thirdparty
/
CybroAddons
mirror of https://github.com/CybroOdoo/CybroAddons.git
5
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Aug 18: [FIX] Bug Fixed 'model_access_rights'

pull/220/merge
Risvana Cybro 4 weeks ago
parent
da9c720f64
commit
1ceb0d0180
11 changed files with 208 additions and 117 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      model_access_rights/__manifest__.py
  2. 7
      model_access_rights/doc/RELEASE_NOTES.md
  3. 36
      model_access_rights/models/model_access_rights.py
  4. 77
      model_access_rights/models/models.py
  5. BIN
      model_access_rights/static/description/assets/screenshots/model_access_right_03.png
  6. BIN
      model_access_rights/static/description/assets/screenshots/model_access_right_07.png
  7. 8
      model_access_rights/static/description/index.html
  8. 32
      model_access_rights/static/src/js/form_controller.js
  9. 30
      model_access_rights/static/src/js/kanban_controller.js
  10. 44
      model_access_rights/static/src/js/list_controller.js
  11. 89
      model_access_rights/views/model_access_rights_views.xml

2
model_access_rights/__manifest__.py
View File

@ -21,7 +21,7 @@
#############################################################################
{
'name': 'Hide Create|Delete|Archive|Export Options - Model Wise',
'version': '16.0.1.0.0',
'version': '16.0.2.0.0',
'category': 'Extra Tools, Productivity',
'summary': """ Can hide options from user """,
'description': """ By using this module we can hide the options like create,

7
model_access_rights/doc/RELEASE_NOTES.md
View File

@ -3,3 +3,10 @@
#### Version 16.0.1.0.0
##### ADD
- Initial Commit for Hide Create|Delete|Archive|Export Options - Model Wise
#### 14.07.2025
#### Version 16.0.2.0.0
#### UPDT
- Added a new option to restrict model access rights for certain user.

36
model_access_rights/models/model_access_rights.py
View File

@ -21,7 +21,7 @@
# If not, see <http://www.gnu.org/licenses/>.
#
#############################################################################
from odoo import api, fields, models, _
from odoo import api, fields, models
class ModelAccessRights(models.Model):
@ -34,7 +34,7 @@ class ModelAccessRights(models.Model):
model_id = fields.Many2one('ir.model', ondelete='cascade', required=True,
help="select the model")
groups_id = fields.Many2one('res.groups', required=True,
groups_id = fields.Many2one('res.groups',
help="select the group")
is_delete = fields.Boolean(string="Delete", help="hide the delete option")
is_export = fields.Boolean(string="Export",
@ -45,6 +45,12 @@ class ModelAccessRights(models.Model):
" as well as form view")
is_archive = fields.Boolean(string="Archive/UnArchive",
help="hide the archive option")
restriction_type = fields.Selection([
('user', 'User Wise'),
('group', 'Group Wise')
], 'Restriction Type',required=True,default="group")
user_id = fields.Many2one('res.users',
help="select the user")
@api.model
def hide_buttons(self):
@ -54,21 +60,29 @@ class ModelAccessRights(models.Model):
'is_export',
'is_create_or_update',
'is_archive',
'restriction_type',
'user_id',
'groups_id'])
for dic in access_right_rec:
model = self.env['ir.model'].sudo().browse(dic['model_id'][0]).model
group_name = self.env['ir.model.data'].sudo().search([
('model', '=', 'res.groups'),
('res_id', '=', dic['groups_id'][0])
]).name
if dic['restriction_type'] == "group":
group_name = self.env['ir.model.data'].sudo().search([
('model', '=', 'res.groups'),
('res_id', '=', dic['groups_id'][0])
]).name
module_name = self.env['ir.model.data'].sudo().search([
('model', '=', 'res.groups'),
('res_id', '=', dic['groups_id'][0])
]).module
module_name = self.env['ir.model.data'].sudo().search([
('model', '=', 'res.groups'),
('res_id', '=', dic['groups_id'][0])
]).module
else:
group_name=False
module_name=False
dic.update({
'model': model,
'group_name': group_name,
'module': module_name
'module': module_name,
'restriction_type': dic['restriction_type'],
'user': dic['user_id']
})
return access_right_rec

