Skip to content

Commit

Permalink
Merge commit 'refs/pull/125/head' of github.com:acsone/acsone-addons …
Browse files Browse the repository at this point in the history 
…into lih_master
  • Loading branch information
@adrienpeiffer
adrienpeiffer committed Sep 21, 2016
2 parents b1136e3 + a923aa1 commit 66b1e35
Show file tree
Hide file tree
Showing 4 changed files with 51 additions and 46 deletions.
3 changes: 1 addition & 2 deletions workflow_activity_action/models/wkf_action_model.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,6 @@ def _get_action_ids(self):
activity_ids = workitem_ids.mapped('act_id')
for activity in activity_ids:
if activity.use_action_object and\
activity._check_action_security(res_type,
record.id):
activity._check_action_security(res_type, [record.id])[record.id]:
actions_ids = actions_ids + activity.action_ids
self.activity_action_ids = actions_ids
39 changes: 20 additions & 19 deletions workflow_activity_action/models/wkf_activity.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,27 +82,27 @@ class WorkflowActivity(models.Model):

@api.multi
def check_action_security(self, res_type, res_id):
if not self._check_action_security(res_type, res_id):
if not self._check_action_security(res_type, [res_id])[res_id]:
raise exceptions.AccessError(
_("""The requested operation cannot be completed due to
security restrictions.
Please contact your system administrator."""))

@api.multi
def _check_action_security(self, res_type, res_id):
def _check_action_security(self, res_type, res_ids):
self.ensure_one()
res_dict = {key: True for key in res_ids}
if self._uid == SUPERUSER_ID or\
isinstance(self.env.uid, BaseSuspendSecurityUid):
return True
return res_dict
if self.security_group_ids.ids:
act = self.search(
[('security_group_ids.users', '=', self.env.user.id),
('id', '=', self.id)])
if not act.ids:
return False
obj = self.env[res_type].browse([res_id])
res_dict = {key: False for key in res_ids}
obj = self.env[res_type]
table = obj._table
res = False
if obj.is_transient():
self._cr.execute("""SELECT distinct create_uid
FROM %s
Expand All @@ -111,27 +111,26 @@ def _check_action_security(self, res_type, res_id):
uids = [x[0] for x in self._cr.fetchall()]
if len(uids) != 1 or uids[0] != SUPERUSER_ID or\
not isinstance(self.env.uid, BaseSuspendSecurityUid):
res = False
res_dict = {key: False for key in res_ids}
else:
where_clause, where_params, tables =\
self.env['activity.record.rule'].domain_get(res_type, self.id)
if where_clause:
where_clause = ' and ' + ' and '.join(where_clause)
sub_ids = (obj.id,)
self._cr.execute(
'SELECT ' + table + '.id FROM ' + ','.join(tables) +
' WHERE ' + table + '.id IN %s' + where_clause,
[sub_ids] + where_params)
returned_ids = [x['id'] for x in self._cr.dictfetchall()]
res = self._check_record_rules_result_count(table, sub_ids,
returned_ids)
else:
res = True
return res
for sub_ids in self._cr.split_for_in_conditions(res_ids):
self._cr.execute(
'SELECT ' + table + '.id FROM ' + ','.join(tables) +
' WHERE ' + table + '.id IN %s' + where_clause,
[sub_ids] + where_params)
returned_ids = [x['id'] for x in self._cr.dictfetchall()]
self._check_record_rules_result_count(table, sub_ids,
returned_ids,
res_dict)
return res_dict

@api.model
def _check_record_rules_result_count(self, res_type, sub_res_ids,
result_ids):
result_ids, res_dict):
ids, result_ids = set(sub_res_ids), set(result_ids)
missing_ids = ids - result_ids
if missing_ids:
Expand All @@ -143,6 +142,8 @@ def _check_record_rules_result_count(self, res_type, sub_res_ids,
if self._uid == SUPERUSER_ID or\
isinstance(self.env.uid, BaseSuspendSecurityUid):
return True
for fid in forbidden_ids:
res_dict[fid] = False
return False
else:
return True
Expand Down
54 changes: 29 additions & 25 deletions workflow_task/models/task.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ class Task(models.Model):
_name = 'workflow.task'
_inherit = ['mail.thread']
_description = "Workflow Task"
_order = "id desc"

