Consider the following setting:
- on model A, field F is computed, stored, and depends on field G
- on model A, field one2many G to model B, with inverse field H
- on model B, field many2one H is inherited (_inherits) from model C
- on model C, field many2one H is stored
When adding records of model B, the field F must be recomputed. In order to
determine which records to recompute, one searches model A with a domain like
[(G, 'in', ids)]. In expression.py, this is resolved with an SQL query like
select H from B where id in {ids}
This query fails, since the field H is not stored in model B. This happens in
general if H is not stored (it may be any computed field). In that case, one
should instead browse records from B, and read field H through the ORM.
A test case has been added: it introduces a many2one field in a parent model,
and a one2many field using the inherited many2one on a child model. The test
checks whether one can search on the one2many field.
The risk was introduced by b7f1b9c.
IF _store_set_values() recall another _create() or _write(),
the recomputation mechanism enter in an infinite recursion
trying to reevaluate for each call exactly the same fields
for the same records than the previous one
This revision replaces the loop of _store_set_values()
by 2 nested loops:
- that not breaks the entire consumption
of recompute_old queue
(Tested thanks to revision a922d39),
- that allows to clear the queue
before each recomputations bundle fixing thereby the recursion
Closes#7558
Escape the currency symbol to prevent javascript errors,
for instance when reconciling a bank statement
(with the special reconciliation widget)
Closes#8216
Previously when replacing time related sequence in a prefix or suffix of
a sequence, the timezone used for the time values would always be the
server's timezone.
With this fix, the context timezone is used if available (UTC is used
otherwise).
closes#8159
opw-646487
When the Bundle mechanism caches bundle files into the
ir.attachment table, it can sometimes cache an empty
resource file (For example, if a less/saas compiled file
results in an empty CSS file) for the bundle URL.
The appropriate behavior for _serve_attachment()
when the browser loads that bundle URL is to return
an empty file (which is the correct content), instead of
redirecting again to the same URL, triggering a loop.
In addition, this commit removes the special case for
returning 204 No Content. This HTTP status code is not
really meant for GET requests - returning an empty file
with a 304 or 200 code is more appropriate and allows
for normal browser caching.
When ordering results on a many2one fields, results are ordered by
order of the target model. The code was wrongly assuming that this
`_order` attribute only contains `_classic_read` fields (that can be
directly read from the table in database). Now correctly generate the
"ORDER BY" clause using the current table alias.
`res.users` can now be sorted by name.
When saving a template in version 8.0, html would be saved as it should
be displayed once on the site. In particular, if some text should be
escaped once send to the browser, it will be saved as such.
But when rendering, a text node content is unescaped two times:
* for translation which seems wrong since we already use .text of a node
which already escaped it, doing it one more time is bad,
* when rendering the template, since the html template is stored in xml,
This commit remove superfluous unescaping for translation, and add an
escaping when saving the changed template content.
closes#7967
opw-646889
otherwise when a method such as fields_get is overridden
using the new API, self.env.context is an empty directory,
and the translations cannot be performed correctly
Closes#7911
Authentication modules are supposed to override res_users.check_credentials()
in order to plug in their own mechanism, without actually modifying the
behavior of res_users.check(), res_users.authenticate() or
res_users._login().
auth_openid was incorrectly overriding check() instead of
check_credentials(), and unnecessarily accessing private
attributes of res_users. Fixing the implementation of auth_openid
to follow the API means we can completely make those attributes
private.
Authentication modules are supposed to override res_users.check_credentials()
in order to plug in their own mechanism, without actually modifying the
behavior of res_users.check(), res_users.authenticate() or
res_users._login().
auth_openid was incorrectly overriding check() instead of
check_credentials(), and unnecessarily accessing private
attributes of res_users. Fixing the implementation of auth_openid
to follow the API means we can completely make those attributes
private.
Partial revert of commit 39d17c2580
of PR #4617, that broke translations by introducing a different
set of criterions for filtering translations in `_set_ids()` and
`_get_ids()`, adding the `module` column in `_set_ids`.
This meant `_get_ids` would see translations that `_set_ids`
would never update: the translation interface did not appear to
be working anymore as soon as a translation entry existed with
no `module` value.
This is likely for manual entries and for entries bootstrapped
by `translate_fields()`, as they do not belong to any module.
The situation described in PR #4617 probably requires an extra
fix in the translation import system instead.
This regex is used for a quick sanity check of
the order_spec in `search(order=<order_spec>)`.
Because it was build on the repetition of a
group ending with a series of optional patterns,
it could cause expensive backtracking when the
order spec did not actually match the regex
(the regex engine was trying all possible ways
to split the groups)
Forcing the repeating group to either end
with a comma or the end of the string prevents
prohibitive backtracking, while being even
more restrictive with regard to the syntax of
the order spec.
Closes#7755
Complements commit af9393d505
in light of commit 62b0d99cfe,
to really have the correct effect.
When the prefetching failed due to the presence of
extra records in the cache (for which the access is denied),
the `read` operation was indeed retried. However the
result was not stored in the cache because the cache
already held a FailedValue (automatically added when the
prefetch failed).
xmlrpc 1.0 does not support None/null, so commit f3e4d0a will break xmlrpc api.
Therefore, we export an empty string if the field is empty, instead of False or
None. For integers and floats, zero is exported.
opw-643966
deprecate phantom_jsfile method, keeping only phantom_js, phantom_js takes a
code argument to run client side only.
Removing phantom_jsfile will allow to switch from phantom to any other engine
such as running google chrome or firefox directly. The only use of
phantom_jsfile was an example.
New installation was detected using the `installed_version` attribute
(`latest_version` in `ir_module_module` table), but this field wasn't
reset at module uninstallation (now fixed by cb29f9e) avoiding
execution of hooks.
Same logic was applied for migration scripts at 8ff7230.
Fixes#7708
The new-api record prefetching algorithm attempts
to load data for all known records from the requested
model (i.e. all IDs present in the environment cache),
regardless of how indirectly/remotely they were
referenced. An indirect parent record may therefore
be prefetched along with its directly browsed children,
possibly crossing company boundaries involuntarily.
This patch implements a fallback mechanism when
the prefetching failed due to what looks like an
ACL restriction.
The implementation of `_read_from_database` handle
ACL directly and set an `AccessError` as cache value
for restricted records.
If a model (like `mail.message`) overwrites `read` to
implements its own ACL checks and raises an `AccessError`
before calling `super()` (which will then call
`_read_from_database`), the cache will be not fill,
leading to an unexpected exception.
If this commit messae looks familiar to you, that's
simply because this is the new-api counterpart of
b7865502e4
When updating a translation, the previous one is deleted and a new one is
recreated (with no module and state). When the source module is updated, the
previous term is inserted again to the lsit of terms.
Instead of dropping and recreating terms during update, simply update the
existing term and create one only if there were no previous translation.
Fixes#4617