A security has been introduce in eb9113c04d to restrict access to orphan attachments to employees only
Assets need to be build and accessed as superuser, thus
This reverts commit d4972ffdb6.
Seems to break some cases, at least in _product_reserve from stock/stock.py
Actual use case:
SELECT product_uom, sum(product_qty) AS product_qty FROM stock_move WHERE location_dest_id=%s AND location_id<>%s AND product_id=3645 AND state='done' GROUP BY product_uom;
returning 1 | 6
SELECT product_uom,-sum(product_qty) AS product_qty FROM stock_move WHERE location_id=%s AND location_dest_id<>%s AND product_id=%s AND state in ('done', 'assigned') GROUP BY product_uom;
returning 1 | -6
results += cr.dictfetchall()
total = 0.0
results2 = 0.0
for r in results:
amount = uom_obj._compute_qty(cr, uid, r['product_uom'], r['product_qty'], context.get('uom', False))
results2 += amount
total += amount
Total = 1, amount = -5
It should actually be
Total = 0, amount = -6
The Edit button never appeared anymore for these users.
The idea was that they should see an edit button with
limited editing capabilities depending on their other
access rights.
For example, someone with only Sales Manager access and
'Display Editor Bar on Website'
would be able to edit online quotes from the website_quote
module, but not change the actual website pages or menus,
for instance.
Modified product ceiling() to use float_round() with special mode
for rounding UP (away from zero), avoiding pathological cases where
float representations errors were ceiling to the superior unit.
Also added correspding tests for rounding_method=UP
Fixes issue #1125, and replaces PR #1126.
When a users connects, a lock is taken on the res_user table to modify the last login date. If another running transaction uses a foreign key to res.users (e.g. write_uid column), postgres may detect the update as a concurrent update and rollback the transaction.
In pg 9.3, the lock_strength parameter 'NO KEY' allows a weaker lock which is less likely to break another transaction.
Fixes#552
This field is needed to retrieve the list of inherited fields (instead of only the fields of a current model) of a model using domain such as ('model_id', 'in', model.inherited_model_ids) on ir.model.fields
As the whitespace is stripped when exporting terms
to translate, it must be done as well when matching
translations at runtime.
Fixes issue #1755 partly
The changes for QWeb template translation have introduced
res_id values in PO comments for all `#: view:` terms, as
the real database id needs to be resolved when loading them.
For non-QWeb views this is not necessary and actually caused
the terms to be dropped when the res_id could not be resolved.
Rather than having a different PO comment format for QWeb and
non-QWeb views, we can extend the QWeb hack to force the
res_id to 0 for non-QWeb views.
Fixes issue #1755
When sending an email, both formats 'Name <email>' or '"Name" <email>' can be used for fields 'From', 'To' and others. If the name contains unicode characters, a regex only matching '"Name" <email>' was used to encode the name with RFC2047. That meant that the name was not encoded and eventually dropped, using only the email part.
Instead of using a limited regex, use the parseaddr method from email library.
Fixes lp:1272610, opw 607683
Sometimes a cached bundled could be missing in the
ir.attachment filestore (for example after copying
a database for test purposes without duplicating
the filestore as well).
When this happens ir.attachment will return an empty
file contents ; treat this as a cache miss.
This means empty bundles would not be cached, which
is not a big issue - there is little benefit in
caching them, and they should not be common nor
useful.
When deleting filesystem-backed attachements, the
deletion on the file-system is not transactional.
In the event of a transaction rollback, the file
deletion would not be rolled back, which is a
dangerous side-effect.
This can happen for example when several transactions
try to delete the same file(s) at the same time.
The duplicate deletions might be detected by the
database (being concurrent update errors), and rolled
back at the point of the DELETE query, to be retried.
If the files have already been deleted in the file
system it before the rollback, it leaves the system
in an inconsistent state, at least temporarily.
One case where we have seen it is when web bundles
are loaded by many web users at the same time, right
after being updated (and thus invalidated).
As they are currently cached as ir.attachment records,
this often causes a corruption of the cache.
Add an attribute 'related_sudo' (True by default) for related fields.
A related field is computed as superuser if related_sudo is True.
Add explicit related fields 'name' and 'email' on 'res.users', as these should
be readable by the public user with module website_forum.
The test in test_ir_model creates a custom model. This causes a full reload of
the registry, which recursively installs the required modules while 'base' is
being tested. As a side effect, it commits stuff from the database, so that
the effects of test_ir_model are actually not rolled back.
When a new ir.model.field is created, add the new field in the fields_by_model (cache of custom fields). This is required as the __init__ method would not retrieve the new field if fields_by_model is already set.
Otherwise, the _columns would not contain the new fields and we could not access it without restarting the server (e.g. the installation of a module adds ir.model.fields and use it in the a view.
Comparing an id and a browse record will always fail so the exception would have always been raised when changing a model (e.g. updating a module with custom fields).
through a server action, try to correctly set the value to write on a given
fields according to its type. For example many2one fields should receive an
int, not a unique containing the id of the new value.
