Techsystech
/
server-tools
mirror of https://github.com/OCA/server-tools.git
3
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
server-tools/base_model_restrict_update/models/ir_model_access.py

68 lines
2.0 KiB
Python
Raw Blame History

# Copyright 2021 Quartile Limited
# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl).
from odoo import api, models, tools
from odoo.exceptions import AccessError
from odoo.tools.translate import _
class IrModelAccess(models.Model):
_inherit = "ir.model.access"
@api.model
@tools.ormcache_context(
"self.env.uid",
"self.env.su",
"model",
"mode",
"raise_exception",
keys=("lang",),
)
def check(self, model, mode="read", raise_exception=True):
if self.env.su:
return True
res = super().check(model, mode, raise_exception)
if mode != "read" and raise_exception:
if self._test_readonly(model) or self._test_restrict_update(model):
raise AccessError(
_("You are only allowed to read this record. ({} - {})").format(
model, mode
)
)
return res
@api.model
def _test_readonly(self, model):
exclude_models = self._readonly_exclude_models()
if model not in exclude_models and self.env.user.is_readonly_user:
return True
return False
@api.model
def _test_restrict_update(self, model):
self.env.cr.execute(
"SELECT restrict_update FROM ir_model WHERE model = %s", (model,)
)
query_res = self.env.cr.dictfetchone()
if query_res["restrict_update"] and not self.env.user.unrestrict_model_update:
return True
return False
@api.model
def _readonly_exclude_models(self):
"""Models updtate/create by system, and should be excluded from checking"""
return (
self.sudo()
.search(
[
("group_id", "=", False),
"|",
("perm_write", "=", True),
"|",
("perm_create", "=", True),
("perm_unlink", "=", True),
]
)
.mapped("model_id.model")
)
Reference in New Issue View Git Blame Copy Permalink