diff --git a/model_access_rights/__manifest__.py b/model_access_rights/__manifest__.py index 8b4897001..58492cd8b 100644 --- a/model_access_rights/__manifest__.py +++ b/model_access_rights/__manifest__.py @@ -21,7 +21,7 @@ ############################################################################## { 'name': 'Hide Create|Delete|Archive|Export Options - Model Wise', - 'version': '15.0.1.0.1', + 'version': '15.0.2.0.0', 'category': 'Extra Tools', 'summary': """Hide module features for user groups.""", 'description': """ diff --git a/model_access_rights/doc/RELEASE_NOTES.md b/model_access_rights/doc/RELEASE_NOTES.md index 0d6ffc73e..69a146c06 100644 --- a/model_access_rights/doc/RELEASE_NOTES.md +++ b/model_access_rights/doc/RELEASE_NOTES.md @@ -9,3 +9,10 @@ #### Version 15.0.1.0.1 #### BUG FIX - Fixed issue of export action not appearing in res.groups list view after module installation + + +#### 14.07.2025 +#### Version 15.0.2.0.0 +#### UPDT + +- Added a new option to restrict model access rights for certain user. diff --git a/model_access_rights/models/access_right.py b/model_access_rights/models/access_right.py index 19a960d42..b3dbc0bba 100644 --- a/model_access_rights/models/access_right.py +++ b/model_access_rights/models/access_right.py @@ -33,7 +33,7 @@ class AccessRight(models.Model): model_id = fields.Many2one('ir.model', ondelete='cascade', required=True, string="Model", help="Select the model") - groups_id = fields.Many2one('res.groups', required=True, + groups_id = fields.Many2one('res.groups', string="Groups", help="Select the group") is_delete = fields.Boolean(string="Delete", help="Hide the delete option") is_export = fields.Boolean(string="Export", @@ -43,30 +43,45 @@ class AccessRight(models.Model): help="Hide the create option " "from list as well as form view") is_archive = fields.Boolean(string="Archive/UnArchive", - help="Hide the archive option") + help="hide the archive option") + restriction_type = fields.Selection([ + ('user', 'User Wise'), + ('group', 'Group Wise') + ], 'Restriction Type', required=True, default="group") + user_id = fields.Many2one('res.users', + help="select the user") @api.model - def hide_buttons(self, args): - """Returns the visibility settings for buttons per model and group.""" - user = self.env['res.users'].browse(args[0]) - model_name = args[1] - access_right_rec = self.sudo().search_read([ - ('model_id.model', '=', model_name), - ('groups_id', 'in', user.groups_id.ids) - ], ['is_delete', 'is_export', 'is_create_or_update', 'is_archive']) - - if access_right_rec: - rec = access_right_rec[0] # If multiple, first match wins - return { - 'is_delete': rec['is_delete'], - 'is_export': rec['is_export'], - 'is_create_or_update': rec['is_create_or_update'], - 'is_archive': rec['is_archive'] - } - return { - 'is_delete': False, - 'is_export': False, - 'is_create_or_update': False, - 'is_archive': False - } + def hide_buttons(self): + """This function contains a query that detects which all options want + to hide, in which model,and to which user groups""" + access_right_rec = self.sudo().search_read([], ['model_id', 'is_delete', + 'is_export', + 'is_create_or_update', + 'is_archive', + 'restriction_type', + 'user_id', + 'groups_id']) + for dic in access_right_rec: + model = self.env['ir.model'].sudo().browse(dic['model_id'][0]).model + if dic['restriction_type'] == "group": + group_name = self.env['ir.model.data'].sudo().search([ + ('model', '=', 'res.groups'), + ('res_id', '=', dic['groups_id'][0]) + ]).name + module_name = self.env['ir.model.data'].sudo().search([ + ('model', '=', 'res.groups'), + ('res_id', '=', dic['groups_id'][0]) + ]).module + else: + group_name=False + module_name=False + dic.update({ + 'model': model, + 'group_name': group_name, + 'module': module_name, + 'restriction_type': dic['restriction_type'], + 'user': dic['user_id'] + }) + return access_right_rec diff --git a/model_access_rights/static/description/assets/screenshots/s3.png b/model_access_rights/static/description/assets/screenshots/s3.png index 493ae37fe..68c0459c1 100644 Binary files a/model_access_rights/static/description/assets/screenshots/s3.png and b/model_access_rights/static/description/assets/screenshots/s3.png differ diff --git a/model_access_rights/static/description/index.html b/model_access_rights/static/description/index.html index 6fbd75a82..589669ae4 100644 --- a/model_access_rights/static/description/index.html +++ b/model_access_rights/static/description/index.html @@ -156,7 +156,7 @@
- Can hide the options for specific user group + Can hide the options for specific user group or user
@@ -201,7 +201,7 @@

Select the group of any user, model in which it is applied. Here 'User:Own Documents Only' in 'Sales' is selected.
- Imp: Features will be hidden for all the users with this group. + Imp: Features will be hidden for all the users with this group or user.

