Odoo Web Client

Merge lp:~openerp-dev/openobject-client-web/6.0-opw-580592-xal into lp:openobject-client-web

  1. 6.0-opw-580592-xal
  2. Merge into 6.0
Proposed by Xavier ALT
Status: Needs review
Proposed branch: lp:~openerp-dev/openobject-client-web/6.0-opw-580592-xal
Merge into: lp:openobject-client-web
Diff against target: 129 lines (+39/-9)
3 files modified
addons/openerp/controllers/form.py (+1/-1)
addons/openerp/controllers/openo2m.py (+33/-2)
addons/openerp/static/javascript/m2o.js (+5/-6)
To merge this branch: bzr merge lp:~openerp-dev/openobject-client-web/6.0-opw-580592-xal
Reviewer Review Type Date Requested Status
OpenERP Core Team Pending
Review via email: mp+129654@code.launchpad.net

Description of the change

Hi,

When clicking on a button within a one2many window, web client force data of that record to be rewritten. This can cause permission errors.

The one2many save() has been modified to support filtering only modified datas (like it's done on form save()).

Regards,
Xavier

To post a comment you must log in.
lp:~openerp-dev/openobject-client-web/6.0-opw-580592-xal updated
4889. By Xavier ALT

[FIX] OPW 580592: web: when compararing current and original compare, make sure both arguments are unicode

4890. By Anaël Closson (openerp)

[FIX] OPW 587377 ie stop listening clicks when spam clicking on buttons on a view with m2o

Unmerged revisions

4890. By Anaël Closson (openerp)

[FIX] OPW 587377 ie stop listening clicks when spam clicking on buttons on a view with m2o

4889. By Xavier ALT

[FIX] OPW 580592: web: when compararing current and original compare, make sure both arguments are unicode

4888. By Xavier ALT

[FIX] OPW 580592: web: one2many: when saving one2many data filter data that has not been modified

