Permalink
Browse files

[IMP] access rigth Add approver rigths for expenses and timesheet

  • Loading branch information...
jbm-odoo committed Jan 3, 2019
1 parent 0247dd3 commit 5c86f3cab135c94644ccfc5791fed1ec3fbf30ce
@@ -672,7 +672,7 @@ def approve_expense_sheets(self):
if self.employee_id.user_id == self.env.user:
raise UserError(_("You cannot approve your own expenses"))

if not self.env.user in current_managers:
if not self.env.user in current_managers and not self.user_has_groups('hr_expense.group_hr_expense_approver') and self.expense_manager_id != self.env.user:
raise UserError(_("You can only approve your department expenses"))

responsible_id = self.user_id.id or self.env.user.id
@@ -693,7 +693,7 @@ def refuse_sheet(self, reason):
if self.employee_id.user_id == self.env.user:
raise UserError(_("You cannot refuse your own expenses"))

if not self.env.user in current_managers:
if not self.env.user in current_managers and not self.user_has_groups('hr_expense.group_hr_expense_approver') and self.expense_manager_id != self.env.user:
raise UserError(_("You can only refuse your department expenses"))

self.write({'state': 'cancel'})
@@ -1,14 +1,15 @@
<?xml version="1.0" encoding="utf-8"?>
<odoo>
<record id="group_hr_expense_approver" model="res.groups">
<field name="name">Approver</field>
<record id="group_hr_expense_user" model="res.groups">
<field name="name">See all Expenses</field>
<field name="category_id" ref="base.module_category_hr_expense"/>
<field name="implied_ids" eval="[(4, ref('base.group_user'))]"/>
</record>

<record id="group_hr_expense_user" model="res.groups">
<field name="name">See all Expenses</field>
<record id="group_hr_expense_approver" model="res.groups">
<field name="name">Approver</field>
<field name="category_id" ref="base.module_category_hr_expense"/>
<field name="implied_ids" eval="[(4, ref('base.group_user')), (4, ref('hr_expense.group_hr_expense_approver'))]"/>
<field name="implied_ids" eval="[(4, ref('hr_expense.group_hr_expense_user'))]"/>
</record>

<record id="group_hr_expense_manager" model="res.groups">
@@ -510,14 +510,15 @@ def _read_from_database(self, field_names, inherited_field_names=[]):
return
current_employee = self.env['hr.employee'].sudo().search([('user_id', '=', self.env.uid)], limit=1)
for record in self:
emp_id = record._cache.get('employee_id', [False])[0]
if emp_id != current_employee.id:
try:
record._cache['name']
record._cache['name'] = '*****'
except Exception:
# skip SpecialValue (e.g. for missing record or access right)
pass
if record._cache.get('employee_id', [False]):
emp_id = record._cache.get('employee_id', [False])[0]
if emp_id != current_employee.id:
try:
record._cache['name']
record._cache['name'] = '*****'
except Exception:
# skip SpecialValue (e.g. for missing record or access right)
pass

@api.multi
def write(self, values):
@@ -1,22 +1,11 @@
<?xml version="1.0" encoding="UTF-8"?>
<odoo>
<data noupdate="1">
<record id="group_hr_timesheet_approver" model="res.groups">
<field name="name">Approver</field>
<field name="category_id" ref="base.module_category_hr_timesheet"/>
</record>

<record id="group_hr_timesheet_user" model="res.groups">
<field name="name">See all Timesheets</field>
<field name="category_id" ref="base.module_category_hr_timesheet"/>
<field name="implied_ids" eval="[(4, ref('base.group_user')), (4, ref('group_hr_timesheet_approver'))]"/>
<field name="users" eval="[(4, ref('base.user_root')), (4, ref('base.user_admin'))]"/>
</record>

<record id="group_timesheet_manager" model="res.groups">
<field name="name">Administrator</field>
<field name="category_id" ref="base.module_category_hr_timesheet"/>
<field name="implied_ids" eval="[(4, ref('group_hr_timesheet_user')), (4, ref('hr.group_hr_user'))]"/>
<field name="implied_ids" eval="[(4, ref('base.group_user'))]"/>
<field name="users" eval="[(4, ref('base.user_root')), (4, ref('base.user_admin'))]"/>
</record>

@@ -38,6 +27,13 @@
<field name="perm_read" eval="0"/>
</record>

<record id="group_timesheet_manager" model="res.groups">
<field name="name">Administrator</field>
<field name="category_id" ref="base.module_category_hr_timesheet"/>
<field name="implied_ids" eval="[(4, ref('group_hr_timesheet_user')), (4, ref('hr.group_hr_user'))]"/>
<field name="users" eval="[(4, ref('base.user_root')), (4, ref('base.user_admin'))]"/>
</record>

</data>

<data noupdate="1">
@@ -50,7 +46,7 @@
<field name="perm_create" eval="1"/>
<field name="perm_write" eval="1"/>
<field name="perm_unlink" eval="1"/>
<field name="perm_read" eval="0"/>
<field name="perm_read" eval="1"/>
</record>

<record id="timesheet_rule_portal" model="ir.rule">
@@ -29,6 +29,10 @@
<field name="name">Customizations</field>
<field name="sequence">6</field>
</record>
<record id="administration" model="ir.module.category.master">
<field name="name">Administration</field>
<field name="sequence">15</field>
</record>

<record model="ir.module.category" id="module_category_hidden">
<field name="name">Technical Settings</field>
@@ -233,7 +237,7 @@
</record>

<record model="ir.module.category" id="module_category_sign">
<field name="name">Document Signatures</field>
<field name="name">Sign</field>
<field name="description">Helps you sign and complete your documents easily.</field>
<field name="sequence">25</field>
<field name="master_category_id" ref="base.sales"/>
@@ -257,7 +261,7 @@
<record model="ir.module.category" id="module_category_administration">
<field name="name">Administration</field>
<field name="sequence">100</field>
<field name="master_category_id" ref="base.operations"/>
<field name="master_category_id" ref="base.administration"/>
</record>

<record model="ir.module.category" id="module_category_usability">
@@ -1069,7 +1069,7 @@ def _update_user_groups_view(self):

for xml_cat in sorted(xml_by_category.keys(), key=lambda it: it[0]):
xml_cat_name = xml_cat[1]
master_category_name = _("%s Applications") % (_(xml_cat_name))
master_category_name = (_(xml_cat_name))
xml2.append(E.group(*(xml_by_category[xml_cat]), col="2", string=master_category_name))

xml = E.field(

0 comments on commit 5c86f3c

Please sign in to comment.