Is data that was supplied to write() with parameter (vals) accessible from within method check_access_rights?

是否可以从方法check_access_rights中访问带有参数(val)的write()的数据?

I inherited from res.partner and overriden method check_access_rights with intent to allow a user with no write rights on res.partner to update child_ids (of that partner) if that child was created by that user (create_uid = user.id) . I hope to be able to implement somewhere (in methods write or check_access_rights) this pseudo-code:

我继承自res.partner和overriden方法check_access_rights,意图允许没有res.partner写权限的用户更新child_ids(该伙伴)如果该子用户是由该用户创建的(create_uid = user.id)。我希望能够在某个地方(在方法write或check_access_rights中)实现这个伪代码:

if `the user belongs to a group "GroupX"` and `user tries to only update field "child_ids" with records that are created by that user`
    then `allow this write operation on res.partner`
    else `raise AccessError`

1 个解决方案

#1

1

To let user (from "Group X") modify res.partner objects that where created by him and let modify child_ids on res.partner objects that where created by anyone:

让用户(来自“Group X”)修改由他创建的res.partner对象,并修改由任何人创建的res.partner对象上的child_ids:

first create a group "Group X" with rights: a) r,w,c,u on res.partner ; b) r,w,c on ir.property .

首先创建一个具有权利的组“X组”:a)r,w,c,u在res.partner上; b)关于ir.property的r,w,c。

Then create a class that inherits from res.partner and override method write.

然后创建一个继承自res.partner和override方法write的类。

# -*- coding: utf-8 -*-

class InheritedResPartner(models.Model):
    """Description""" 
    _inherit = 'res.partner'

    @api.multi
    def write(self, vals):
        is_in_group = 'Group X' in map(lambda x: x.name, self.env.user.groups_id)
        if is_in_group:
            operation = 'write'
            owns_record = self.create_uid == self.env.user

            if owns_record:
                True
            else:
                allowed = True

                # Do all checks further and set `allowed` to either True or False 
                ...<omitted intentionaly> put your logic here
                #

                if not allowed:
                    raise AccessError(_('The requested operation cannot be completed due to security restrictions. Please contact your system administrator.\n\n(Document type: %s, Operation: %s)') % (self._description, operation))
        return super(InheritedResPartner, self).write(vals)

Note: we give full rights on res.partner but we will override write method and raise AccessError if unwanted action detected.

注意:我们提供res.partner的完全权限,但是如果检测到不需要的操作,我们将覆盖write方法并引发AccessError。

更多相关文章

  1. Cloud Pub / Sub Demo:403未授权用户执行此操作。当试图推送通知
  2. jieba(结巴)Python分词器加载到Eclipse方法
  3. python,os模块的常用方法
  4. Python语言的特点、程序设计基本方法
  5. Pandas 文本数据方法 findall( )
  6. python中函数参数传递的几种方法
  7. TensorFlow数据集(一)——数据集的基本使用方法
  8. Python 部分系统类的常用方法整理
  9. python tkinter窗口弹出置顶的方法

随机推荐

  1. Android 仿微信的键盘切换
  2. Android 视图动画(View Animation) 使用
  3. Android 应用的版本兼容 了解一下(理解 mi
  4. Android 使用WindowManager打造通用悬浮
  5. Android 不能使用内部资源
  6. Android [Camera 源码] 相机 HAL3(Camera
  7. Android系统进程Zygote启动过程的源代码
  8. android 通用的功能集锦
  9. Android不让弹出键盘挡住View
  10. android 动态、静态壁纸实现