odoo
/
odoo
2
0
Fork 0
Code Pull Requests Releases Activity
95,293 Commits 3 Branches 0 Tags 961 MiB
Commit Graph

127 Commits

Author SHA1 Message Date
Denis Ledoux fa17b86a9f [FIX] project: multi-company security rules in Tasks Analysis 
This change avoid to display the tasks
that a user is not permitted to see
in the reporting view 'Task analysis'

Closes #4399

Courtesy of jkei
https://github.com/jkei
 2015-09-28 15:58:15 +02:00
Martin Trigaux 0b2ee16885 [FIX] project: access rights and followers 
For privacy_visibility 'followers' or 'portal', the user should be follower of the project (not the task).
Remove public access to portal task
Fixes #2372

If no project on the task (or other rule), an employee (not a portal) can access if is follower of the task.
Follower rule is not enough as a user creating a rule will subscribe to the rule but to subscribe to record, the user should have access to it in the first place.
To make sure the snake does not bit its tail, fallback to give access on task where the user is reponsible (user_id = user.id).
Fixes #139

Adapted the tests to the new behaviour (removed not relevant and added some on creation)
 2014-11-18 18:52:46 +01:00
Martin Trigaux c22ed1390b [FIX] project: access task without project 
Allow access to task without a project defined if the user is follower.
Fixes #3450
 2014-11-06 18:05:28 +01:00
Christophe Simonis 562272d9a0 [MERGE] forward port of branch saas-3 up to c89d1a0 2014-10-23 13:08:44 +02:00
Martin Trigaux 118b5073e0 [FIX] project: read access for project user 
Backport of 79bed94 (project user access to resource.calendar) and adding the access to resource.calendar.attendance.
It is needed to compute function fields such as day_open (present in form view of project.issue)
Fixes #3201
 2014-10-21 16:56:08 +02:00
Martin Trigaux 2e2778c1b1 [IMP] project: convert file CRLF to Unix end of line 2014-10-21 16:54:56 +02:00
Denis Ledoux 79bed94271 [FIX] project_issue: project issue user must be able to read resource calendar 
In order to be able to read the days_since_creation field
 2014-08-19 17:57:48 +02:00
Antony Lesuisse 7e25b9ae55 [MERGE] saas-4 report_webkit missing dependency on report 
bzr revid: al@openerp.com-20140501152604-4cobh5ui47dt4pem
bzr revid: al@openerp.com-20140501155633-gefnc3zqcsr2rhaz
bzr revid: al@openerp.com-20140501161156-4wbsvhh8gz4r22h3
 2014-05-01 18:11:56 +02:00
Christophe Simonis d562249278 [FIX] project: force menu name 
bzr revid: chs@openerp.com-20140425170357-iqcqqfe71mm2z0qg
 2014-04-25 19:03:57 +02:00
ima-openerp 88d51c13b1 [MERGE]with latest. 
bzr revid: ima@tinyerp.com-20131021113334-238vg9l2hzm2ijyc
 2013-10-21 17:03:34 +05:30
ima-openerp 6259b475cd [IMP]added access rights for manager and user in hr_recruitement and project module. 
bzr revid: ishwarmalvi13@gmail.com-20130912132859-lwxivwsrld9ccf2c
 2013-09-12 18:58:59 +05:30
Martin Trigaux c48504fdba [MERGE] sync with trunk (state -> stage removed some test) 
bzr revid: mat@openerp.com-20130911110755-zf3ytf9m27im6x9k
 2013-09-11 13:07:55 +02:00
Thibault Delavallée 9b41f8fadc [TESTS] project: refactored tests. Moved surviving yml tests into unittest; added mailgateway test. 
bzr revid: tde@openerp.com-20130710101508-62eh89gzq22qvpq5
 2013-07-10 12:15:08 +02:00
sgo@tinyerp.com 6a3cdf718c [MERGE]sync with trunk 
bzr revid: sgo@tinyerp.com-20130605071905-o2ldzc6vxqnoe099
 2013-06-05 12:49:05 +05:30
Martin Trigaux 143b485baf [IMP]resource: avoid better permissions on calendar_leaves 
bzr revid: mat@openerp.com-20130514134227-xnvyzjikwph8bp5k
 2013-05-14 15:42:27 +02:00
Thibault Delavallée 8c31d9772a [FIX] project, task, issue, portal: fixed access rules for employees/portal users + added an help on privacy_visibility. 
bzr revid: tde@openerp.com-20130426130259-35j0v7lg7unxhzzp
 2013-04-26 15:02:59 +02:00
sgo@tinyerp.com d5451cf7f2 [MERGE]sync with trunk 
bzr revid: sgo@tinyerp.com-20130417060441-6vnz2tiym5fawr2n
 2013-04-17 11:34:41 +05:30
Thibault Delavallée 812c852fd0 [FORWARD] Merged 7.0 addons revisions until 9021 
bzr revid: tde@openerp.com-20130415084302-hx7zxtpl5u6yphfg
bzr revid: tde@openerp.com-20130415153732-v4ols3t56rku92oz
 2013-04-15 17:37:32 +02:00
Thibault Delavallée b6223ecb7f [FIX] [ADD] project, project_issue, portal_project, portal_project_issue: improved privacy_visibility selection of project.project; improved access rules; added tests to enforce them. 
bzr revid: tde@openerp.com-20130412143719-ztjo06r900l024dm
 2013-04-12 16:37:19 +02:00
sgo@tinyerp.com 15f6bea1e9 [IMP]improve yml for project and add access rights as needed 
bzr revid: sgo@tinyerp.com-20130312112700-zamjzcjp5d9nv5n0
 2013-03-12 16:57:00 +05:30
Ajay Chauhan (OpenERP) fb0d701ce5 [IMP] project: set mail alias rights to project_manager 
bzr revid: cha@tinyerp.com-20130205070036-e1ghl2dufz83mwf8
 2013-02-05 12:30:36 +05:30
Olivier Dony 3fe6987ce7 [MERGE] Harmonization of noupdate flag on security XML data, courtesy of Alexis de Lattre (Akretion) 
ir.rule records are in noupdate data blocks to let the admin
alter them without fear of them being reset at next update.
Other records such as groups are in normal mode, so they
can be updated whenever necessary

