thirdparty
/
CybroAddons
mirror of https://github.com/CybroOdoo/CybroAddons.git
5
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Aug 18: [FIX] Bug Fixed 'model_access_rights'

pull/220/merge
Risvana Cybro 4 weeks ago
parent
da9c720f64
commit
1ceb0d0180
11 changed files with 208 additions and 117 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      model_access_rights/__manifest__.py
  2. 7
      model_access_rights/doc/RELEASE_NOTES.md
  3. 20
      model_access_rights/models/model_access_rights.py
  4. 25
      model_access_rights/models/models.py
  5. BIN
      model_access_rights/static/description/assets/screenshots/model_access_right_03.png
  6. BIN
      model_access_rights/static/description/assets/screenshots/model_access_right_07.png
  7. 8
      model_access_rights/static/description/index.html
  8. 16
      model_access_rights/static/src/js/form_controller.js
  9. 26
      model_access_rights/static/src/js/kanban_controller.js
  10. 24
      model_access_rights/static/src/js/list_controller.js
  11. 17
      model_access_rights/views/model_access_rights_views.xml

2
model_access_rights/__manifest__.py
View File

@ -21,7 +21,7 @@
############################################################################# #############################################################################
{ {
'name': 'Hide Create|Delete|Archive|Export Options - Model Wise', 'name': 'Hide Create|Delete|Archive|Export Options - Model Wise',
'version': '16.0.1.0.0', 'version': '16.0.2.0.0',
'category': 'Extra Tools, Productivity', 'category': 'Extra Tools, Productivity',
'summary': """ Can hide options from user """, 'summary': """ Can hide options from user """,
'description': """ By using this module we can hide the options like create, 'description': """ By using this module we can hide the options like create,

7
model_access_rights/doc/RELEASE_NOTES.md
View File

@ -3,3 +3,10 @@
#### Version 16.0.1.0.0 #### Version 16.0.1.0.0
##### ADD ##### ADD
- Initial Commit for Hide Create|Delete|Archive|Export Options - Model Wise - Initial Commit for Hide Create|Delete|Archive|Export Options - Model Wise
#### 14.07.2025
#### Version 16.0.2.0.0
#### UPDT
- Added a new option to restrict model access rights for certain user.

20
model_access_rights/models/model_access_rights.py
View File

@ -21,7 +21,7 @@
# If not, see <http://www.gnu.org/licenses/>. # If not, see <http://www.gnu.org/licenses/>.
# #
############################################################################# #############################################################################
from odoo import api, fields, models, _ from odoo import api, fields, models
class ModelAccessRights(models.Model): class ModelAccessRights(models.Model):
@ -34,7 +34,7 @@ class ModelAccessRights(models.Model):
model_id = fields.Many2one('ir.model', ondelete='cascade', required=True, model_id = fields.Many2one('ir.model', ondelete='cascade', required=True,
help="select the model") help="select the model")
groups_id = fields.Many2one('res.groups', required=True, groups_id = fields.Many2one('res.groups',
help="select the group") help="select the group")
is_delete = fields.Boolean(string="Delete", help="hide the delete option") is_delete = fields.Boolean(string="Delete", help="hide the delete option")
is_export = fields.Boolean(string="Export", is_export = fields.Boolean(string="Export",
@ -45,6 +45,12 @@ class ModelAccessRights(models.Model):
" as well as form view") " as well as form view")
is_archive = fields.Boolean(string="Archive/UnArchive", is_archive = fields.Boolean(string="Archive/UnArchive",
help="hide the archive option") help="hide the archive option")
restriction_type = fields.Selection([
('user', 'User Wise'),
('group', 'Group Wise')
], 'Restriction Type',required=True,default="group")
user_id = fields.Many2one('res.users',
help="select the user")
@api.model @api.model
def hide_buttons(self): def hide_buttons(self):
@ -54,9 +60,12 @@ class ModelAccessRights(models.Model):
'is_export', 'is_export',
'is_create_or_update', 'is_create_or_update',
'is_archive', 'is_archive',
'restriction_type',
'user_id',
'groups_id']) 'groups_id'])
for dic in access_right_rec: for dic in access_right_rec:
model = self.env['ir.model'].sudo().browse(dic['model_id'][0]).model model = self.env['ir.model'].sudo().browse(dic['model_id'][0]).model
if dic['restriction_type'] == "group":
group_name = self.env['ir.model.data'].sudo().search([ group_name = self.env['ir.model.data'].sudo().search([
('model', '=', 'res.groups'), ('model', '=', 'res.groups'),
('res_id', '=', dic['groups_id'][0]) ('res_id', '=', dic['groups_id'][0])
@ -66,9 +75,14 @@ class ModelAccessRights(models.Model):
('model', '=', 'res.groups'), ('model', '=', 'res.groups'),
('res_id', '=', dic['groups_id'][0]) ('res_id', '=', dic['groups_id'][0])
]).module ]).module
else:
group_name=False
module_name=False
dic.update({ dic.update({
'model': model, 'model': model,
'group_name': group_name, 'group_name': group_name,
'module': module_name 'module': module_name,
'restriction_type': dic['restriction_type'],
'user': dic['user_id']
}) })
return access_right_rec return access_right_rec

