Forward Port of #35411 to saas-12.3 #36769
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Check group integrity constraints
I should have added that info in the first commit, but the main issue that was pointed by Odony in an informal communication was that check_one_user_type does not work well, in the sense that this constraint can be bypassed within Odoo.
The reason is that when modifying groups via the settings, the users are given groups by the implied group mechanism.
Moreover a direct SQL query bypass an explicit write on the users field of groups, which is constrained.
This PR is to restore the lost integrity check with a minimal impact on performance.
On heavy load, the performance impact is around 6% (where half are the read on the relevant group ids and such and half is on the _fast_check..., e.g. the query checking the constraint itself.
Forward-Port-Of: #35411