It turns out TTFontFile can throw not only TTFError (generic) and KeyError, but also ValueError (unknown cmap) and maybe others.
Just catch Exception, warn that the font couldn't be loaded and report why.
Sometimes a node can't be translated using the website Translate
mode. The translation is added to the Application term list but
the id of the view is not correct.
This happen when a translatable node is a children of a inherited
node whose branding could not be kept. data-oe-source-id was left
over because it was not registered in MOVABLE_BRANDING
The title field should not have a domain by default.
When a new record is created or the 'is company' field is changed, the onchange_type is triggered to restrict the domain accordingly to is_company field.
When an existing record is modified, there will have no domain on title field. It's not ideal but at least companies will be able to change the title without the need to modify twice the field is_company.
Fixes#1713
The title of the partner is restricted with a context that will change in the onchange_type. Having twice the same field will not work well.
Remove the invisible attribute as the domain is handled by the domain.
Fixes the translation term import/export logic to
support terms inside QWeb templates.
Refactored a bit the export code so the babel-based
QWeb terms extractor for ./static/src/*.xml files
uses the same logic as the regular extractor for
ir.ui.views with type QWeb.
Server-side QWeb rendering uses a mix of the native
view inheritance mechanism and the template inclusion
(t-call) mechanism. During rendering the translations
are only applied at "template" level, *after* the
view inheritance has already been resolved.
As a result translations are local to a template,
not to the inherited view in which they are actually
written.
In terms of exporting PO[T] files, this is done by
resolving the "root" QWeb template a view belongs
to, and using it as the location of the translated term.
During import there is one extra quirk for QWeb
terms: they need to be linked to the `website` model
rather than the actual `ir.ui.view` model they
are really pointing to, so the rendering phase can
properly recognize them.
[FIX] Do not raise 500 error when an asset is missing
Note: those features are already present in master but could not be backported because the asset bundles are now completely different since the sass and less support where added.
If a forward porting occurs, you can drop this merge and keep master's version
When you set the date of a cron the July 1st at midnight, if the user
time zone has a positive offset, then the converted UTC date is the
June 30th and adding 1 month will end up on July 30th translating to
July 31th instead of September 1st.
To solve this issue we use the super user time zone for the date
calculation.
This can give a performance boost on large databases
and should not be a concern in terms of access control
as the inheritance already grants access to the parent
records.
The one2many field 'user_ids' was initialized with an incorrect value for the
inverse field 'wizard_id', using a res.users id. The latter was causing a
MissingError exception. The fix is simply to not define explicitly the inverse
field in the one2many.
Also did a small cleanup of the code of the wizard.
- simplify the code by removing unused cases
- do not modify input argument 'value' of create/write
- do not call BaseModel.read() with reified group fields (this causes warnings)
When a new record is returned as the value for a many2one on a new record, the
method Many2one.convert_to_write() now returns a NewID, and default_get() then
discards that value from its result. This makes it consistent with its former
behavior.
Manual rebase of #1547
On child partner creation of a parent partner, the commercial_partner_id is not computed (and stored) in the create method.
Therefore, we should compute the commercial_partner_id before trying to sync his data
element.{text,tail} are either ascii-compatible `str`, or `unicode`
when non-ascii-compatible. This could force the implicit decoding
of utf-8 encoded contents when joining template bits, breaking
the rendering.
Fixes#1085, and related to #1130
An ir.value without condition should not match when searching with a condition.
When a field with change_default on it is modified, the method get_defaults is called with the new value. This means that manually modifying a field with this trigger would put back the default value (opw 611193).
The goal is to avoid any kind of prefetching
of other fields when copmuting the default
company, as this will sometimes happen in the
middle of a database update, when the default
company is used for setting the default value
of new columns. In that case the db schema
may not fully match the in-memory model, leading
to an SQL error.
- display_name uses name_get and not the other way around:
name_get should not call _compute_display_name, _compute_display_name should call name_get.
The previous behaviour was not backward-compatible with the old api.
All the models redefining name_get would have 2 different behaviors between name_get and display_name.
- Do not set an inverse function to display_name:
In most cases, writing on display_name writes on _rec_name (if any, not mandatory).
If the display_name computation is redefined, we need to redefine as well the inverse method to avoid unexpected behaviour
This required to also modify tests in base_import as readonly fields are avoided.
- Remove search method on display_name:
For the same reason as for the first point, it could be good that searching on display_name use name_search (and not the other way around).
However doing this would be very inefficiant (need to do the search, without limit, extract the ids of the name_get result just to generate
a subdomain ('id', 'in', [...]). As in most cases it would anyway mean to search on the _rec_name it's better to directly do so.
- Changing label to avoid mismatch:
In view displaying the list of fields or when a match is made on the label of a field (e.g. when importing csv file,
matching is made on both label and technical name), the fact that display_name field has '
Calling it 'Display Name' will avoid most errors.
- remove display_name definition from website_forum_doc,ir_model:
These fields are doing the same thing as the display_name of the new api, we can remove them.
We need to keep the one for res.partner as it's a stored field.