25
model_access_rights/models/models.py
View File

@ -166,10 +166,11 @@ def _create(self, data_list):
[('model', '=', self._name)]).id [('model', '=', self._name)]).id
access_right_rec = self.env['access.right'].sudo().search_read( access_right_rec = self.env['access.right'].sudo().search_read(
[('model_id', '=', current_model_id)], [('model_id', '=', current_model_id)],
['model_id', 'is_create_or_update', ['model_id', 'is_create_or_update','restriction_type','user_id',
'groups_id']) 'groups_id'])
if access_right_rec and not self.env.is_admin(): if access_right_rec and not self.env.is_admin():
for rec in access_right_rec: for rec in access_right_rec:
if rec['restriction_type']=='group':
group_name = self.env['ir.model.data'].sudo().search([ group_name = self.env['ir.model.data'].sudo().search([
('model', '=', 'res.groups'), ('model', '=', 'res.groups'),
('res_id', '=', rec['groups_id'][0]) ('res_id', '=', rec['groups_id'][0])
@ -181,7 +182,15 @@ def _create(self, data_list):
group = module_name + "." + group_name group = module_name + "." + group_name
if self.env.user.has_group(group): if self.env.user.has_group(group):
if rec['is_create_or_update']: if rec['is_create_or_update']:
raise UserError('You are restricted from performing this' raise UserError(
'You are restricted from performing this'
' operation. Please contact the'
' administrator.')
if rec['restriction_type']=='user':
if self.env.user.id == rec['user_id'][0]:
if rec['is_create_or_update']:
raise UserError(
'You are restricted from performing this'
' operation. Please contact the' ' operation. Please contact the'
' administrator.') ' administrator.')
return records return records
@ -291,9 +300,11 @@ def unlink(self):
[('model', '=', self._name)]).id [('model', '=', self._name)]).id
access_right_rec = self.env['access.right'].sudo().search_read( access_right_rec = self.env['access.right'].sudo().search_read(
[('model_id', '=', current_model_id)], ['model_id', 'is_delete', [('model_id', '=', current_model_id)], ['model_id', 'is_delete',
'restriction_type','user_id',
'groups_id']) 'groups_id'])
if access_right_rec and not self.env.is_admin(): if access_right_rec and not self.env.is_admin():
for rec in access_right_rec: for rec in access_right_rec:
if rec['restriction_type'] == 'group':
group_name = self.env['ir.model.data'].sudo().search([ group_name = self.env['ir.model.data'].sudo().search([
('model', '=', 'res.groups'), ('model', '=', 'res.groups'),
('res_id', '=', rec['groups_id'][0]) ('res_id', '=', rec['groups_id'][0])
@ -305,9 +316,17 @@ def unlink(self):
group = module_name + "." + group_name group = module_name + "." + group_name
if self.env.user.has_group(group): if self.env.user.has_group(group):
if rec['is_delete']: if rec['is_delete']:
raise UserError(_('You are restricted from performing this' raise UserError(
_('You are restricted from performing this'
' operation. Please contact the' ' operation. Please contact the'
' administrator.')) ' administrator.'))
if rec['restriction_type']=='user':
if self.env.user.id == rec['user_id'][0]:
if rec['is_delete']:
raise UserError(
'You are restricted from performing this'
' operation. Please contact the'
' administrator.')
return True return True

