Sales - Workflow and Organization

Merge lp:~learts92/sale-wkfl/7.0-add-sale-order-authorized-users into lp:~sale-core-editors/sale-wkfl/7.0

  1. 7.0-add-sale-order-authorized-users
  2. Merge into 7.0
Proposed by Leonardo Donelli
Status: Needs review
Proposed branch: lp:~learts92/sale-wkfl/7.0-add-sale-order-authorized-users
Merge into: lp:~sale-core-editors/sale-wkfl/7.0
Diff against target: 140 lines (+114/-0)
5 files modified
sale_order_authorized_users/__init__.py (+2/-0)
sale_order_authorized_users/__openerp__.py (+47/-0)
sale_order_authorized_users/sale.py (+34/-0)
sale_order_authorized_users/sale_view.xml (+18/-0)
sale_order_authorized_users/security/hide_sale_orders_security.xml (+13/-0)
To merge this branch: bzr merge lp:~learts92/sale-wkfl/7.0-add-sale-order-authorized-users
Reviewer Review Type Date Requested Status
Pedro Manuel Baeza Needs Resubmitting
Review via email: mp+227325@code.launchpad.net

Description of the change

Let Admin (or any user in the base.group_erp_manager) choose, for each sale order,
which users will be able to access and see it. Any other user won't be able
to see it.
If no users are set, the sale order has normal permissions.
The field to set allowed users will be visibile only to admin, which makes it
possible to make the users unaware of this feature.

Things that could be improved:
 - Tests?
 - create security rule also for sale_order_line if it's not automatic.

It's not 100% secure atm, but probably good enough for normal users.

To post a comment you must log in.
lp:~learts92/sale-wkfl/7.0-add-sale-order-authorized-users updated
50. By Leonardo Donelli

Fix import and copyright notice.

Revision history for this message
Pedro Manuel Baeza (pedro.baeza) wrote :

This project is now hosted on https://github.com/OCA/sale-workflow. Please move your proposal there. This guide may help you https://github.com/OCA/maintainers-tools/wiki/How-to-move-a-Merge-Proposal-to-GitHub

review: Needs Resubmitting
Reply

Unmerged revisions

50. By Leonardo Donelli

Fix import and copyright notice.