77
model_access_rights/models/models.py
View File

@ -166,24 +166,33 @@ def _create(self, data_list):
[('model', '=', self._name)]).id
access_right_rec = self.env['access.right'].sudo().search_read(
[('model_id', '=', current_model_id)],
['model_id', 'is_create_or_update',
['model_id', 'is_create_or_update','restriction_type','user_id',
'groups_id'])
if access_right_rec and not self.env.is_admin():
for rec in access_right_rec:
group_name = self.env['ir.model.data'].sudo().search([
('model', '=', 'res.groups'),
('res_id', '=', rec['groups_id'][0])
]).name
module_name = self.env['ir.model.data'].sudo().search([
('model', '=', 'res.groups'),
('res_id', '=', rec['groups_id'][0])
]).module
group = module_name + "." + group_name
if self.env.user.has_group(group):
if rec['is_create_or_update']:
raise UserError('You are restricted from performing this'
' operation. Please contact the'
' administrator.')
if rec['restriction_type']=='group':
group_name = self.env['ir.model.data'].sudo().search([
('model', '=', 'res.groups'),
('res_id', '=', rec['groups_id'][0])
]).name
module_name = self.env['ir.model.data'].sudo().search([
('model', '=', 'res.groups'),
('res_id', '=', rec['groups_id'][0])
]).module
group = module_name + "." + group_name
if self.env.user.has_group(group):
if rec['is_create_or_update']:
raise UserError(
'You are restricted from performing this'
' operation. Please contact the'
' administrator.')
if rec['restriction_type']=='user':
if self.env.user.id == rec['user_id'][0]:
if rec['is_create_or_update']:
raise UserError(
'You are restricted from performing this'
' operation. Please contact the'
' administrator.')
return records
@ -291,23 +300,33 @@ def unlink(self):
[('model', '=', self._name)]).id
access_right_rec = self.env['access.right'].sudo().search_read(
[('model_id', '=', current_model_id)], ['model_id', 'is_delete',
'restriction_type','user_id',
'groups_id'])
if access_right_rec and not self.env.is_admin():
for rec in access_right_rec:
group_name = self.env['ir.model.data'].sudo().search([
('model', '=', 'res.groups'),
('res_id', '=', rec['groups_id'][0])
]).name
module_name = self.env['ir.model.data'].sudo().search([
('model', '=', 'res.groups'),
('res_id', '=', rec['groups_id'][0])
]).module
group = module_name + "." + group_name
if self.env.user.has_group(group):
if rec['is_delete']:
raise UserError(_('You are restricted from performing this'
' operation. Please contact the'
' administrator.'))
if rec['restriction_type'] == 'group':
group_name = self.env['ir.model.data'].sudo().search([
('model', '=', 'res.groups'),
('res_id', '=', rec['groups_id'][0])
]).name
module_name = self.env['ir.model.data'].sudo().search([
('model', '=', 'res.groups'),
('res_id', '=', rec['groups_id'][0])
]).module
group = module_name + "." + group_name
if self.env.user.has_group(group):
if rec['is_delete']:
raise UserError(
_('You are restricted from performing this'
' operation. Please contact the'
' administrator.'))
if rec['restriction_type']=='user':
if self.env.user.id == rec['user_id'][0]:
if rec['is_delete']:
raise UserError(
'You are restricted from performing this'
' operation. Please contact the'
' administrator.')
return True

BIN
model_access_rights/static/description/assets/screenshots/model_access_right_03.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 87 KiB

After

Width:  |  Height:  |  Size: 112 KiB

BIN
model_access_rights/static/description/assets/screenshots/model_access_right_07.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 83 KiB

After

Width:  |  Height:  |  Size: 107 KiB

8
model_access_rights/static/description/index.html
View File

@ -109,7 +109,7 @@
<div class="row" style="font-family: 'Montserrat', sans-serif; font-weight: 400; font-size: 14px; line-height: 200%;">
<div class="col-sm-12 py-4">
By using this module we can hide the options like create,delete,export,and archive/un archive in the model
which we want. Here we are also able to select the user groups except Administrator which we want to apply the
which we want. Here we are also able to select the user groups or user except Administrator which we want to apply the
above hiding functionality </div>
</div>
<!-- END OF OVERVIEW SECTION -->
@ -137,6 +137,10 @@
<img src="assets/misc/check-box.png" class="mr-2" />
<span style="font-family: 'Montserrat', sans-serif; font-size: 18px; font-weight: bold;">Can hide the options for specific user group</span>
</div>
<div class="d-flex align-items-center" style="margin-top: 30px; margin-bottom: 30px">
<img src="assets/misc/check-box.png" class="mr-2" />
<span style="font-family: 'Montserrat', sans-serif; font-size: 18px; font-weight: bold;">Can hide the options for specific user</span>
</div>
<div class="d-flex align-items-center" style="margin-top: 30px; margin-bottom: 30px">
<img src="assets/misc/check-box.png" class="mr-2" />
<span style="font-family: 'Montserrat', sans-serif; font-size: 18px; font-weight: bold;">No additional configuration needed</span>
@ -169,7 +173,7 @@
</div>
<div style="display: block; margin: 30px auto;">
<h3 style="font-family: 'Montserrat', sans-serif; font-size: 18px; font-weight: bold;">Select the Model, Groups and the options which we want to hide</h3>
<h3 style="font-family: 'Montserrat', sans-serif; font-size: 18px; font-weight: bold;">Select the Model, Restriction Type, Groups or user and the options which we want to hide</h3>
<img src="assets/screenshots/model_access_right_03.png" class="img-thumbnail">
</div>
<div style="display: block; margin: 30px auto;">