BIN
model_access_rights/static/description/assets/screenshots/model_access_right_03.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 87 KiB

After

Width:  |  Height:  |  Size: 112 KiB

BIN
model_access_rights/static/description/assets/screenshots/model_access_right_07.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 83 KiB

After

Width:  |  Height:  |  Size: 107 KiB

8
model_access_rights/static/description/index.html
View File

@ -109,7 +109,7 @@
<div class="row" style="font-family: 'Montserrat', sans-serif; font-weight: 400; font-size: 14px; line-height: 200%;"> <div class="row" style="font-family: 'Montserrat', sans-serif; font-weight: 400; font-size: 14px; line-height: 200%;">
<div class="col-sm-12 py-4"> <div class="col-sm-12 py-4">
By using this module we can hide the options like create,delete,export,and archive/un archive in the model By using this module we can hide the options like create,delete,export,and archive/un archive in the model
which we want. Here we are also able to select the user groups except Administrator which we want to apply the which we want. Here we are also able to select the user groups or user except Administrator which we want to apply the
above hiding functionality </div> above hiding functionality </div>
</div> </div>
<!-- END OF OVERVIEW SECTION --> <!-- END OF OVERVIEW SECTION -->
@ -137,6 +137,10 @@
<img src="assets/misc/check-box.png" class="mr-2" /> <img src="assets/misc/check-box.png" class="mr-2" />
<span style="font-family: 'Montserrat', sans-serif; font-size: 18px; font-weight: bold;">Can hide the options for specific user group</span> <span style="font-family: 'Montserrat', sans-serif; font-size: 18px; font-weight: bold;">Can hide the options for specific user group</span>
</div> </div>
<div class="d-flex align-items-center" style="margin-top: 30px; margin-bottom: 30px">
<img src="assets/misc/check-box.png" class="mr-2" />
<span style="font-family: 'Montserrat', sans-serif; font-size: 18px; font-weight: bold;">Can hide the options for specific user</span>
</div>
<div class="d-flex align-items-center" style="margin-top: 30px; margin-bottom: 30px"> <div class="d-flex align-items-center" style="margin-top: 30px; margin-bottom: 30px">
<img src="assets/misc/check-box.png" class="mr-2" /> <img src="assets/misc/check-box.png" class="mr-2" />
<span style="font-family: 'Montserrat', sans-serif; font-size: 18px; font-weight: bold;">No additional configuration needed</span> <span style="font-family: 'Montserrat', sans-serif; font-size: 18px; font-weight: bold;">No additional configuration needed</span>
@ -169,7 +173,7 @@
</div> </div>
<div style="display: block; margin: 30px auto;"> <div style="display: block; margin: 30px auto;">
<h3 style="font-family: 'Montserrat', sans-serif; font-size: 18px; font-weight: bold;">Select the Model, Groups and the options which we want to hide</h3> <h3 style="font-family: 'Montserrat', sans-serif; font-size: 18px; font-weight: bold;">Select the Model, Restriction Type, Groups or user and the options which we want to hide</h3>
<img src="assets/screenshots/model_access_right_03.png" class="img-thumbnail"> <img src="assets/screenshots/model_access_right_03.png" class="img-thumbnail">
</div> </div>
<div style="display: block; margin: 30px auto;"> <div style="display: block; margin: 30px auto;">