49. By Leonardo Donelli

New module sale_order_authorized_users

Let Admin (or any user in the base.group_erp_manager) choose, for each sale order,
which users will be able to access and see it. Any other user won't be able
to see it.
If no users are set, the sale order has normal permissions.
The field to set allowed users will be visibile only to admin, which makes it
possible to make the users unaware of this feature and that some orders are
hidden from them.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== added directory 'sale_order_authorized_users'
=== added file 'sale_order_authorized_users/__init__.py'
--- sale_order_authorized_users/__init__.py 1970-01-01 00:00:00 +0000
+++ sale_order_authorized_users/__init__.py 2014-07-18 13:58:09 +0000
@@ -0,0 +1,2 @@
1from . import sale
2
03
=== added file 'sale_order_authorized_users/__openerp__.py'
--- sale_order_authorized_users/__openerp__.py 1970-01-01 00:00:00 +0000
+++ sale_order_authorized_users/__openerp__.py 2014-07-18 13:58:09 +0000
@@ -0,0 +1,47 @@
1# -*- coding: utf-8 -*-
2##############################################################################
3#
4# Author: Leonardo Donelli @ Creativi Quadrati
5# Copyright (C) 2014 Leonardo Donelli
6#
7# This program is free software: you can redistribute it and/or modify
8# it under the terms of the GNU Affero General Public License as
9# published by the Free Software Foundation, either version 3 of the
10# License, or (at your option) any later version.
11#
12# This program is distributed in the hope that it will be useful,
13# but WITHOUT ANY WARRANTY; without even the implied warranty of
14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15# GNU Affero General Public License for more details.
16#
17# You should have received a copy of the GNU Affero General Public License
18# along with this program. If not, see <http://www.gnu.org/licenses/>.
19#
20##############################################################################
21
22
23{
24 'name': 'Sale Order Authorized Users',
25 'version': '1.0',
26 'category': 'Sale',
27 'summary': 'Sale orders, Security, Permissions, Users',
28 'description': """
29Sale Order Authorized Users
30======================================
31
32Let Admin (or any user in the base.group_erp_manager) choose, for each sale order,
33which users will be able to access and see it. Any other user won't be able
34to see it.
35If no users are set, the sale order has normal permissions.
36The field to set allowed users will be visibile only to admin, which makes it
37possible to make the users unaware of this feature.
38""",
39 'author': 'Leonardo Donelli @ Creativi Quadrati',
40 'depends': ['sale'],
41 'data': [
42 'sale_view.xml',
43 'security/hide_sale_orders_security.xml',
44 ],
45 'installable': True,
46 'auto_install': False,
47}
048
=== added file 'sale_order_authorized_users/sale.py'
--- sale_order_authorized_users/sale.py 1970-01-01 00:00:00 +0000
+++ sale_order_authorized_users/sale.py 2014-07-18 13:58:09 +0000
@@ -0,0 +1,34 @@
1# -*- coding: utf-8 -*-
2##############################################################################
3#
4# Author: Leonardo Donelli @ Creativi Quadrati
5# Copyright 2014 Leonardo Donelli
6# This program is free software: you can redistribute it and/or modify
7# it under the terms of the GNU Affero General Public License as
8# published by the Free Software Foundation, either version 3 of the
9# License, or (at your option) any later version.
10#
11# This program is distributed in the hope that it will be useful,
12# but WITHOUT ANY WARRANTY; without even the implied warranty of
13# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14# GNU Affero General Public License for more details.
15#
16# You should have received a copy of the GNU Affero General Public License
17# along with this program. If not, see <http://www.gnu.org/licenses/>.
18#
19##############################################################################
20from openerp.osv import orm, fields
21
22class sale_order(orm.Model):
23 _inherit = 'sale.order'
24
25 _columns = {
26 'allowed_users_ids': fields.many2many(
27 'res.users',
28 'sale_order_res_users_rel',
29 'sale_order_id',
30 'user_id',
31 'Allowed Users',
32 groups='base.group_erp_manager',
33 ),
34 }
035
=== added file 'sale_order_authorized_users/sale_view.xml'
--- sale_order_authorized_users/sale_view.xml 1970-01-01 00:00:00 +0000
+++ sale_order_authorized_users/sale_view.xml 2014-07-18 13:58:09 +0000
@@ -0,0 +1,18 @@
1<?xml version="1.0"?>
2<openerp>
3 <data>
4
5 <!-- Partners inherited form -->
6 <record id="view_order_form_allowed_users" model="ir.ui.view">
7 <field name="name">sale.order.form.allowed.users</field>
8 <field name="model">sale.order</field>
9 <field name="inherit_id" ref="sale.view_order_form"/>
10 <field name="arch" type="xml">
11 <field name="client_order_ref" position="after">
12 <field name="allowed_users_ids" widget="many2many_tags"/>
13 </field>
14 </field>
15 </record>
16
17 </data>
18</openerp>
019
=== added directory 'sale_order_authorized_users/security'
=== added file 'sale_order_authorized_users/security/hide_sale_orders_security.xml'
--- sale_order_authorized_users/security/hide_sale_orders_security.xml 1970-01-01 00:00:00 +0000
+++ sale_order_authorized_users/security/hide_sale_orders_security.xml 2014-07-18 13:58:09 +0000
@@ -0,0 +1,13 @@
1<?xml version="1.0" encoding="utf-8"?>
2<openerp>
3 <data noupdate="0">
4
5 <record model="ir.rule" id="rule_hidden_orders">
6 <field name="name">Hidden orders</field>
7 <field name="model_id" ref="model_sale_order" />
8 <field name="global" eval="True" />
9 <field name="domain_force">['|',('allowed_users_ids','in',user.id),('allowed_users_ids','=',False)]</field>
10 </record>
11
12 </data>
13</openerp>

Subscribers

People subscribed via source and target branches