32
model_access_rights/static/src/js/form_controller.js
View File

@ -4,6 +4,7 @@
*/
import { FormController} from "@web/views/form/form_controller";
import { patch} from "@web/core/utils/patch";
import { useService } from "@web/core/utils/hooks";
var rpc = require('web.rpc');
const { onWillStart} = owl;
patch(FormController.prototype, 'model_access_rights/static/src/js/form_controller.js.FormController', {
@ -12,6 +13,7 @@ patch(FormController.prototype, 'model_access_rights/static/src/js/form_controll
*/
setup() {
this._super();
this.user = useService("user");
onWillStart(async () => {
var self = this
var result;
@ -24,18 +26,26 @@ patch(FormController.prototype, 'model_access_rights/static/src/js/form_controll
for (var i = 0; i < result.length; i++) {
var group = result[i].module + "." + result[i].group_name
if (self.props.resModel == result[i].model) {
if (await self.user.hasGroup(group)) {
if (!this.user.isAdmin) {
if (result[i].is_create_or_update) {
self.canCreate = false
if (result[i].restriction_type == "group") {
if (await self.user.hasGroup(group)) {
if (!this.user.isAdmin) {
if (result[i].is_create_or_update) {
self.canCreate = false
}
if (result[i].is_delete) {
this.archInfo.activeActions.delete = false
}
}
if (result[i].is_delete) {
this.archInfo.activeActions.delete = false
}
if (result[i].is_archive) {
self.archiveEnabled = false
} else {
self.archiveEnabled = true;
}
} else {
if (await self.user.userId == result[i].user[0]) {
if (!this.user.isAdmin) {
if (result[i].is_create_or_update) {
self.canCreate = false
}
if (result[i].is_delete) {
this.archInfo.activeActions.delete = false
}
}
}
}

30
model_access_rights/static/src/js/kanban_controller.js
View File

@ -4,6 +4,7 @@
*/
import { KanbanController } from '@web/views/kanban/kanban_controller';
import { patch} from "@web/core/utils/patch";
import { useService } from "@web/core/utils/hooks";
var rpc = require('web.rpc');
const {onWillStart} = owl;
patch(KanbanController.prototype, 'model_access_rights/static/src/js/list_controller.js.KanbanController', {
@ -12,6 +13,7 @@ patch(KanbanController.prototype, 'model_access_rights/static/src/js/list_contro
*/
setup() {
this._super();
this.user = useService("user");
onWillStart(async () => {
var self = this
var result;
@ -24,14 +26,28 @@ patch(KanbanController.prototype, 'model_access_rights/static/src/js/list_contro
for (var i = 0; i < result.length; i++) {
var group = result[i].module + "." + result[i].group_name
if (self.props.resModel == result[i].model) {
if (await self.model.user.hasGroup(group)) {
if (!self.model.user.isAdmin) {
if (result[i].is_create_or_update) {
self.props.archInfo.activeActions.create=false
self.props.archInfo.activeActions.edit=false
if (result[i].restriction_type == "group") {
if (await self.user.hasGroup(group)) {
if (!self.user.isAdmin) {
if (result[i].is_create_or_update) {
self.props.archInfo.activeActions.create = false
self.props.archInfo.activeActions.edit = false
}
if (result[i].is_delete) {
self.props.archInfo.activeActions.delete = false
}
}
if (result[i].is_delete) {
self.props.archInfo.activeActions.delete=false
}
} else {
if (await self.user.userId == result[i].user[0]) {
if (!self.user.isAdmin) {
if (result[i].is_create_or_update) {
self.props.archInfo.activeActions.create = false
self.props.archInfo.activeActions.edit = false
}
if (result[i].is_delete) {
self.props.archInfo.activeActions.delete = false
}
}
}
}

