Project for Service Management

Merge lp:~dreis-pt/project-service/7.0-baseuser-dr into lp:~project-core-editors/project-service/trunk

  1. 7.0-baseuser-dr
  2. Merge into trunk
Proposed by Daniel Reis
Status: Merged
Merged at revision: 28
Proposed branch: lp:~dreis-pt/project-service/7.0-baseuser-dr
Merge into: lp:~project-core-editors/project-service/trunk
Diff against target: 511 lines (+446/-0)
12 files modified
project_baseuser/__init__.py (+2/-0)
project_baseuser/__openerp__.py (+96/-0)
project_baseuser/i18n/project_baseuser.pot (+21/-0)
project_baseuser/project_view.xml (+12/-0)
project_baseuser/security/ir.model.access.csv (+8/-0)
project_baseuser/security/project_security.xml (+118/-0)
project_issue_baseuser/__init__.py (+3/-0)
project_issue_baseuser/__openerp__.py (+46/-0)
project_issue_baseuser/i18n/project_issue_baseuser.pot (+21/-0)
project_issue_baseuser/project_issue.py (+43/-0)
project_issue_baseuser/security/ir.model.access.csv (+4/-0)
project_issue_baseuser/security/project_security.xml (+72/-0)
To merge this branch: bzr merge lp:~dreis-pt/project-service/7.0-baseuser-dr
Reviewer Review Type Date Requested Status
Maxime Chambreuil (http://www.savoirfairelinux.com) code review Approve
Joël Grand-Guillaume @ camptocamp code review, no tests Approve
Review via email: mp+195183@code.launchpad.net

Description of the change

Added new features: Extend Project user roles to support more complex use cases.

Highlights:
* Regular "Employees" can create Tasks or Issues, but have read-only access when they are initiated.
* Projects can be private to a particular Manager and Team (Project Manager no longer sees everything from everyone)

It's being used in a production instance right now.

To post a comment you must log in.
lp:~dreis-pt/project-service/7.0-baseuser-dr updated
29. By Daniel Reis

Add i18n pot files; minor adjustments

Revision history for this message
Joël Grand-Guillaume @ camptocamp (jgrandguillaume-c2c) wrote :

Hi,

Thanks for the contribs ! Just a remark:

 * Line 6, 14, 173, 297, 305, 441: use -*- coding: utf-8 -*- as encoding is deprecated

Bu otherwise good, I won't block this for that. Just to let you know !

Regards,

Joël

review: Approve (code review, no tests)
lp:~dreis-pt/project-service/7.0-baseuser-dr updated
30. By Daniel Reis

Fix encoding -> coding

Revision history for this message
Daniel Reis (dreis-pt) wrote :

Fixed.

Revision history for this message
Maxime Chambreuil (http://www.savoirfairelinux.com) (max3903) :
review: Approve (code review)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== added directory 'project_baseuser'
=== added file 'project_baseuser/__init__.py'
--- project_baseuser/__init__.py 1970-01-01 00:00:00 +0000
+++ project_baseuser/__init__.py 2013-12-16 09:26:49 +0000
@@ -0,0 +1,2 @@
1# -*- coding: utf-8 -*-
2pass
03
=== added file 'project_baseuser/__openerp__.py'
--- project_baseuser/__openerp__.py 1970-01-01 00:00:00 +0000
+++ project_baseuser/__openerp__.py 2013-12-16 09:26:49 +0000
@@ -0,0 +1,96 @@
1# -*- coding: utf-8 -*-
2##############################################################################
3#
4# Daniel Reis, 2013
5#
6# This program is free software: you can redistribute it and/or modify
7# it under the terms of the GNU Affero General Public License as published by
8# the Free Software Foundation, either version 3 of the License, or
9# (at your option) any later version.
10#
11# This program is distributed in the hope that it will be useful,
12# but WITHOUT ANY WARRANTY; without even the implied warranty of
13# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14# GNU Affero General Public License for more details.
15#
16# You should have received a copy of the GNU Affero General Public License
17# along with this program. If not, see <http://www.gnu.org/licenses/>.
18#
19##############################################################################
20
21{
22 'name': 'Projects extensions for user roles',
23 'version': '1.0',
24 'category': 'Project Management',
25 'summary': 'Extend Project user roles to support more complex use cases',
26 'description': """\
27Employees are now basic Project users, able to create new documents (Issues
28or Tasks). These are kept editable while in New and Cancelled states, to
29allow for corrections or for the user himself to cancel an incorretly
30created request.
31Previously, Employee users did not have any write nor craete access to project
32documents.
33
34Project Users, on the other hand, are supposed to act on these documents,
35sucha as reported issues, and update them accordingly, so they have write
36access for all states. Employee users don't have write access on later states,
37but can still write comments and communicate through the message board (open
38chatter).
39
40In general, users will only be able to see documents where:
41
42 * They are assigned/responsible for, or
43 * They are following, or
44 * They are a team member for the corresponding Project (but not if only in
45 the project's follower list).
46
47
48Project Managers have access rules similar to Project Users, but additionally
49can create new projects and can see all documents for the projects they are
50the Manager.
51As a consequence, Project Managers no longer have inconditional access to all
52Tasks and Issues, and will only be able to edit the definitions of Projects
53they manage.
54
55This makes it possible for a Project Manager to have private projects that
56other users, Project Managers inlcuded, will not be able to see. They will
57need to be added as followers or team members to able to see it.
58
59Public Projects and their documents are still visible to everyone.
60Portal users access rules are kept unchanged.
61
62
63---------------------
64Access Rules summary:
65---------------------
66
67Employee Users
68 Can see only documents followed or responebile for (in "user_id").
69 Can create new documents and edit them while in "New"/"Cancelled" states.
70
71Project Users
72 Can edit Project Issues and Tasks in any stage/state.
73 Can see all documents for projects they are followers on team memebers.
74 Can see only documents followed or assigned to for other projects.
75
76Project Managers
77 Can create new projects and edit their attributes.
78 Can see all documents (Tasks or Issues) but only for their managed
79 projects.
80 For the other Projects, will see only followed documents, just like the
81 other users.
82
83""",
84 'author': 'Daniel Reis',
85 'depends': [
86 'project',
87 ],
88 'data': [
89 'project_view.xml',
90 'security/ir.model.access.csv',
91 'security/project_security.xml',
92 ],
93 'installable': True,
94}
95
96# vim:expandtab:smartindent:tabstop=4:softtabstop=4:shiftwidth=4:
097
=== added directory 'project_baseuser/i18n'
=== added file 'project_baseuser/i18n/project_baseuser.pot'
--- project_baseuser/i18n/project_baseuser.pot 1970-01-01 00:00:00 +0000
+++ project_baseuser/i18n/project_baseuser.pot 2013-12-16 09:26:49 +0000
@@ -0,0 +1,21 @@
1# Translation of OpenERP Server.
2# This file contains the translation of the following modules:
3#
4msgid ""
5msgstr ""
6"Project-Id-Version: OpenERP Server 7.0\n"
7"Report-Msgid-Bugs-To: \n"
8"POT-Creation-Date: 2013-11-14 09:32+0000\n"
9"PO-Revision-Date: 2013-11-14 09:32+0000\n"
10"Last-Translator: <>\n"
11"Language-Team: \n"
12"MIME-Version: 1.0\n"
13"Content-Type: text/plain; charset=UTF-8\n"
14"Content-Transfer-Encoding: \n"
15"Plural-Forms: \n"
16
17#. module: project_baseuser
18#: model:ir.model,name:project_baseuser.model_project_task
19msgid "Task"
20msgstr ""
21
022
=== added file 'project_baseuser/project_view.xml'
--- project_baseuser/project_view.xml 1970-01-01 00:00:00 +0000
+++ project_baseuser/project_view.xml 2013-12-16 09:26:49 +0000
@@ -0,0 +1,12 @@
1<?xml version="1.0"?>
2<openerp>
3 <data>
4
5 <!-- Top menu item also visible for Employees -->
6 <menuitem name="Project"
7 id="base.menu_main_pm"
8 groups="project.group_project_manager,project.group_project_user,base.group_user"
9 sequence="40"/>
10
11 </data>
12</openerp>
013
=== added directory 'project_baseuser/security'
=== added file 'project_baseuser/security/ir.model.access.csv'
--- project_baseuser/security/ir.model.access.csv 1970-01-01 00:00:00 +0000
+++ project_baseuser/security/ir.model.access.csv 2013-12-16 09:26:49 +0000
@@ -0,0 +1,8 @@
1id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
2access_project_empl,project_empl,project.model_project_project,base.group_user,1,0,0,0
3access_account_analytic_account_empl,account_analytic_account_empl,analytic.model_account_analytic_account,base.group_user,1,0,0,0
4access_project_task_empl,project.task.employees,project.model_project_task,base.group_user,1,1,1,0
5access_project_task_type_empl,project.task.type.employees,project.model_project_task_type,base.group_user,1,0,0,0
6access_project_task_work_empl,project.task.work.employees,project.model_project_task_work,base.group_user,1,0,0,0
7access_project_task_history_empl,project.task.history.employees,project.model_project_task_history,base.group_user,1,0,1,0
8access_project_task_hist_cum_empl,project.task.history.cumulative.employees,project.model_project_task_history_cumulative,base.group_user,1,0,1,0
09
=== added file 'project_baseuser/security/project_security.xml'
--- project_baseuser/security/project_security.xml 1970-01-01 00:00:00 +0000
+++ project_baseuser/security/project_security.xml 2013-12-16 09:26:49 +0000
@@ -0,0 +1,118 @@
1<?xml version="1.0" coding="utf-8"?>
2<openerp>
3 <data noupdate="1">
4
5 <!--
6 PROJECT access rules
7 -->
8
9 <!-- Project Managers (modified): no longer see all projects: will have same visibility rules as Project Users -->
10 <record model="ir.rule" id="project.project_project_manager_rule">
11 <field name="name">Project: project manager: does not see all (modified)</field>
12 <field name="domain_force">[]</field>
13 <!-- Original data:
14 <field name="model_id" ref="model_project_project"/>
15 <field name="domain_force">[(1, '=', 1)]</field>
16 <field name="groups" eval="[(4,ref('project.group_project_manager'))]"/>
17 -->
18 <field name="perm_read" eval="True"/>
19 <field name="perm_create" eval="False"/>
20 <field name="perm_write" eval="False"/>
21 <field name="perm_unlink" eval="False"/>
22 </record>
23
24
25 <!-- Project Managers (new): can edit only managed projects -->
26 <record model="ir.rule" id="project_project_manager_rule_write">
27 <field name="name">Project: project manager: EDIT only managed projects</field>
28 <field name="model_id" ref="project.model_project_project"/>
29 <field name="domain_force">[('user_id', '=', user.id)]</field>
30 <field name="groups" eval="[(4,ref('project.group_project_manager'))]"/>
31 <field name="perm_read" eval="True"/>
32 <field name="perm_create" eval="True"/>
33 <field name="perm_write" eval="True"/>
34 <field name="perm_unlink" eval="True"/>
35 </record>
36
37
38 <!-- Employees (modified): Projects also visible to team members not in followers list -->
39 <record model="ir.rule" id="project.project_public_members_rule">
40 <field name="name">Project: employees: public, employees, followers or team members (modified)</field>
41 <field name="domain_force">['|','|',
42 ('privacy_visibility', 'in', ['public', 'portal', 'employees']),
43 ('message_follower_ids', 'in', [user.partner_id.id]),
44 ('members', 'in', [user.id]),
45 ]</field>
46 </record>
47
48
49 <!--
50 TASK access rules
51 -->
52
53 <!-- Project Managers (modified): no longer sees all Tasks - only so for Projects they Manage -->
54 <record model="ir.rule" id="project.project_manager_all_project_tasks_rule">
55 <field name="name">Project/Task: project manager: see all in managed projects (modified)</field>
56 <field name="domain_force">[('project_id.user_id', '=', user.id)]</field>
57 <!-- Original data:
58 <field name="model_id" ref="model_project_task"/>
59 <field name="domain_force">[(1, '=', 1)]</field>
60 <field name="groups" eval="[(4,ref('project.group_project_manager'))]"/>
61 -->
62 </record>
63
64
65 <!-- Project Users (new): can access public, followed/member or assigned -->
66 <record model="ir.rule" id="task_project_user_visibility_rule">
67 <field name="name">Project/Task: project users: public, followed/member or assigned</field>
68 <field name="model_id" ref="project.model_project_task"/>
69 <field name="domain_force">['|','|','|',
70 ('user_id', '=', user.id),
71 ('project_id.privacy_visibility', 'in', ['public']),
72 ('message_follower_ids', 'in', [user.partner_id.id]),
73 ('project_id.members', 'in', [user.id]),
74 ]</field>
75 <field name="groups" eval="[(4,ref('project.group_project_user'))]"/>
76 <field name="perm_read" eval="True"/>
77 <field name="perm_create" eval="True"/>
78 <field name="perm_write" eval="True"/>
79 <field name="perm_unlink" eval="False"/>
80 </record>
81
82
83 <!-- Employees (modified): can access public or followed; can edit only in "draft" and "cancelled" states -->
84 <record model="ir.rule" id="project.task_visibility_rule">
85 <field name="name">Project/Task: employees READ: public or followed /member</field>
86 <field name="domain_force">['|','|','|',
87 ('user_id', '=', user.id),
88 ('project_id.privacy_visibility', 'in', ['public']),
89 ('message_follower_ids', 'in', [user.partner_id.id]),
90 ('project_id.members', 'in', [user.id]),
91 ]</field>
92 <field name="perm_read" eval="True"/>
93 <field name="perm_create" eval="False"/>
94 <field name="perm_write" eval="False"/>
95 <field name="perm_unlink" eval="False"/>
96 </record>
97
98
99 <!-- Employees (new, for limited edit access): can edit public or followed/member, if in "draft" or "cancelled" states -->
100 <record model="ir.rule" id="task_visibility_rule_write">
101 <field name="name">Project/Task: employees WRITE: public or followed/member</field>
102 <field name="model_id" ref="project.model_project_task"/>
103 <field name="domain_force">['&amp;', ('stage_id.state', 'in', ['draft', 'cancelled', None]),
104 '|','|','|',
105 ('user_id', '=', user.id),
106 ('project_id.privacy_visibility', 'in', ['public']),
107 ('message_follower_ids', 'in', [user.partner_id.id]),
108 ('project_id.members', 'in', [user.id]),
109 ]</field>
110 <field name="groups" eval="[(4,ref('base.group_user'))]"/>
111 <field name="perm_read" eval="True"/>
112 <field name="perm_create" eval="True"/>
113 <field name="perm_write" eval="True"/>
114 <field name="perm_unlink" eval="False"/>
115 </record>
116
117 </data>
118</openerp>
0119
=== added directory 'project_issue_baseuser'
=== added file 'project_issue_baseuser/__init__.py'
--- project_issue_baseuser/__init__.py 1970-01-01 00:00:00 +0000
+++ project_issue_baseuser/__init__.py 2013-12-16 09:26:49 +0000
@@ -0,0 +1,3 @@
1# -*- coding: utf-8 -*-
2import project_issue
3# vim:expandtab:smartindent:tabstop=4:softtabstop=4:shiftwidth=4:
04
=== added file 'project_issue_baseuser/__openerp__.py'
--- project_issue_baseuser/__openerp__.py 1970-01-01 00:00:00 +0000
+++ project_issue_baseuser/__openerp__.py 2013-12-16 09:26:49 +0000
@@ -0,0 +1,46 @@
1# -*- coding: utf-8 -*-
2##############################################################################
3#
4# Daniel Reis, 2013
5#
6# This program is free software: you can redistribute it and/or modify
7# it under the terms of the GNU Affero General Public License as published by
8# the Free Software Foundation, either version 3 of the License, or
9# (at your option) any later version.
10#
11# This program is distributed in the hope that it will be useful,
12# but WITHOUT ANY WARRANTY; without even the implied warranty of
13# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14# GNU Affero General Public License for more details.
15#
16# You should have received a copy of the GNU Affero General Public License
17# along with this program. If not, see <http://www.gnu.org/licenses/>.
18#
19##############################################################################
20
21{
22 'name': 'Projects Issue extensions for user roles',
23 'version': '1.0',
24 'category': 'Project Management',
25 'summary': 'Extend Project user roles to support more complex use cases',
26 'description': """\
27Also implements the Project user role extensions to the Project Issue
28documents.
29
30This module is automatically installed if the Issue Tracker is also installed.
31Please refer to the ``project_baseuser`` module for more details.
32""",
33 'author': 'Daniel Reis',
34 'depends': [
35 'project_issue',
36 'project_baseuser',
37 ],
38 'data': [
39 'security/ir.model.access.csv',
40 'security/project_security.xml',
41 ],
42 'installable': True,
43 'auto_install': True,
44}
45
46# vim:expandtab:smartindent:tabstop=4:softtabstop=4:shiftwidth=4:
047
=== added directory 'project_issue_baseuser/i18n'
=== added file 'project_issue_baseuser/i18n/project_issue_baseuser.pot'
--- project_issue_baseuser/i18n/project_issue_baseuser.pot 1970-01-01 00:00:00 +0000
+++ project_issue_baseuser/i18n/project_issue_baseuser.pot 2013-12-16 09:26:49 +0000
@@ -0,0 +1,21 @@
1# Translation of OpenERP Server.
2# This file contains the translation of the following modules:
3#
4msgid ""
5msgstr ""
6"Project-Id-Version: OpenERP Server 7.0\n"
7"Report-Msgid-Bugs-To: \n"
8"POT-Creation-Date: 2013-11-14 09:33+0000\n"
9"PO-Revision-Date: 2013-11-14 09:33+0000\n"
10"Last-Translator: <>\n"
11"Language-Team: \n"
12"MIME-Version: 1.0\n"
13"Content-Type: text/plain; charset=UTF-8\n"
14"Content-Transfer-Encoding: \n"
15"Plural-Forms: \n"
16
17#. module: project_issue_baseuser
18#: model:ir.model,name:project_issue_baseuser.model_project_issue
19msgid "Project Issue"
20msgstr ""
21
022
=== added file 'project_issue_baseuser/project_issue.py'
--- project_issue_baseuser/project_issue.py 1970-01-01 00:00:00 +0000
+++ project_issue_baseuser/project_issue.py 2013-12-16 09:26:49 +0000
@@ -0,0 +1,43 @@
1# -*- coding: utf-8 -*-
2##############################################################################
3#
4# Copyright (C) 2013 Daniel Reis
5#
6# This program is free software: you can redistribute it and/or modify
7# it under the terms of the GNU Affero General Public License as
8# published by the Free Software Foundation, either version 3 of the
9# License, or (at your option) any later version.
10#
11# This program is distributed in the hope that it will be useful,
12# but WITHOUT ANY WARRANTY; without even the implied warranty of
13# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14# GNU Affero General Public License for more details.
15#
16# You should have received a copy of the GNU Affero General Public License
17# along with this program. If not, see <http://www.gnu.org/licenses/>.
18#
19##############################################################################
20
21from openerp.osv import orm
22
23
24# Backport from trunk(v8) fix required. See Bug#1243628.
25class ProjectIssue(orm.Model):
26 _inherit = 'project.issue'
27
28 def _get_default_partner(self, cr, uid, context=None):
29 """
30 If no other deafult is found, the current user is automatically
31 added as the Contact for the issue.
32 """
33 res = super(ProjectIssue, self
34 )._get_default_partner(cr, uid, context=context)
35 if not res:
36 user = self.pool.get('res.users'
37 ).browse(cr, uid, uid, context=context)
38 res = user.partner_id and user.partner_id.id
39 return res
40
41 _defaults = {
42 'partner_id': lambda s, cr, uid, c: s._get_default_partner(cr, uid, c),
43 }
044
=== added directory 'project_issue_baseuser/security'
=== added file 'project_issue_baseuser/security/ir.model.access.csv'
--- project_issue_baseuser/security/ir.model.access.csv 1970-01-01 00:00:00 +0000
+++ project_issue_baseuser/security/ir.model.access.csv 2013-12-16 09:26:49 +0000
@@ -0,0 +1,4 @@
1id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
2access_project_issue_user,project.issue.employees,project_issue.model_project_issue,base.group_user,1,1,1,0
3access_project_issue_version,project.issue.version.employee,project_issue.model_project_issue_version,base.group_user,1,0,0,0
4access_crm_case_section,crm.case.section.employees,crm.model_crm_case_section,base.group_user,1,0,0,0
05
=== added file 'project_issue_baseuser/security/project_security.xml'
--- project_issue_baseuser/security/project_security.xml 1970-01-01 00:00:00 +0000
+++ project_issue_baseuser/security/project_security.xml 2013-12-16 09:26:49 +0000
@@ -0,0 +1,72 @@
1<?xml version="1.0" coding="utf-8"?>
2<openerp>
3 <data noupdate="1">
4
5
6 <!-- Project Managers (modified): now can access all documents *only in own projects* -->
7 <record model="ir.rule" id="project_issue.issue_project_manager_rule">
8 <field name="name">Project/Issue: project managers: sees all for Managed projects (modified)</field>
9 <field name="domain_force">[('user_id', '=', user.id)]</field>
10 <!-- Standard rule:
11 <field name="model_id" ref="model_project_issue"/>
12 <field name="domain_force">[(1, '=', 1)]</field>
13 <field name="groups" eval="[(4,ref('project.group_project_manager'))]"/>
14 -->
15 </record>
16
17
18 <!-- Project Users (new): can access public, followed/member or assigned -->
19 <record model="ir.rule" id="issue_employee_rule_read">
20 <field name="name">Project/Issue: project users: public, following/member or assigned</field>
21 <field name="model_id" ref="project_issue.model_project_issue"/>
22 <field name="domain_force">['|', '|','|',
23 ('user_id', '=', user.id),
24 ('project_id.privacy_visibility', 'in', ['public']),
25 ('message_follower_ids', 'in', [user.partner_id.id]),
26 ('project_id.members', 'in', [user.id]),
27 ]</field>
28 <field name="groups" eval="[(4,ref('project.group_project_user'))]"/>
29 <field name="perm_read" eval="True"/>
30 <field name="perm_create" eval="True"/>
31 <field name="perm_write" eval="True"/>
32 <field name="perm_unlink" eval="False"/>
33 </record>
34
35
36 <!-- Employees (modified): can access public or followed/member; can edit only in "draft" and "cancelled" states -->
37 <record model="ir.rule" id="project_issue.issue_user_rule">
38 <field name="name">Project/Issue: employees: READ public or followed/member)</field>
39 <field name="domain_force">['|','|','|',
40 ('user_id', '=', user.id),
41 ('project_id.privacy_visibility', 'in', ['public']),
42 ('message_follower_ids', 'in', [user.partner_id.id]),
43 ('project_id.members', 'in', [user.id]),
44 ]</field>
45 <field name="perm_read" eval="True"/>
46 <field name="perm_create" eval="False"/>
47 <field name="perm_write" eval="False"/>
48 <field name="perm_unlink" eval="False"/>
49 </record>
50
51
52 <!-- Employees (new for limited edit access): can edit public or followed/member, if in "draft" or "cancelled" states -->
53 <record model="ir.rule" id="issue_employee_rule_write">
54 <field name="name">Project/Issue: employees: WRITE public or followed/member</field>
55 <field name="model_id" ref="project_issue.model_project_issue"/>
56 <field name="domain_force">['&amp;', ('stage_id.state', 'in', ['draft', 'cancelled', None]),
57 '|','|','|',
58 ('user_id', '=', user.id),
59 ('project_id.privacy_visibility', 'in', ['public']),
60 ('message_follower_ids', 'in', [user.partner_id.id]),
61 ('project_id.members', 'in', [user.id]),
62 ]</field>
63 <field name="groups" eval="[(4,ref('base.group_user'))]"/>
64 <field name="perm_read" eval="True"/>
65 <field name="perm_create" eval="True"/>
66 <field name="perm_write" eval="True"/>
67 <field name="perm_unlink" eval="False"/>
68 </record>
69
70
71 </data>
72</openerp>

Subscribers

People subscribed via source and target branches