Odoo Web Client

Merge lp:~openerp-dev/openobject-client-web/6.0-opw-580592-xal into lp:openobject-client-web

6.0-opw-580592-xal
Merge into 6.0

Proposed by Xavier ALT on 2012-10-15

Status:	Needs review
Proposed branch:	lp:~openerp-dev/openobject-client-web/6.0-opw-580592-xal
Merge into:	lp:openobject-client-web
Diff against target:	129 lines (+39/-9) 3 files modified addons/openerp/controllers/form.py (+1/-1) addons/openerp/controllers/openo2m.py (+33/-2) addons/openerp/static/javascript/m2o.js (+5/-6)
To merge this branch:	bzr merge lp:~openerp-dev/openobject-client-web/6.0-opw-580592-xal
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
OpenERP Core Team		2012-10-15	Pending
Review via email: mp+129654@code.launchpad.net

Description of the change

Hi,

When clicking on a button within a one2many window, web client force data of that record to be rewritten. This can cause permission errors.

The one2many save() has been modified to support filtering only modified datas (like it's done on form save()).

Regards,
Xavier

lp:~openerp-dev/openobject-client-web/6.0-opw-580592-xal updated on 2013-03-12

4889. By Xavier ALT on 2012-10-29: [FIX] OPW 580592: web: when compararing current and original compare, make sure both arguments are unicode
4890. By Anaël Closson (openerp) on 2013-03-12: [FIX] OPW 587377 ie stop listening clicks when spam clicking on buttons on a view with m2o

Unmerged revisions

4890. By Anaël Closson (openerp) on 2013-03-12

[FIX] OPW 587377 ie stop listening clicks when spam clicking on buttons on a view with m2o

4889. By Xavier ALT on 2012-10-29

[FIX] OPW 580592: web: when compararing current and original compare, make sure both arguments are unicode

4888. By Xavier ALT on 2012-10-15

[FIX] OPW 580592: web: one2many: when saving one2many data filter data that has not been modified

  - This is necessary when user has no 'write' access on the one2many object,
    and user clic on a button. If user didn't modify the record - write() call
    is not necessary.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Ariel E. Figueroa - http://www.humanytek.com

Arif

Bhumi Thakkar (Open ERP)

Carlos Contreras

Christophe CHAUVET

Dharmesh PATEL@Axelor SARL

Jiten (OpenERP)

Juano

Krisztian Eyssen

Mandip Dave

Michael Lu

Navrang Oza

Nitesh Vaghani

OpenERP Core Team

OpenERP R&D Team

Philippe Préaux

Sananaz (Open ERP)

Vaibhav Darji

kifcaliph

to status/vote changes:

