Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[REF] core,project: remove _read_group_check_field_access_rights()
_read_group_check_field_access_rights() is a superfluous hook of the _read_group() refactor (#110737). But this hook isn't very useful compared to check_field_access_rights(), it only checks the usage of fields used in _read_group(). - For 'res.users': Check the security in _read_group_select() and _read_group_groupby() instead. We cannot forbid USER_PRIVATE_CHECK in check_field_access_rights() because we want to obfuscate this field, and not throw an AccessError when reading it. - For 'project.task': override check_field_access_rights() to cover all cases and override _determine_fields_to_fetch() to avoid reading an inaccessible field and having an accidental AccessError. closes #146438 Related: odoo/enterprise#53409 Signed-off-by: Raphael Collet <rco@odoo.com>
- Loading branch information
Showing
3 changed files
with
31 additions
and
41 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters