Sales - Workflow and Organization

Merge lp:~learts92/sale-wkfl/7.0-add-sale-order-authorized-users into lp:~sale-core-editors/sale-wkfl/7.0

  1. 7.0-add-sale-order-authorized-users
  2. Merge into 7.0
Proposed by Leonardo Donelli
Status: Needs review
Proposed branch: lp:~learts92/sale-wkfl/7.0-add-sale-order-authorized-users
Merge into: lp:~sale-core-editors/sale-wkfl/7.0
Diff against target: 140 lines (+114/-0)
5 files modified
sale_order_authorized_users/__init__.py (+2/-0)
sale_order_authorized_users/__openerp__.py (+47/-0)
sale_order_authorized_users/sale.py (+34/-0)
sale_order_authorized_users/sale_view.xml (+18/-0)
sale_order_authorized_users/security/hide_sale_orders_security.xml (+13/-0)
To merge this branch: bzr merge lp:~learts92/sale-wkfl/7.0-add-sale-order-authorized-users
Reviewer Review Type Date Requested Status
Pedro Manuel Baeza Needs Resubmitting
Review via email: mp+227325@code.launchpad.net

Description of the change

Let Admin (or any user in the base.group_erp_manager) choose, for each sale order,
which users will be able to access and see it. Any other user won't be able
to see it.
If no users are set, the sale order has normal permissions.
The field to set allowed users will be visibile only to admin, which makes it
possible to make the users unaware of this feature.

Things that could be improved:
 - Tests?
 - create security rule also for sale_order_line if it's not automatic.

It's not 100% secure atm, but probably good enough for normal users.

To post a comment you must log in.
lp:~learts92/sale-wkfl/7.0-add-sale-order-authorized-users updated
50. By Leonardo Donelli

Fix import and copyright notice.

Revision history for this message
Pedro Manuel Baeza (pedro.baeza) wrote :

This project is now hosted on https://github.com/OCA/sale-workflow. Please move your proposal there. This guide may help you https://github.com/OCA/maintainers-tools/wiki/How-to-move-a-Merge-Proposal-to-GitHub

review: Needs Resubmitting
Reply

Unmerged revisions

50. By Leonardo Donelli

Fix import and copyright notice.

