res.partner上`write`的高级访问权限
Is data that was supplied to write()
with parameter (vals
) accessible from within method check_access_rights
?
是否可以从方法check_access_rights中访问带有参数(val)的write()的数据?
I inherited from res.partner
and overriden method check_access_rights
with intent to allow a user with no write rights on res.partner
to update child_ids
(of that partner) if that child was created by that user (create_uid = user.id) . I hope to be able to implement somewhere (in methods write
or check_access_rights
) this pseudo-code:
我继承自res.partner和overriden方法check_access_rights,意图允许没有res.partner写权限的用户更新child_ids(该伙伴)如果该子用户是由该用户创建的(create_uid = user.id)。我希望能够在某个地方(在方法write或check_access_rights中)实现这个伪代码:
if `the user belongs to a group "GroupX"` and `user tries to only update field "child_ids" with records that are created by that user`
then `allow this write operation on res.partner`
else `raise AccessError`
1 个解决方案
#1
1
To let user (from "Group X") modify res.partner objects that where created by him and let modify child_ids on res.partner objects that where created by anyone:
让用户(来自“Group X”)修改由他创建的res.partner对象,并修改由任何人创建的res.partner对象上的child_ids:
first create a group "Group X" with rights: a) r,w,c,u on res.partner ; b) r,w,c on ir.property .
首先创建一个具有权利的组“X组”:a)r,w,c,u在res.partner上; b)关于ir.property的r,w,c。
Then create a class that inherits from res.partner and override method write
.
然后创建一个继承自res.partner和override方法write的类。
# -*- coding: utf-8 -*-
class InheritedResPartner(models.Model):
"""Description"""
_inherit = 'res.partner'
@api.multi
def write(self, vals):
is_in_group = 'Group X' in map(lambda x: x.name, self.env.user.groups_id)
if is_in_group:
operation = 'write'
owns_record = self.create_uid == self.env.user
if owns_record:
True
else:
allowed = True
# Do all checks further and set `allowed` to either True or False
...<omitted intentionaly> put your logic here
#
if not allowed:
raise AccessError(_('The requested operation cannot be completed due to security restrictions. Please contact your system administrator.\n\n(Document type: %s, Operation: %s)') % (self._description, operation))
return super(InheritedResPartner, self).write(vals)
Note: we give full rights on res.partner but we will override write method and raise AccessError if unwanted action detected.
注意:我们提供res.partner的完全权限,但是如果检测到不需要的操作,我们将覆盖write方法并引发AccessError。
更多相关文章
- Cloud Pub / Sub Demo:403未授权用户执行此操作。当试图推送通知
- jieba(结巴)Python分词器加载到Eclipse方法
- python,os模块的常用方法
- Python语言的特点、程序设计基本方法
- Pandas 文本数据方法 findall( )
- python中函数参数传递的几种方法
- TensorFlow数据集(一)——数据集的基本使用方法
- Python 部分系统类的常用方法整理
- python tkinter窗口弹出置顶的方法