-
Notifications
You must be signed in to change notification settings - Fork 24.4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[FIX] website_sale: prevent compute search to be run in sudo
Before this commit, when accessing an user's pricelist, it would raise a 500 error in multi-company environment. Indeed, when doing `self.env.user.partner_id.property_product_pricelist`, even if self.env is not un sudo mode, the compute from `property_product_pricelist` is executed as sudo. Since this method is then doing a `search()`, it won't use the multi-company pricelist ir.rule. It will return all the pricelist, including the ones from other companies. Then, when trying to read that pricelist, it will raise an access error. Now, we correctly execute the compute (and so the search) in the user env, it won't get pricelists from other companies.
- Loading branch information
Showing
2 changed files
with
25 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
9608d45
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Coming from #28301