  - This is necessary when user has no 'write' access on the one2many object,
    and user clic on a button. If user didn't modify the record - write() call
    is not necessary.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'addons/openerp/controllers/form.py'
--- addons/openerp/controllers/form.py 2012-11-05 17:35:08 +0000
+++ addons/openerp/controllers/form.py 2013-03-12 16:01:23 +0000
@@ -421,7 +421,7 @@
421 for field, original_value in original_data.iteritems():421 for field, original_value in original_data.iteritems():
422 if isinstance(original_value, tuple):422 if isinstance(original_value, tuple):
423 original_data[field] = original_value[0]423 original_data[field] = original_value[0]
424 if field in data and data[field] != original_data[field]:424 if field in data and ustr(data[field]) != ustr(original_data[field]):
425 #When field is many2many at that time following code will be applied425 #When field is many2many at that time following code will be applied
426 if isinstance(data[field], list) and isinstance(data[field][0][2], list):426 if isinstance(data[field], list) and isinstance(data[field][0][2], list):
427 if sorted(data[field][0][2]) != sorted(original_data[field]):427 if sorted(data[field][0][2]) != sorted(original_data[field]):
428428
=== modified file 'addons/openerp/controllers/openo2m.py'
--- addons/openerp/controllers/openo2m.py 2012-09-13 15:19:58 +0000
+++ addons/openerp/controllers/openo2m.py 2013-03-12 16:01:23 +0000
@@ -113,6 +113,7 @@
113 params, data = TinyDict.split(kw)113 params, data = TinyDict.split(kw)
114 params.editable = True114 params.editable = True
115115
116 o2m_proxy = rpc.RPCProxy(params.o2m_model)
116 proxy = rpc.RPCProxy(params.parent_model)117 proxy = rpc.RPCProxy(params.parent_model)
117118
118 pprefix = '.'.join(params.o2m.split('/')[:-1])119 pprefix = '.'.join(params.o2m.split('/')[:-1])
@@ -120,11 +121,42 @@
120 if pprefix:121 if pprefix:
121 data = eval(pprefix, TinyDict(**data)).make_dict()122 data = eval(pprefix, TinyDict(**data)).make_dict()
122123
124 fld = params.o2m.split('/')[-1]
125
123 ctx = context_with_concurrency_info(rpc.session.context, params.concurrency_info)126 ctx = context_with_concurrency_info(rpc.session.context, params.concurrency_info)
124 ctx.update(params.parent_context or {})127 ctx.update(params.parent_context or {})
125 ctx.update(params.o2m_context or {})128 ctx.update(params.o2m_context or {})
126129
127 id = proxy.write([params.parent_id], data, ctx)130 ## Before writing, filter data that has not been modified
131 if isinstance(data, dict) and fld in data:
132 fld_data = []
133 fld_ctx = dict((params.o2mcontext or {}), **rpc.session.context)
134 for (op, _id, values) in data[fld]:
135 modified = {}
136 if _id and op == 1: # we're updating that record
137 original_data = o2m_proxy.read(_id, values.keys(), fld_ctx)
138
139 if original_data and isinstance(original_data, dict):
140 for field, original_value in original_data.iteritems():
141 if isinstance(original_value, tuple):
142 original_data[field] = original_value[0]
143 if field in values and ustr(values[field]) != ustr(original_data[field]):
144 #When field is many2many at that time following code will be applied
145 if isinstance(values[field], list) and isinstance(values[field][0][2], list):
146 if sorted(values[field][0][2]) != sorted(original_data[field]):
147 modified[field] = values[field]
148 else:
149 modified[field] = values[field]
150 if modified:
151 fld_data.append((op, _id, modified))
152 # update 'fld' in data, or remove it if there is nothing to be written
153 if fld_data:
154 data[fld] = fld_data
155 else:
156 data.pop(fld, None)
157
158 if data:
159 id = proxy.write([params.parent_id], data, ctx)
128160
129 prefix = params.o2m161 prefix = params.o2m
130 current = params.chain_get(prefix)162 current = params.chain_get(prefix)
@@ -132,7 +164,6 @@
132 params.load_counter = 1164 params.load_counter = 1
133165
134 ids = current.ids166 ids = current.ids
135 fld = params.o2m.split('/')[-1]
136 all_ids = proxy.read([params.parent_id], [fld])[0][fld]167 all_ids = proxy.read([params.parent_id], [fld])[0][fld]
137 new_ids = [i for i in all_ids if i not in ids]168 new_ids = [i for i in all_ids if i not in ids]
138169
139170
=== modified file 'addons/openerp/static/javascript/m2o.js'
--- addons/openerp/static/javascript/m2o.js 2012-08-21 17:19:50 +0000
+++ addons/openerp/static/javascript/m2o.js 2013-03-12 16:01:23 +0000
@@ -31,7 +31,6 @@
31 }31 }
3232
33 this.__init__(name);33 this.__init__(name);
34 self = this;
35};34};
3635
37ManyToOne.prototype.__init__ = function(name) {36ManyToOne.prototype.__init__ = function(name) {
@@ -277,11 +276,11 @@
277 if(evt.target.tagName.toLowerCase() == 'input') {276 if(evt.target.tagName.toLowerCase() == 'input') {
278 var w;277 var w;
279 if(jQuery('#search_filter_data').is(':visible')) {278 if(jQuery('#search_filter_data').is(':visible')) {
280 w = jQuery(evt.currentTarget).width()279 w = jQuery(evt.currentTarget).width();
281 } else {280 } else {
282 w = jQuery(evt.currentTarget).width() + jQuery(idSelector(this.name + '_select')).width();281 w = jQuery(evt.currentTarget).width() + jQuery(idSelector(this.name + '_select')).width();
283 }282 }
284 jQuery('div.autoTextResults[id$="' + this.name + '"]').width(w)283 jQuery('div.autoTextResults[id$="' + this.name + '"]').width(w);
285 }284 }
286 }285 }
287286
@@ -473,7 +472,7 @@
473 context: this.get_context()472 context: this.get_context()
474 }).addCallback(function(obj) {473 }).addCallback(function(obj) {
475 self.eval_domain = obj.domain;474 self.eval_domain = obj.domain;
476 self.eval_context = obj.context475 self.eval_context = obj.context;
477476
478 jQuery.getJSON('/openerp/search/get_matched', {477 jQuery.getJSON('/openerp/search/get_matched', {
479 text: val,478 text: val,
@@ -542,7 +541,7 @@
542 return true;541 return true;
543 }542 }
544 catch(e) {543 catch(e) {
545 error_display(_('error in display::') + e)544 error_display(_('error in display::') + e);
546 }545 }
547};546};
548547
@@ -594,7 +593,7 @@
594 function open($this, options) {593 function open($this, options) {
595 var url;594 var url;
596 if(options.record) {595 if(options.record) {
597 url = '/openerp/openm2o/edit'596 url = '/openerp/openm2o/edit';
598 } else {597 } else {
599 url = '/openerp/search/new';598 url = '/openerp/search/new';
600 }599 }