49. By Leonardo Donelli

New module sale_order_authorized_users

Let Admin (or any user in the base.group_erp_manager) choose, for each sale order,
which users will be able to access and see it. Any other user won't be able
to see it.
If no users are set, the sale order has normal permissions.
The field to set allowed users will be visibile only to admin, which makes it
possible to make the users unaware of this feature and that some orders are
hidden from them.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== added directory 'sale_order_authorized_users'
2=== added file 'sale_order_authorized_users/__init__.py'
3--- sale_order_authorized_users/__init__.py 1970-01-01 00:00:00 +0000
4+++ sale_order_authorized_users/__init__.py 2014-07-18 13:58:09 +0000
5@@ -0,0 +1,2 @@
6+from . import sale
7+
8
9=== added file 'sale_order_authorized_users/__openerp__.py'
10--- sale_order_authorized_users/__openerp__.py 1970-01-01 00:00:00 +0000
11+++ sale_order_authorized_users/__openerp__.py 2014-07-18 13:58:09 +0000
12@@ -0,0 +1,47 @@
13+# -*- coding: utf-8 -*-
14+##############################################################################
15+#
16+# Author: Leonardo Donelli @ Creativi Quadrati
17+# Copyright (C) 2014 Leonardo Donelli
18+#
19+# This program is free software: you can redistribute it and/or modify
20+# it under the terms of the GNU Affero General Public License as
21+# published by the Free Software Foundation, either version 3 of the
22+# License, or (at your option) any later version.
23+#
24+# This program is distributed in the hope that it will be useful,
25+# but WITHOUT ANY WARRANTY; without even the implied warranty of
26+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
27+# GNU Affero General Public License for more details.
28+#
29+# You should have received a copy of the GNU Affero General Public License
30+# along with this program. If not, see <http://www.gnu.org/licenses/>.
31+#
32+##############################################################################
33+
34+
35+{
36+ 'name': 'Sale Order Authorized Users',
37+ 'version': '1.0',
38+ 'category': 'Sale',
39+ 'summary': 'Sale orders, Security, Permissions, Users',
40+ 'description': """
41+Sale Order Authorized Users
42+======================================
43+
44+Let Admin (or any user in the base.group_erp_manager) choose, for each sale order,
45+which users will be able to access and see it. Any other user won't be able
46+to see it.
47+If no users are set, the sale order has normal permissions.
48+The field to set allowed users will be visibile only to admin, which makes it
49+possible to make the users unaware of this feature.
50+""",
51+ 'author': 'Leonardo Donelli @ Creativi Quadrati',
52+ 'depends': ['sale'],
53+ 'data': [
54+ 'sale_view.xml',
55+ 'security/hide_sale_orders_security.xml',
56+ ],
57+ 'installable': True,
58+ 'auto_install': False,
59+}
60
61=== added file 'sale_order_authorized_users/sale.py'
62--- sale_order_authorized_users/sale.py 1970-01-01 00:00:00 +0000
63+++ sale_order_authorized_users/sale.py 2014-07-18 13:58:09 +0000
64@@ -0,0 +1,34 @@
65+# -*- coding: utf-8 -*-
66+##############################################################################
67+#
68+# Author: Leonardo Donelli @ Creativi Quadrati
69+# Copyright 2014 Leonardo Donelli
70+# This program is free software: you can redistribute it and/or modify
71+# it under the terms of the GNU Affero General Public License as
72+# published by the Free Software Foundation, either version 3 of the
73+# License, or (at your option) any later version.
74+#
75+# This program is distributed in the hope that it will be useful,
76+# but WITHOUT ANY WARRANTY; without even the implied warranty of
77+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
78+# GNU Affero General Public License for more details.
79+#
80+# You should have received a copy of the GNU Affero General Public License
81+# along with this program. If not, see <http://www.gnu.org/licenses/>.
82+#
83+##############################################################################
84+from openerp.osv import orm, fields
85+
86+class sale_order(orm.Model):
87+ _inherit = 'sale.order'
88+
89+ _columns = {
90+ 'allowed_users_ids': fields.many2many(
91+ 'res.users',
92+ 'sale_order_res_users_rel',
93+ 'sale_order_id',
94+ 'user_id',
95+ 'Allowed Users',
96+ groups='base.group_erp_manager',
97+ ),
98+ }
99
100=== added file 'sale_order_authorized_users/sale_view.xml'
101--- sale_order_authorized_users/sale_view.xml 1970-01-01 00:00:00 +0000
102+++ sale_order_authorized_users/sale_view.xml 2014-07-18 13:58:09 +0000
103@@ -0,0 +1,18 @@
104+<?xml version="1.0"?>
105+<openerp>
106+ <data>
107+
108+ <!-- Partners inherited form -->
109+ <record id="view_order_form_allowed_users" model="ir.ui.view">
110+ <field name="name">sale.order.form.allowed.users</field>
111+ <field name="model">sale.order</field>
112+ <field name="inherit_id" ref="sale.view_order_form"/>
113+ <field name="arch" type="xml">
114+ <field name="client_order_ref" position="after">
115+ <field name="allowed_users_ids" widget="many2many_tags"/>
116+ </field>
117+ </field>
118+ </record>
119+
120+ </data>
121+</openerp>
122
123=== added directory 'sale_order_authorized_users/security'
124=== added file 'sale_order_authorized_users/security/hide_sale_orders_security.xml'
125--- sale_order_authorized_users/security/hide_sale_orders_security.xml 1970-01-01 00:00:00 +0000
126+++ sale_order_authorized_users/security/hide_sale_orders_security.xml 2014-07-18 13:58:09 +0000
127@@ -0,0 +1,13 @@
128+<?xml version="1.0" encoding="utf-8"?>
129+<openerp>
130+ <data noupdate="0">
131+
132+ <record model="ir.rule" id="rule_hidden_orders">
133+ <field name="name">Hidden orders</field>
134+ <field name="model_id" ref="model_sale_order" />
135+ <field name="global" eval="True" />
136+ <field name="domain_force">['|',('allowed_users_ids','in',user.id),('allowed_users_ids','=',False)]</field>
137+ </record>
138+
139+ </data>
140+</openerp>

Subscribers

People subscribed via source and target branches