bzr revid: odo@openerp.com-20121218232001-t425t4hi7qbmsip2
 2012-12-19 00:20:01 +01:00
Arnaud Pineux 2fb7baa325 [IMP] demo for french users 
bzr revid: api@openerp.com-20121211140346-bhh8o1rf5h57epcz
 2012-12-11 15:03:46 +01:00
Ajay Chauhan (OpenERP) b5f940c04f [IMP] project: made little change in ir rule 
bzr revid: cha@tinyerp.com-20121010083548-lt8oncuanvcfpqk2
 2012-10-10 14:05:48 +05:30
Ajay Chauhan (OpenERP) 2d1cb5d05d [IMP] project: solved the issue of 'Followers Only' visibility for project 
bzr revid: cha@tinyerp.com-20121008131720-v1573v9zitef1whp
 2012-10-08 18:47:20 +05:30
Thibault Delavallée 41198901cd [FIX] Project: fixed a security rule based on follower_ids, that is now message_follower_ids. 
bzr revid: tde@openerp.com-20120910075850-0b5sg1vljcc8gba9
 2012-09-10 09:58:50 +02:00
Thibault Delavallée 6c109e7d7e [REM] project: removed custom 'followers' fields; security rule updated to use follower_ids. 
bzr revid: tde@openerp.com-20120822074924-bbb5lc1w48dtebeb
 2012-08-22 09:49:24 +02:00
Antonin Bourguignon 89a27bf5b6 [IMP] hr_recruitment, project: better access rules for categories 
bzr revid: abo@openerp.com-20120816144403-4nd2bbiq5dfnwc2i
 2012-08-16 16:44:03 +02:00
Alexis de Lattre 5101771cd9 Harmonize the noupdate flag on security XML files : 
- ir.rule objects are noupdate="1"
- all other objects are noupdate="0"