16
model_access_rights/static/src/js/form_controller.js
View File

@ -4,6 +4,7 @@
*/ */
import { FormController} from "@web/views/form/form_controller"; import { FormController} from "@web/views/form/form_controller";
import { patch} from "@web/core/utils/patch"; import { patch} from "@web/core/utils/patch";
import { useService } from "@web/core/utils/hooks";
var rpc = require('web.rpc'); var rpc = require('web.rpc');
const { onWillStart} = owl; const { onWillStart} = owl;
patch(FormController.prototype, 'model_access_rights/static/src/js/form_controller.js.FormController', { patch(FormController.prototype, 'model_access_rights/static/src/js/form_controller.js.FormController', {
@ -12,6 +13,7 @@ patch(FormController.prototype, 'model_access_rights/static/src/js/form_controll
*/ */
setup() { setup() {
this._super(); this._super();
this.user = useService("user");
onWillStart(async () => { onWillStart(async () => {
var self = this var self = this
var result; var result;
@ -24,6 +26,7 @@ patch(FormController.prototype, 'model_access_rights/static/src/js/form_controll
for (var i = 0; i < result.length; i++) { for (var i = 0; i < result.length; i++) {
var group = result[i].module + "." + result[i].group_name var group = result[i].module + "." + result[i].group_name
if (self.props.resModel == result[i].model) { if (self.props.resModel == result[i].model) {
if (result[i].restriction_type == "group") {
if (await self.user.hasGroup(group)) { if (await self.user.hasGroup(group)) {
if (!this.user.isAdmin) { if (!this.user.isAdmin) {
if (result[i].is_create_or_update) { if (result[i].is_create_or_update) {
@ -32,10 +35,17 @@ patch(FormController.prototype, 'model_access_rights/static/src/js/form_controll
if (result[i].is_delete) { if (result[i].is_delete) {
this.archInfo.activeActions.delete = false this.archInfo.activeActions.delete = false
} }
if (result[i].is_archive) { }
self.archiveEnabled = false }
} else { } else {
self.archiveEnabled = true; if (await self.user.userId == result[i].user[0]) {
if (!this.user.isAdmin) {
if (result[i].is_create_or_update) {
self.canCreate = false
}
if (result[i].is_delete) {
this.archInfo.activeActions.delete = false
}
} }
} }
} }

26
model_access_rights/static/src/js/kanban_controller.js
View File

@ -4,6 +4,7 @@
*/ */
import { KanbanController } from '@web/views/kanban/kanban_controller'; import { KanbanController } from '@web/views/kanban/kanban_controller';
import { patch} from "@web/core/utils/patch"; import { patch} from "@web/core/utils/patch";
import { useService } from "@web/core/utils/hooks";
var rpc = require('web.rpc'); var rpc = require('web.rpc');
const {onWillStart} = owl; const {onWillStart} = owl;
patch(KanbanController.prototype, 'model_access_rights/static/src/js/list_controller.js.KanbanController', { patch(KanbanController.prototype, 'model_access_rights/static/src/js/list_controller.js.KanbanController', {
@ -12,6 +13,7 @@ patch(KanbanController.prototype, 'model_access_rights/static/src/js/list_contro
*/ */
setup() { setup() {
this._super(); this._super();
this.user = useService("user");
onWillStart(async () => { onWillStart(async () => {
var self = this var self = this
var result; var result;
@ -24,14 +26,28 @@ patch(KanbanController.prototype, 'model_access_rights/static/src/js/list_contro
for (var i = 0; i < result.length; i++) { for (var i = 0; i < result.length; i++) {
var group = result[i].module + "." + result[i].group_name var group = result[i].module + "." + result[i].group_name
if (self.props.resModel == result[i].model) { if (self.props.resModel == result[i].model) {
if (await self.model.user.hasGroup(group)) { if (result[i].restriction_type == "group") {
if (!self.model.user.isAdmin) { if (await self.user.hasGroup(group)) {
if (!self.user.isAdmin) {
if (result[i].is_create_or_update) { if (result[i].is_create_or_update) {
self.props.archInfo.activeActions.create=false self.props.archInfo.activeActions.create = false
self.props.archInfo.activeActions.edit=false self.props.archInfo.activeActions.edit = false
} }
if (result[i].is_delete) { if (result[i].is_delete) {
self.props.archInfo.activeActions.delete=false self.props.archInfo.activeActions.delete = false
}
}
}
} else {
if (await self.user.userId == result[i].user[0]) {
if (!self.user.isAdmin) {
if (result[i].is_create_or_update) {
self.props.archInfo.activeActions.create = false
self.props.archInfo.activeActions.edit = false
}
if (result[i].is_delete) {
self.props.archInfo.activeActions.delete = false
}
} }
} }
} }