@api.model
def _select_objects(self):
Expand Down Expand Up @@ -71,6 +72,17 @@ def _select_objects(self):
string="Related object")
action_ids = fields.One2many(comodel_name='workflow.activity.action',
compute='_get_action_ids')
type_description = fields.Char(
compute='_get_type_description', string="Document Type")

@api.multi
@api.depends('res_type')
def _get_type_description(self):
for record in self:
res_type = self.env['ir.model'].search(
[('model', '=', record.res_type)])
if res_type:
record.type_description = res_type.name

def _search_ref_object(self, operator, value):
self._cr.execute("""SELECT distinct res_type FROM workflow_task""")
Expand Down Expand Up @@ -108,8 +120,7 @@ def open_object(self):
def _get_action_ids(self):
for record in self:
if record.activity_id.use_action_task and\
record.activity_id._check_action_security(record.res_type,
record.res_id):
record.activity_id._check_action_security(record.res_type, [record.res_id])[record.res_id]:
record.action_ids = record.activity_id.action_ids

@api.multi
Expand Down Expand Up @@ -140,24 +151,6 @@ def check_base_security(self, res_model, res_ids, mode):
res_ids, mode,
context=self.env.context)

@api.multi
def _check_activity_security(self):
self._cr.execute(
"""SELECT id, res_type, res_id, activity_id FROM workflow_task
WHERE id = ANY(%s)""", (list(self._ids),))
targets = self._cr.dictfetchall()
res = {}
for task_dict in targets:
if not self.pool['workflow.activity'].\
_check_action_security(self._cr, self._uid,
[task_dict['activity_id']],
task_dict['res_type'],
task_dict['res_id']):
res[task_dict['id']] = False
else:
res[task_dict['id']] = True
return res

@api.multi
def check(self, mode, values=None):
"""Restricts the access to a workflow task, according to
Expand Down Expand Up @@ -228,11 +221,22 @@ def _search(self, cr, uid, args, offset=0, limit=None, order=None,
for res_id in disallowed_ids:
for attach_id in targets[res_id]:
ids.remove(attach_id)
# activity_security = self._check_activity_security(cr, uid, ids,
# context=context)
# for task_id, res in activity_security.iteritems():
# if not res:
# ids.remove(task_id)
target_ids = set(target_ids).difference(disallowed_ids)
cr.execute(
"""SELECT id, res_id, activity_id FROM workflow_task
WHERE res_id IN %s AND res_type = %s AND id in %s""",
(tuple(target_ids), model, tuple(ids)))
targets_activity = cr.dictfetchall()
activity_tasks = {}
for targets_activity_dict in targets_activity:
activity_tasks.setdefault(targets_activity_dict['activity_id'], {}).setdefault(targets_activity_dict['res_id'] or 0, set()).add(targets_activity_dict['id'])
for activity_id, res_ids_dict in activity_tasks.iteritems():
res_ids = res_ids_dict.keys()
res_dict = self.pool['workflow.activity']._check_action_security(cr, uid, [activity_id], model, res_ids)
for res_id in res_dict:
if not res_dict[res_id]:
for task_id in res_ids_dict[res_id]:
ids.remove(task_id)
# sort result according to the original sort ordering
result = [id for id in orig_ids if id in ids]
ids = super(Task, self)._search(cr, uid, [('id', 'in', result)],
Expand Down
1 change: 1 addition & 0 deletions workflow_task/views/wkf_task_view.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,7 @@
<field name="arch" type="xml">
<tree create="0" colors="grey:state == 'closed';red:date_critical and date_critical &lt;= current_date;black:state == 'started';blue:state == 'new'">
<button name="open_object" type="object" icon="gtk-open" />
<field name="type_description" />
<field name="ref_object" />
<field name="name" />
<field name="state" />
Expand Down

0 comments on commit 66b1e35

Please sign in to comment.