check: verify the permissions even when no ids are passed (skipped permission checking for create)
create: verify has the write access on the related model (instead of create, was not checked anyway)
function field: execute the write in fnct_inv as superuser (was impossible to have creation without write access)
bzr revid: mat@openerp.com-20131030084408-t857gl7d4lkbrj5p
check: verify the permissions even when no ids are passed (skipped permission checking for create)
create: verify has the write access on the related model (instead of create, was not checked anyway)
function field: execute the write in fnct_inv as superuser (was impossible to have creation without write access)
bzr revid: mat@openerp.com-20131029171420-x87wu7ph8ej7mtro
The previous fix in revision 5072 only allowed user names
that contained the exact same emails, but users will do
the wildest things like having `someone@domain.com` as
name but setting their email to `someone@domain2.com`.
This was blocked by our sanity check looking for a single
email in the From header. As this check is only done
in order to provide a better error message, it should
not impact valid cases.
Modifying the check to pass when at least one email
was found should be enough to catch most invalid cases,
without requiring a more advanced analysis of the
header value (the RFCs allows very strange things!)
bzr revid: odo@openerp.com-20130918143807-wqqpqomyu1ppa2ih
When a new inheriting view is imported during a module
installation, it is validated thanks to the _constraints
on the ir.ui.view model. However the validation uses
a rather convoluted system for validating the whole
view tree at once (root view + all inherited changes)
while only taking into account the views that belong
to modules that are currently loaded.
This complicated system is necessary to be able to
operate on-the-fly at any point during the registry
loading/initialization.
Now because _constraints are checked during create()
this particular validation happens *before* the
external ID (ir.model.data entry) of that new view
can be created (it obviously needs to wait until
the view record is inserted). As a consequence the
view validation cannot determine the module to
which that new view belongs, and was erroneously
ignoring it.
Changing the view filtering to also include views
that have triggered this check.
Manually created views are not check during registry
update.
bzr revid: chs@openerp.com-20130912141018-qmcyase8zqov9d01
When a user has their email as name, the system will
construct the From header as "email<email>".
We previously forbade this, because the naive
check only counts the number of emails in
the From header.
We might need to drop that assert or implement
something better in the future.
bzr revid: odo@openerp.com-20130910143809-wu32dkz20es579nv
The _auto_init call in ir.model.fields creation will not
do it because it happens before the insertion of the model
in the registry. It will only work for later addition of
fields.
bzr revid: odo@openerp.com-20130730114645-185kbupcrbtnv1tf
When a new inheriting view is imported during a module
installation, it is validated thanks to the _constraints
on the ir.ui.view model. However the validation uses
a rather convoluted system for validating the whole
view tree at once (root view + all inherited changes)
while only taking into account the views that belong
to modules that are currently loaded.
This complicated system is necessary to be able to
operate on-the-fly at any point during the registry
loading/initialization.
Now because _constraints are checked during create()
this particular validation happens *before* the
external ID (ir.model.data entry) of that new view
can be created (it obviously needs to wait until
the view record is inserted). As a consequence the
view validation cannot determine the module to
which that new view belongs, and was erroneously
ignoring it.
Changing the view filtering to also include views
from unknown modules fixes this transient problem,
and also means that manually created inherited
views will be validated during module init too.
bzr revid: odo@openerp.com-20130703215704-x732bepiifvf4g3n
The original patch proposed by Ronald has been modified to
make it more suitable to a stable version, in the following
aspects:
- remove all extra physical columns (boolean flags), as they
would break the stable policy and were actually unnecessary
to fix the bug
- avoid displaying both the number_next and the number_next_actual,
the latter is sufficient
- fix a possible bug when setting the number_next to 0
lp bug: https://launchpad.net/bugs/960201 fixed
bzr revid: odo@openerp.com-20130517173513-msabph5x62c9wjxt
super() finds the MRO parent of the provided class to resume the
execution chain from there, so the class being defined should be
provided.
Here view called super(osv.osv, self).create so if osv.osv (Model) had
a create() defined (which luckily it does not) it would've been
skipped.
bzr revid: xmo@openerp.com-20130415105744-cfx47t01oc7loyes
The setting/clearing of the tracking were not done
consistently, causing log messages that appeared
to come from one database while coming from another
one or none at all.
The tracker is now set at the earliest points
of request handling as possible:
- in web, when creating WebRequests (dbname, uid)
- at RPC dispatching in server (uid)
- at cron job acquisition in CronWorker (dbname)
- at Registry acquisition in RegistryManager (dbname)
The tracker is cleared at the very entrance of
the request in the WSGI `application`, ensuring
that no logging is produced with an obsolete
db name. (It cannot be cleared at the end of
the request handling because the werkzeug
wrapper outputs more logging afterwards)
bzr revid: odo@openerp.com-20130301182510-1fqo9o8di0jw95b5
Some important points to consider:
- signaling should be done after any schema alteration (including module [un]installation),
service registration (e.g. reports)
- the changes need to be committed to the database *before* signaling, otherwise an
obvious race condition occurs during reload by other workers
- any call to restart_pool() must be considered a possible candidate for
signaling, and the 2 above conditions must be checked
The number of explicit calls was reduced by forcing the signaling at the end of
Registry.new() in case `update_module` was passed as True. In that situation
we always want to signal the changes - so all the redundant signaling calls
can be centralized. We can also assume that the relevant changes have already
been committed at that point, otherwise the registry update would not
have worked in the first place.
This means that there is no need for explicit signaling anymore everytime
`restart_pool` is called with `update_module=True`.
Some missing cr.commit() and explicit signaling calls were added or
moved to the right place. As a reminder: signaling must be done
*after* committing the changes, and usually *after* reloading the
registry on the current worker.
bzr revid: odo@openerp.com-20130301143203-e2csf5pkllwhmwqs
The setting/clearing of the tracking were not done
consistently, causing log messages that appeared
to come from one database while coming from another
one or none at all.
The tracker is now set at the earliest points
of request handling where we can:
- in web client, when creating WebRequests (dbname, uid)
- at RPC dispatching in server (uid)
- at cron job acquisition in CronWorker (dbname)
- at Registry acquisition in RegistryManager (dbname)
The tracker is cleared at the very entrance of
the request in the WSGI `application`, ensuring
that no logging is produced with an obsolete
db name. (It cannot be cleared at the end of
the request handling because the werkzeug
wrapper outputs more logging afterwards)
bzr revid: odo@openerp.com-20130301120744-jfitcmze2jldecod
ir.ui.menu was recently changed to use _parent_store,
which precludes using ondelete=set null for the parent_id
column. We nevertheless need to be certain that menus
can always be deleted but *never* cascade-deleted,
due the possible presence of user-created menus.
Overriding menu.unlink() is therefore necessary,
and care must be taken to bypass the default menu
visibility (using the `ir.ui.menu.full_list` context
flag while doing so)
bzr revid: odo@openerp.com-20121213145821-u2ipdvffu00rsgdg
Browsing the menu data as super-user is not correct
because when we load the children menu the ORM
recursively calls menu.search(), this time as
admin, hence the groups of the admin are applied
or submenus, instead of the groups of the user.
The patch was also un-necessary, so there is no
reason to keep it.
r.4617 = chs@openerp.com-20121129172145-0ionmbffc72hwxoa
bzr revid: odo@openerp.com-20121212210027-i5yn1uyzmfho0jh0
Nota: If we replace sequence signaling for cache invalidation with pg
listen/notify in the future, we will use the same mechanism for more accurate
cron timing.
bzr revid: al@openerp.com-20121209170447-zs0k3jazokylwvar