24
model_access_rights/static/src/js/list_controller.js
View File

@ -4,6 +4,7 @@
*/ */
import { ListController} from '@web/views/list/list_controller'; import { ListController} from '@web/views/list/list_controller';
import { patch} from "@web/core/utils/patch"; import { patch} from "@web/core/utils/patch";
import { useService } from "@web/core/utils/hooks";
var rpc = require('web.rpc'); var rpc = require('web.rpc');
const {onWillStart} = owl; const {onWillStart} = owl;
patch(ListController.prototype, 'model_access_rights/static/src/js/list_controller.js.ListController', { patch(ListController.prototype, 'model_access_rights/static/src/js/list_controller.js.ListController', {
@ -12,6 +13,7 @@ patch(ListController.prototype, 'model_access_rights/static/src/js/list_controll
*/ */
setup() { setup() {
this._super(); this._super();
this.user = useService("user");
onWillStart(async () => { onWillStart(async () => {
var self = this var self = this
var result; var result;
@ -24,8 +26,9 @@ patch(ListController.prototype, 'model_access_rights/static/src/js/list_controll
for (var i = 0; i < result.length; i++) { for (var i = 0; i < result.length; i++) {
var group = result[i].module + "." + result[i].group_name var group = result[i].module + "." + result[i].group_name
if (self.props.resModel == result[i].model) { if (self.props.resModel == result[i].model) {
if (await self.userService.hasGroup(group)) { if (result[i].restriction_type == "group") {
if (!this.userService.isAdmin) { if (await self.user.hasGroup(group)) {
if (!this.user.isAdmin) {
if (result[i].is_create_or_update) { if (result[i].is_create_or_update) {
self.activeActions.create = false; self.activeActions.create = false;
} }
@ -36,10 +39,21 @@ patch(ListController.prototype, 'model_access_rights/static/src/js/list_controll
if (result[i].is_delete) { if (result[i].is_delete) {
self.activeActions.delete = false; self.activeActions.delete = false;
} }
if (result[i].is_archive) { }
self.archiveEnabled = false; }
} else { } else {
self.archiveEnabled = true; if (await self.user.userId == result[i].user[0]) {
if (!this.user.isAdmin) {
if (result[i].is_create_or_update) {
self.activeActions.create = false;
}
if (result[i].is_export) {
self.isExportEnable = false
self.isExportEnable = false
}
if (result[i].is_delete) {
self.activeActions.delete = false;
}
} }
} }
} }

17
model_access_rights/views/model_access_rights_views.xml
View File

@ -1,12 +1,12 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<odoo> <odoo>
<!-- Action for the menu Restrict Model Access--> <!-- Action for the menu Restrict Model Access-->
<record id="access_right_action" model="ir.actions.act_window"> <record id="access_right_action" model="ir.actions.act_window">
<field name="name">Restrict Access Rights</field> <field name="name">Restrict Access Rights</field>
<field name="res_model">access.right</field> <field name="res_model">access.right</field>
<field name='view_mode'>tree,form</field> <field name='view_mode'>tree,form</field>
</record> </record>
<!-- Tree view for the model access.right--> <!-- Tree view for the model access.right-->
<record id="access_right_view_tree" model="ir.ui.view"> <record id="access_right_view_tree" model="ir.ui.view">
<field name="name">access.right.view.tree</field> <field name="name">access.right.view.tree</field>
<field name="model">access.right</field> <field name="model">access.right</field>
@ -21,7 +21,7 @@
</tree> </tree>
</field> </field>
</record> </record>
<!-- Form view for the model access.right--> <!-- Form view for the model access.right-->
<record id="access_right_view_form" model="ir.ui.view"> <record id="access_right_view_form" model="ir.ui.view">
<field name="name">access.right.view.form</field> <field name="name">access.right.view.form</field>
<field name="model">access.right</field> <field name="model">access.right</field>
@ -31,7 +31,14 @@
<group> <group>
<group> <group>
<field name="model_id"/> <field name="model_id"/>
<field name="groups_id"/> <field name="restriction_type"/>
<field name="user_id"
attrs="{'invisible':[('restriction_type','in',['group'])],
'required':[('restriction_type', '==', 'user')]}"/>
<field name="groups_id"
attrs="{'invisible':[('restriction_type','in',['user'])],
'required':[('restriction_type', '==', 'group')]}"/>
</group> </group>
<group> <group>
<field name="is_delete"/> <field name="is_delete"/>
@ -48,7 +55,7 @@
</form> </form>
</field> </field>
</record> </record>
<!-- Creating a menu named Restrict Model Access--> <!-- Creating a menu named Restrict Model Access-->
<menuitem id="access_right_menu" <menuitem id="access_right_menu"
name="Restrict Access Rights" name="Restrict Access Rights"
parent="base.menu_administration" parent="base.menu_administration"

Write Preview
Loading…
Cancel
Save