Techsystech
/
web
mirror of https://github.com/OCA/web.git
3
0
Fork 1
Code Issues Packages Projects Releases Wiki Activity

[MIG] web_access_rule_buttons: Migration to 11.0

pull/1243/head
antonio 2019-04-10 09:20:12 +02:00
parent b5d1447ae8
commit ab3c0c7d41
14 changed files with 104 additions and 172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
web_access_rule_buttons/README.rst
View File

@ -1,68 +0,0 @@
.. image:: https://img.shields.io/badge/licence-AGPL--3-blue.svg
:target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
:alt: License: AGPL-3
========================
Web Access Rules Buttons
========================
This addon disables the Edit button on the form views if the user
cannot edit the current record according to the record access rules.
Usage
=====
When using Odoo, even if a user has no rights to edit a record, the Edit button
is shown. The user can edit the record but won't be able to save his changes.
Now, the user won't be able to click on the Edit button.
.. image:: https://odoo-community.org/website/image/ir.attachment/5784_f2813bd/datas
:alt: Try me on Runbot
:target: https://runbot.odoo-community.org/runbot/162/10.0
Known issues / Roadmap
======================
* Additional requests will be issued when a record is loaded in a form view in
order to check if the user has the access right.
Bug Tracker
===========
Bugs are tracked on `GitHub Issues
<https://github.com/OCA/web/issues>`_. In case of trouble, please
check there if your issue has already been reported. If you spotted it first,
help us smashing it by providing a detailed and welcomed `feedback
<https://github.com/OCA/
web/issues/new?body=module:%20
web_access_rule_buttons%0Aversion:%20
10.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
Credits
=======
Images
------
* Odoo Community Association: `Icon <https://github.com/OCA/maintainer-tools/blob/master/template/module/static/description/icon.svg>`_.
Contributors
------------
* Guewen Baconnier <guewen.baconnier@camptocamp.com>
Maintainer
----------
.. image:: https://odoo-community.org/logo.png
:alt: Odoo Community Association
:target: https://odoo-community.org
This module is maintained by the OCA.
OCA, or the Odoo Community Association, is a nonprofit organization whose
mission is to support the collaborative development of Odoo features and
promote its widespread use.
To contribute to this module, please visit https://odoo-community.org.

3
web_access_rule_buttons/__init__.py
View File

@ -1,2 +1,3 @@
# -*- coding: utf-8 -*-
# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
from . import models

28
web_access_rule_buttons/__manifest__.py
View File

@ -1,17 +1,19 @@
# -*- coding: utf-8 -*-
# © 2016 Camptocamp SA
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html)
# Copyright 2016 Camptocamp SA
# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
{'name': 'Web Access Rules Buttons',
'summary': 'Disable Edit button if access rules prevent this action',
'version': '10.0.1.0.0',
'author': 'Camptocamp,Odoo Community Association (OCA)',
'license': 'AGPL-3',
'category': 'Web',
'depends': ['web',
{
"name": "Web Access Rules Buttons",
"summary": "Disable Edit button if access rules prevent this action",
"version": "11.0.1.0.0",
"author": "Camptocamp, Onestein, Odoo Community Association (OCA)",
"license": "AGPL-3",
"category": "Web",
"depends": [
"web",
],
'website': 'http://www.camptocamp.com',
'data': ['views/web_access_rule_buttons.xml',
"website": "https://github.com/OCA/web/tree/11.0/web_access_rule_buttons",
"data": [
"views/web_access_rule_buttons.xml",
],
'installable': True,
"installable": True,
}

14
web_access_rule_buttons/i18n/web_access_rule_buttons.pot
View File

@ -1,14 +0,0 @@
# Translation of Odoo Server.
# This file contains the translation of the following modules:
#
msgid ""
msgstr ""
"Project-Id-Version: Odoo Server 10.0\n"
"Report-Msgid-Bugs-To: \n"
"Last-Translator: <>\n"
"Language-Team: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: \n"
"Plural-Forms: \n"

37
web_access_rule_buttons/models.py
View File

@ -1,37 +0,0 @@
# -*- coding: utf-8 -*-
# © 2016 Camptocamp SA
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html)
from odoo import models, api, exceptions
@api.multi
def check_access_rule_all(self, operations=None):
"""Verifies that the operation given by ``operations`` is allowed for the
user according to ir.rules.
If ``operations`` is empty, it returns the result for all actions.
:param operation: a list of ``read``, ``create``, ``write``, ``unlink``
:return: {operation: access} (access is a boolean)
"""
if operations is None:
operations = ['read', 'create', 'write', 'unlink']
result = {}
for operation in operations:
if self.is_transient() and not self.ids:
# If we call check_access_rule() without id, it will try to run a
# SELECT without ID which will crash, so we just blindly allow the
# operations
result[operation] = True
continue
try:
self.check_access_rule(operation)
except exceptions.AccessError:
result[operation] = False
else:
result[operation] = True
return result
models.BaseModel.check_access_rule_all = check_access_rule_all