Gustavo Earnshaw

1	=== modified file 'addons/openerp/controllers/form.py'
2	--- addons/openerp/controllers/form.py 2012-11-05 17:35:08 +0000
3	+++ addons/openerp/controllers/form.py 2013-03-12 16:01:23 +0000
4	@@ -421,7 +421,7 @@
5	for field, original_value in original_data.iteritems():
6	if isinstance(original_value, tuple):
7	original_data[field] = original_value[0]
8	- if field in data and data[field] != original_data[field]:
9	+ if field in data and ustr(data[field]) != ustr(original_data[field]):
10	#When field is many2many at that time following code will be applied
11	if isinstance(data[field], list) and isinstance(data[field][0][2], list):
12	if sorted(data[field][0][2]) != sorted(original_data[field]):
13
14	=== modified file 'addons/openerp/controllers/openo2m.py'
15	--- addons/openerp/controllers/openo2m.py 2012-09-13 15:19:58 +0000
16	+++ addons/openerp/controllers/openo2m.py 2013-03-12 16:01:23 +0000
17	@@ -113,6 +113,7 @@
18	params, data = TinyDict.split(kw)
19	params.editable = True
20
21	+ o2m_proxy = rpc.RPCProxy(params.o2m_model)
22	proxy = rpc.RPCProxy(params.parent_model)
23
24	pprefix = '.'.join(params.o2m.split('/')[:-1])
25	@@ -120,11 +121,42 @@
26	if pprefix:
27	data = eval(pprefix, TinyDict(**data)).make_dict()
28
29	+ fld = params.o2m.split('/')[-1]
30	+
31	ctx = context_with_concurrency_info(rpc.session.context, params.concurrency_info)
32	ctx.update(params.parent_context or {})
33	ctx.update(params.o2m_context or {})
34
35	- id = proxy.write([params.parent_id], data, ctx)
36	+ ## Before writing, filter data that has not been modified
37	+ if isinstance(data, dict) and fld in data:
38	+ fld_data = []
39	+ fld_ctx = dict((params.o2mcontext or {}), **rpc.session.context)
40	+ for (op, _id, values) in data[fld]:
41	+ modified = {}
42	+ if _id and op == 1: # we're updating that record
43	+ original_data = o2m_proxy.read(_id, values.keys(), fld_ctx)
44	+
45	+ if original_data and isinstance(original_data, dict):
46	+ for field, original_value in original_data.iteritems():
47	+ if isinstance(original_value, tuple):
48	+ original_data[field] = original_value[0]
49	+ if field in values and ustr(values[field]) != ustr(original_data[field]):
50	+ #When field is many2many at that time following code will be applied
51	+ if isinstance(values[field], list) and isinstance(values[field][0][2], list):
52	+ if sorted(values[field][0][2]) != sorted(original_data[field]):
53	+ modified[field] = values[field]
54	+ else:
55	+ modified[field] = values[field]
56	+ if modified:
57	+ fld_data.append((op, _id, modified))
58	+ # update 'fld' in data, or remove it if there is nothing to be written
59	+ if fld_data:
60	+ data[fld] = fld_data
61	+ else:
62	+ data.pop(fld, None)
63	+
64	+ if data:
65	+ id = proxy.write([params.parent_id], data, ctx)
66
67	prefix = params.o2m
68	current = params.chain_get(prefix)
69	@@ -132,7 +164,6 @@
70	params.load_counter = 1
71
72	ids = current.ids
73	- fld = params.o2m.split('/')[-1]
74	all_ids = proxy.read([params.parent_id], [fld])[0][fld]
75	new_ids = [i for i in all_ids if i not in ids]
76
77
78	=== modified file 'addons/openerp/static/javascript/m2o.js'
79	--- addons/openerp/static/javascript/m2o.js 2012-08-21 17:19:50 +0000
80	+++ addons/openerp/static/javascript/m2o.js 2013-03-12 16:01:23 +0000
81	@@ -31,7 +31,6 @@
82	}
83
84	this.__init__(name);
85	- self = this;
86	};
87
88	ManyToOne.prototype.__init__ = function(name) {
89	@@ -277,11 +276,11 @@
90	if(evt.target.tagName.toLowerCase() == 'input') {
91	var w;
92	if(jQuery('#search_filter_data').is(':visible')) {
93	- w = jQuery(evt.currentTarget).width()
94	+ w = jQuery(evt.currentTarget).width();
95	} else {
96	w = jQuery(evt.currentTarget).width() + jQuery(idSelector(this.name + '_select')).width();
97	}
98	- jQuery('div.autoTextResults[id$="' + this.name + '"]').width(w)
99	+ jQuery('div.autoTextResults[id$="' + this.name + '"]').width(w);
100	}
101	}
102
103	@@ -473,7 +472,7 @@
104	context: this.get_context()
105	}).addCallback(function(obj) {
106	self.eval_domain = obj.domain;
107	- self.eval_context = obj.context
108	+ self.eval_context = obj.context;
109
110	jQuery.getJSON('/openerp/search/get_matched', {
111	text: val,
112	@@ -542,7 +541,7 @@
113	return true;
114	}
115	catch(e) {
116	- error_display(_('error in display::') + e)
117	+ error_display(_('error in display::') + e);
118	}
119	};
120
121	@@ -594,7 +593,7 @@
122	function open($this, options) {
123	var url;
124	if(options.record) {
125	- url = '/openerp/openm2o/edit'
126	+ url = '/openerp/openm2o/edit';
127	} else {
128	url = '/openerp/search/new';
129	}