Merge lp:~openerp-dev/openerp-web/6.1-opw-578551-msh into lp:openerp-web/6.1
| Status: | Needs review |
|---|---|
| Proposed branch: | lp:~openerp-dev/openerp-web/6.1-opw-578551-msh |
| Merge into: | lp:openerp-web/6.1 |
| Diff against target: |
50 lines (+11/-6) 2 files modified
addons/web/static/src/js/data.js (+1/-0) addons/web/static/src/js/view_form.js (+10/-6) |
| To merge this branch: | bzr merge lp:~openerp-dev/openerp-web/6.1-opw-578551-msh |
| Related bugs: |
| Reviewer | Review Type | Date Requested | Status |
|---|---|---|---|
| OpenERP Core Team | Pending | ||
|
Review via email:
|
|||
Description of the change
Hello,
Fixed the issue of one2many which sending extra values as a link_to tuple hence for that write is called, due to which access error is generated for the user who has only create access not write access.
Demo :- Edit the access right for any user -> Settings -> Security -> Access Control List -> Search for the Attendance object -> Changed the rights for "Human Resource / Employee" Group remove the write access.
Now Go to Human Resource -> Attendances -> Attendances edit any record and create one one2many line nothing else and save the record.
Result :- It will give access error that user don't have write access, even though record is not edited we have just created a one2many record, which will call create of one2many but due to extra link_to record write is called.
Expected :- Here user didn't touch other field of the form and just created the one2many record, so only that record should be send to server to create, but here other one2many records are also sended with to_link tuple, behaviour should be if there is to_link record then and then tuple (4, id, false) created otherwise only to_create i.e. (0,0,values) should go as a data.
Thanks.
Unmerged revisions
- 2448. By Mohammed Shekha(Open ERP)
-
[FIX]Fixed the issue of one2many access rights, one2many sends unnecessary values as a link_to.