bzr revid: alexis@via.ecp.fr-20120713170838-pjsysliyt6twazrc
 2012-07-13 19:08:38 +02:00
Thibault Delavallée 4fad550d69 [MERGE] Merged with main addons. 
bzr revid: tde@openerp.com-20120709081834-18pf4bol39s50uno
 2012-07-09 10:18:34 +02:00
Fabien Pinckaers 2ed6acfea1 [MERGE] fix in access rights 
bzr revid: fp@tinyerp.com-20120706150817-s01gbb4gga6dxybm
 2012-07-06 17:08:17 +02:00
Thibault Delavallée 289dad87d4 [MERGE] Merged with addons/trunk. 
bzr revid: tde@openerp.com-20120703122020-79rl9b03mygz5s0h
 2012-07-03 14:20:20 +02:00
Dharti Ratani (OpenERP) 35f394ac16 [IMP]fixing sale application related access errors 
bzr revid: dhr@tinyerp.com-20120702084420-4f5ouv9rrf0m7w01
 2012-07-02 14:14:20 +05:30
Dharti Ratani (OpenERP) a1b98b37a9 [IMP]merge with latest trunk 
bzr revid: dhr@tinyerp.com-20120702050506-5vfw6o0ahrbbof5g
 2012-07-02 10:35:06 +05:30
Quentin (OpenERP) 6fe94bd4bc [MERGE] merged with maint runk 
bzr revid: qdp-launchpad@openerp.com-20120629123618-z1bv3dqdfqy23hno
 2012-06-29 14:36:18 +02:00
Dharti Ratani (OpenERP) a1b4d74f32 [MERGE] 
bzr revid: dhr@tinyerp.com-20120629060714-iwdnbocw1ygt3pwz
 2012-06-29 11:37:14 +05:30
Fabien Pinckaers c15de911e5 [IMP] fix project dashboard, removing bad reports, imp dashboard 
bzr revid: fp@tinyerp.com-20120628163009-xeiz0xewhqzoimxl
 2012-06-28 18:30:09 +02:00
Quentin (OpenERP) 46f2c2c9ca [IMP] improvements during code review 
bzr revid: qdp-launchpad@openerp.com-20120628121820-r8bxfzq38fy8pcgt
 2012-06-28 14:18:20 +02:00
Sanjay Gohel (Open ERP) 1702b2335d [IMP]remove tabs and add spaces instead of them 
bzr revid: sgo@tinyerp.com-20120628064005-zuerrpazumf5lf1q
 2012-06-28 12:10:05 +05:30
Dharti Ratani (OpenERP) 314e9bcd4b [MERGE] 
bzr revid: dhr@tinyerp.com-20120627104430-kwanapf4qoayt1jy
 2012-06-27 16:14:30 +05:30
Dharti Ratani (OpenERP) ded491ae3e [IMP]project user read access to analytic account 
bzr revid: dhr@tinyerp.com-20120618124305-6la3hyl6gz0t27jv
 2012-06-18 18:13:05 +05:30
Dharti Ratani (OpenERP) 4dddcfcb53 [IMP]allocating all accessrights of project to a project manager 
bzr revid: dhr@tinyerp.com-20120618071339-101ym86uisbxmr2i
 2012-06-18 12:43:39 +05:30
Dharti Ratani (OpenERP) 053285acd0 [IMP]Project - fixing access rights for project user and manager 
bzr revid: dhr@tinyerp.com-20120615124316-m8vx3pq2jmjl4o46
 2012-06-15 18:13:16 +05:30
Quentin (OpenERP) dc1edf44be [IMP] project: implemented the privacy/visibility record rule in a cleaner way + some cleanup and bug fixing related to contract management 
bzr revid: qdp-launchpad@openerp.com-20120614100922-5g29ui88nhqojon2
 2012-06-14 12:09:22 +02:00
Thibault Delavallée 9f1a2fae92 [MERGE] Merged with mail-state-tde, recently updated with trunk. 
bzr revid: tde@openerp.com-20120614084127-rne5xlyhf4fu75n0
 2012-06-14 10:41:27 +02:00
Amit Patel (OpenERP) 618aacc5a7 [IMP]:passed base menus ref instead of project. 
bzr revid: apa@tinyerp.com-20120613131507-1yezuu5k7dc1h9s3
 2012-06-13 18:45:07 +05:30
Quentin (OpenERP) c44790c56d [MERGE] merged with main trunk 
bzr revid: qdp-launchpad@openerp.com-20120613090855-9tpft9kutxzgwyze
 2012-06-13 11:08:55 +02:00
Raphael Collet fcca76b487 [MERGE] trunk-first_10_clicks-psi (add group to enable task delegation) 
bzr revid: rco@openerp.com-20120612095835-iisiv73hqbhe9l9w
 2012-06-12 11:58:35 +02:00
Thibault Delavallée 6a16fd4a78 [MERGE] Merged with main addons. 
bzr revid: tde@openerp.com-20120604080134-t1zg2sv0jpmhbyge
 2012-06-04 10:01:34 +02:00
DBR (OpenERP) fbff0b9ef2 [IMP]project: Set record rule for public or followers 
bzr revid: dbr@tinyerp.com-20120604064419-3scxoolmyj8iskw3
 2012-06-04 12:14:19 +05:30