44
model_access_rights/static/src/js/list_controller.js
View File

@ -4,6 +4,7 @@
*/
import { ListController} from '@web/views/list/list_controller';
import { patch} from "@web/core/utils/patch";
import { useService } from "@web/core/utils/hooks";
var rpc = require('web.rpc');
const {onWillStart} = owl;
patch(ListController.prototype, 'model_access_rights/static/src/js/list_controller.js.ListController', {
@ -12,6 +13,7 @@ patch(ListController.prototype, 'model_access_rights/static/src/js/list_controll
*/
setup() {
this._super();
this.user = useService("user");
onWillStart(async () => {
var self = this
var result;
@ -24,22 +26,34 @@ patch(ListController.prototype, 'model_access_rights/static/src/js/list_controll
for (var i = 0; i < result.length; i++) {
var group = result[i].module + "." + result[i].group_name
if (self.props.resModel == result[i].model) {
if (await self.userService.hasGroup(group)) {
if (!this.userService.isAdmin) {
if (result[i].is_create_or_update) {
self.activeActions.create = false;
if (result[i].restriction_type == "group") {
if (await self.user.hasGroup(group)) {
if (!this.user.isAdmin) {
if (result[i].is_create_or_update) {
self.activeActions.create = false;
}
if (result[i].is_export) {
self.isExportEnable = false
self.isExportEnable = false
}
if (result[i].is_delete) {
self.activeActions.delete = false;
}
}
if (result[i].is_export) {
self.isExportEnable = false
self.isExportEnable = false
}
if (result[i].is_delete) {
self.activeActions.delete = false;
}
if (result[i].is_archive) {
self.archiveEnabled = false;
} else {
self.archiveEnabled = true;
}
} else {
if (await self.user.userId == result[i].user[0]) {
if (!this.user.isAdmin) {
if (result[i].is_create_or_update) {
self.activeActions.create = false;
}
if (result[i].is_export) {
self.isExportEnable = false
self.isExportEnable = false
}
if (result[i].is_delete) {
self.activeActions.delete = false;
}
}
}
}

89
model_access_rights/views/model_access_rights_views.xml
View File

@ -1,58 +1,65 @@
<?xml version="1.0" encoding="utf-8"?>
<odoo>
<!-- Action for the menu Restrict Model Access-->
<!-- Action for the menu Restrict Model Access-->
<record id="access_right_action" model="ir.actions.act_window">
<field name="name">Restrict Access Rights</field>
<field name="res_model">access.right</field>
<field name='view_mode'>tree,form</field>
</record>
<!-- Tree view for the model access.right-->
<record id="access_right_view_tree" model="ir.ui.view">
<field name="name">access.right.view.tree</field>
<field name="model">access.right</field>
<field name="arch" type="xml">
<tree>
<field name="model_id"/>
<field name="groups_id"/>
<field name="is_delete"/>
<field name="is_export"/>
<field name="is_create_or_update"/>
<field name="is_archive"/>
</tree>
</field>
</record>
<!-- Form view for the model access.right-->
<record id="access_right_view_form" model="ir.ui.view">
<field name="name">access.right.view.form</field>
<field name="model">access.right</field>
<field name="arch" type="xml">
<form>
<sheet>
<!-- Tree view for the model access.right-->
<record id="access_right_view_tree" model="ir.ui.view">
<field name="name">access.right.view.tree</field>
<field name="model">access.right</field>
<field name="arch" type="xml">
<tree>
<field name="model_id"/>
<field name="groups_id"/>
<field name="is_delete"/>
<field name="is_export"/>
<field name="is_create_or_update"/>
<field name="is_archive"/>
</tree>
</field>
</record>
<!-- Form view for the model access.right-->
<record id="access_right_view_form" model="ir.ui.view">
<field name="name">access.right.view.form</field>
<field name="model">access.right</field>
<field name="arch" type="xml">
<form>
<sheet>
<group>
<group>
<field name="model_id"/>
<field name="groups_id"/>
<field name="model_id"/>
<field name="restriction_type"/>
<field name="user_id"
attrs="{'invisible':[('restriction_type','in',['group'])],
'required':[('restriction_type', '==', 'user')]}"/>
<field name="groups_id"
attrs="{'invisible':[('restriction_type','in',['user'])],
'required':[('restriction_type', '==', 'group')]}"/>
</group>
<group>
<field name="is_delete"/>
<field name="is_export"/>
<field name="is_create_or_update"/>
<field name="is_archive"/>
<field name="is_delete"/>
<field name="is_export"/>
<field name="is_create_or_update"/>
<field name="is_archive"/>
</group>
</group>
</sheet>
<div class="oe_chatter">
</sheet>
<div class="oe_chatter">
<field name="message_follower_ids"/>
<field name="message_ids"/>
</div>
</form>
</field>
</record>
<!-- Creating a menu named Restrict Model Access-->
<menuitem id="access_right_menu"
name="Restrict Access Rights"
parent="base.menu_administration"
action="access_right_action"
sequence="6"
groups="model_access_rights.model_access_rights_groups_configure_model_access"/>
</form>
</field>
</record>
<!-- Creating a menu named Restrict Model Access-->
<menuitem id="access_right_menu"
name="Restrict Access Rights"
parent="base.menu_administration"
action="access_right_action"
sequence="6"
groups="model_access_rights.model_access_rights_groups_configure_model_access"/>
</odoo>

Write Preview
Loading…
Cancel
Save