" % button.getAttribute('name'))
-                roles = cr.fetchall()
-                for role in roles:
-                    if role[0]:
-                        ok = ok and serv.execute_cr(cr, user, 'res.roles', 'check', user_roles, role[0])
+            
+                if user != 1:   # admin user has all roles
+                    serv = netsvc.LocalService('object_proxy')
+                    user_roles = serv.execute_cr(cr, user, 'res.users', 'read', [user], ['roles_id'])[0]['roles_id']
+                    cr.execute("select role_id from wkf_transition where signal='%s'" % button.getAttribute('name'))
+                    roles = cr.fetchall()
+                    for role in roles:
+                        if role[0]:
+                            ok = ok and serv.execute_cr(cr, user, 'res.roles', 'check', user_roles, role[0])
 
                 if not ok:
                     button.setAttribute('readonly', '1')
diff --git a/bin/workflow/wkf_expr.py b/bin/workflow/wkf_expr.py
index 73573a231d2..d2d37edb3b3 100644
--- a/bin/workflow/wkf_expr.py
+++ b/bin/workflow/wkf_expr.py
@@ -101,8 +101,8 @@ def check(cr, workitem, ident, transition, signal):
     if transition['signal']:
         ok = (signal==transition['signal'])
 
-    if transition['role_id']:
-        uid = ident[0]
+    uid = ident[0]
+    if transition['role_id'] and uid != 1:
         serv = netsvc.LocalService('object_proxy')
         user_roles = serv.execute_cr(cr, uid, 'res.users', 'read', [uid], ['roles_id'])[0]['roles_id']
         ok = ok and serv.execute_cr(cr, uid, 'res.roles', 'check', user_roles, transition['role_id'])