3
web_access_rule_buttons/models/__init__.py 100644
View File

@ -0,0 +1,3 @@
# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
from . import models

37
web_access_rule_buttons/models/models.py 100644
View File

@ -0,0 +1,37 @@
# Copyright 2016 Camptocamp SA
# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
from odoo import models, api, exceptions
class Base(models.AbstractModel):
""" The base model, which is implicitly inherited by all models. """
_inherit = 'base'
@api.multi
def check_access_rule_all(self, operations=None):
"""Verifies that the operation given by ``operations`` is allowed for
the user according to ir.rules.
If ``operations`` is empty, it returns the result for all actions.
:param operation: a list of ``read``, ``create``, ``write``, ``unlink``
:return: {operation: access} (access is a boolean)
"""
if operations or None:
operations = ['read', 'create', 'write', 'unlink']
result = {}
for operation in operations:
if self.is_transient() and not self.ids:
# If we call check_access_rule() without id, it will try to
# run a SELECT without ID which will crash, so we just blindly
# allow the operations
result[operation] = True
continue
try:
self.check_access_rule(operation)
except exceptions.AccessError:
result[operation] = False
else:
result[operation] = True
return result

2
web_access_rule_buttons/readme/CONTRIBUTORS.rst 100644
View File

@ -0,0 +1,2 @@
* Guewen Baconnier <guewen.baconnier@camptocamp.com>
* Antonio Esposito <a.esposito@onestein.nl>

2
web_access_rule_buttons/readme/DESCRIPTION.rst 100644
View File

@ -0,0 +1,2 @@
This addon disables the Edit button on the form views if the user
cannot edit the current record according to the record access rules.

3
web_access_rule_buttons/readme/USAGE.rst 100644
View File

@ -0,0 +1,3 @@
When using Odoo, even if a user has no rights to edit a record, the Edit button
is shown. The user can edit the record but won't be able to save his changes.
Now, the user won't be able to click on the Edit button.

BIN
web_access_rule_buttons/static/description/icon.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 9.2 KiB

32
web_access_rule_buttons/static/src/js/form_controller.js 100644
View File

@ -0,0 +1,32 @@
/* Copyright 2016 Camptocamp SA
* License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl). */
odoo.define("web_access_rule_buttons.main", function (require) {
"use strict";
var FormController = require("web.FormController");
FormController.include({
_update: function (state) {
return this._super(state).then(this.show_hide_buttons(state));
},
show_hide_buttons : function (state) {
var self = this;
return self._rpc({
model: this.modelName,
method: 'check_access_rule_all',
args: [[state.data.id], ["write"]],
}).then(function (accesses) {
self.show_hide_edit_button(accesses.write);
});
},
show_hide_edit_button : function (access) {
if (this.$buttons) {
var button = this.$buttons.find(".o_form_button_edit");
if (button) {
button.prop("disabled", !access);
}
}
},
});
});

31
web_access_rule_buttons/static/src/js/web_access_rule_buttons.js
View File

@ -1,31 +0,0 @@
/*
* © 2016 Camptocamp SA
* License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html)
*/
odoo.define("web_access_rule_buttons.main", function(require) {
"use strict";
var FormView = require("web.FormView");
FormView.include({
load_record : function() {
return this._super.apply(this, arguments).then($.proxy(this.show_hide_buttons, this));
},
show_hide_buttons : function() {
var self = this;
this.dataset.call("check_access_rule_all", [ [ this.datarecord.id ], [ "write" ] ]).then(function(accesses) {
self.show_hide_edit_button(accesses.write);
});
},
show_hide_edit_button : function(access) {
if (this.$buttons) {
var button = this.$buttons.find(".o_form_button_edit");
if (button) {
button.prop("disabled", !access);
}
}
}
});
});

2
web_access_rule_buttons/views/web_access_rule_buttons.xml
View File

@ -2,7 +2,7 @@
<odoo>
<template id="assets_backend" name="web_access_rule_buttons assets" inherit_id="web.assets_backend">
<xpath expr="." position="inside">
<script type="text/javascript" src="/web_access_rule_buttons/static/src/js/web_access_rule_buttons.js"></script>
<script type="text/javascript" src="/web_access_rule_buttons/static/src/js/form_controller.js"></script>
</xpath>
</template>
</odoo>