diff --git a/model_access_rights/static/src/js/form_controller.js b/model_access_rights/static/src/js/form_controller.js index ccf6aea4b..cb5f39e49 100644 --- a/model_access_rights/static/src/js/form_controller.js +++ b/model_access_rights/static/src/js/form_controller.js @@ -5,6 +5,7 @@ import FormController from 'web.FormController'; import { patch } from "@web/core/utils/patch"; import rpc from 'web.rpc'; +import session from 'web.session'; patch(FormController.prototype, 'model_access_rights/static/src/js/form_controller.js.FormController', { /** * This function will used to hide the selected options from the form view @@ -14,18 +15,37 @@ patch(FormController.prototype, 'model_access_rights/static/src/js/form_controll var user_id = self.initialState.context.uid; var model = self.modelName; await rpc.query({model: 'access.right', method: 'hide_buttons', - args: [[user_id, model]], - }).then(function(data) { - if(data){ - if(data['is_create_or_update']){ - self.activeActions.create = false; - self.activeActions.edit = false; - } - if(data['is_delete']){ - self.activeActions.delete = false; - } - if(data['is_archive']){ - self.archiveEnabled = false; + args: [], + }).then(function(result) { + for (var i = 0; i < result.length; i++) { + var group = result[i].module + "." + result[i].group_name + if (self.modelName == result[i].model) { + if (result[i].restriction_type == "group") { + if (session.user_has_group(group)) { + if (!session.is_admin) { + if (result[i].is_create_or_update) { + self.activeActions.create = false + self.activeActions.edit = false + } + if (result[i].is_delete) { + self.activeActions.delete = false + } + } + } + } else { + if (user_id == result[i].user[0]) { + if (!this.user.isAdmin) { + if (result[i].is_create_or_update) { + self.activeActions.create = false + self.activeActions.edit = false + } + if (result[i].is_delete) { + self.activeActions.delete = false + } + } + } + } + } } }); diff --git a/model_access_rights/static/src/js/kanban_controller.js b/model_access_rights/static/src/js/kanban_controller.js index 923b22165..e30792f4f 100644 --- a/model_access_rights/static/src/js/kanban_controller.js +++ b/model_access_rights/static/src/js/kanban_controller.js @@ -5,30 +5,49 @@ import KanbanController from 'web.KanbanController'; import { patch } from "@web/core/utils/patch"; import rpc from 'web.rpc'; +import session from 'web.session'; patch(KanbanController.prototype, 'model_access_rights/static/src/js/kanban_controller.js.KanbanController', { /** * This function will used to hide the selected options from the kanban view */ + async willStart() { var self = this; - var user_id = self.initialState.context.uid; var model = self.modelName; await rpc.query({model: 'access.right', method: 'hide_buttons', - args: [[user_id, model]], - }).then(function(data) { - if(data){ - if(data['is_create_or_update']){ - self.activeActions.create = false; - self.activeActions.edit = false; - } - if(data['is_delete']){ - self.activeActions.delete = false; - } - if(data['is_archive']){ - self.archiveEnabled = false; - } - if(data['is_export']){ - self.isExportEnable = false; + args: [], + }).then(function(result) { + for (var i = 0; i < result.length; i++) { + var group = result[i].module + "." + result[i].group_name + if (self.modelName == result[i].model) { + if (result[i].restriction_type == "group") { + if (session.user_has_group(group)) { + if (!session.is_admin) { + if (result[i].is_create_or_update) { +// self.props.archInfo.activeActions.create = false +// self.props.archInfo.activeActions.edit = false + this.is_action_enabled('edit')= false + this.is_action_enabled('create')= false + } + if (result[i].is_delete) { + self.props.archInfo.activeActions.delete = false + } + } + } + } else { + if (user_id == result[i].user[0]) { + if (!self.user.isAdmin) { + if (result[i].is_create_or_update) { + self.props.archInfo.activeActions.create = false + self.props.archInfo.activeActions.edit = false + } + if (result[i].is_delete) { + self.props.archInfo.activeActions.delete = false + } + } + } + } + } } }); diff --git a/model_access_rights/static/src/js/list_controller.js b/model_access_rights/static/src/js/list_controller.js index 993a04733..c5348121c 100644 --- a/model_access_rights/static/src/js/list_controller.js +++ b/model_access_rights/static/src/js/list_controller.js @@ -5,6 +5,9 @@ import ListController from 'web.ListController'; import { patch } from "@web/core/utils/patch"; import rpc from 'web.rpc'; +import { useService } from "@web/core/utils/hooks"; +import session from 'web.session'; + patch(ListController.prototype, 'model_access_rights/static/src/js/list_controller.js.ListController', { /** * This function will used to hide the selected options from the list view @@ -14,23 +17,42 @@ patch(ListController.prototype, 'model_access_rights/static/src/js/list_controll var user_id = self.initialState.context.uid; var model = self.modelName; await rpc.query({model: 'access.right', method: 'hide_buttons', - args: [[user_id, model]], - }).then(function(data) { - if(data){ - if(data['is_create_or_update']){ - self.activeActions.create = false; - self.activeActions.edit = false; - } - if(data['is_delete']){ - self.activeActions.delete = false; - } - if(data['is_archive']){ - self.archiveEnabled = false; - } - if (data['is_export']) { - self.isExportEnable = false; - } else { - self.isExportEnable = true; + args: [], + }).then(function(result) { + for (var i = 0; i < result.length; i++) { + var group = result[i].module + "." + result[i].group_name + if (self.modelName == result[i].model) { + if (result[i].restriction_type == "group") { + if (session.user_has_group(group)) { + if (!session.is_admin) { + if (result[i].is_create_or_update) { + self.activeActions.create = false; + } + if (result[i].is_export) { + self.isExportEnable = false + self.isExportEnable = false + } + if (result[i].is_delete) { + self.activeActions.delete = false; + } + } + } + } else { + if (user_id == result[i].user[0]) { + if (!this.user.isAdmin) { + if (result[i].is_create_or_update) { + self.activeActions.create = false; + } + if (result[i].is_export) { + self.isExportEnable = false + self.isExportEnable = false + } + if (result[i].is_delete) { + self.activeActions.delete = false; + } + } + } + } } } });