From d4913c30c804c20024584182d9b70d4c87544340 Mon Sep 17 00:00:00 2001
From: Rafi Zadanly <zadanlyr@gmail.com>
Date: Fri, 2 Feb 2024 14:07:12 +0700
Subject: Add role permission feature

---
 indoteknik_api/controllers/__init__.py             |  1 +
 indoteknik_api/controllers/export.py               | 46 ++++++++++++++++++++++
 indoteknik_custom/__manifest__.py                  |  2 +
 indoteknik_custom/models/__init__.py               |  1 +
 indoteknik_custom/models/base_import_import.py     |  9 +++--
 indoteknik_custom/models/res_users.py              | 17 ++++++++
 .../models/role_permission/__init__.py             |  1 +
 .../models/role_permission/ir_model_access.py      |  9 +++++
 .../views/role_permission/ir_model_access.xml      | 16 ++++++++
 .../views/role_permission/res_groups.xml           | 45 +++++++++++++++++++++
 10 files changed, 144 insertions(+), 3 deletions(-)
 create mode 100644 indoteknik_api/controllers/export.py
 create mode 100644 indoteknik_custom/models/role_permission/__init__.py
 create mode 100644 indoteknik_custom/models/role_permission/ir_model_access.py
 create mode 100644 indoteknik_custom/views/role_permission/ir_model_access.xml
 create mode 100644 indoteknik_custom/views/role_permission/res_groups.xml

diff --git a/indoteknik_api/controllers/__init__.py b/indoteknik_api/controllers/__init__.py
index 237f4135..34bba89f 100644
--- a/indoteknik_api/controllers/__init__.py
+++ b/indoteknik_api/controllers/__init__.py
@@ -1,4 +1,5 @@
 from . import controller
+from . import export
 from . import api_v1
 from . import api_v2
 from . import api_v3
\ No newline at end of file
diff --git a/indoteknik_api/controllers/export.py b/indoteknik_api/controllers/export.py
new file mode 100644
index 00000000..c29c82c7
--- /dev/null
+++ b/indoteknik_api/controllers/export.py
@@ -0,0 +1,46 @@
+import json
+
+from odoo.tools import pycompat
+from odoo.exceptions import Warning
+from odoo import http
+from odoo.http import request
+from odoo.addons.web.controllers.main import ExportFormat, GroupExportXlsxWriter, ExportXlsxWriter, serialize_exception, clean_action
+
+class Export(ExportFormat, http.Controller):
+    @http.route('/web/export/xlsx', type='http', auth="public", csrf=False)
+    @serialize_exception
+    def export_xlsx(self, data, token, **kw):
+        data_obj = json.loads(data)
+        model = data_obj['model']
+        can_export = request.env.user.check_access(model, 'export')
+        
+        if not can_export:
+            raise Warning('You are not allowed to export')
+        
+        return self.base(data, token)
+    
+    @property
+    def content_type(self):
+        return 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet'
+
+    def filename(self, base):
+        return base + '.xlsx'
+
+    def from_group_data(self, fields, groups):
+        with GroupExportXlsxWriter(fields, groups.count) as xlsx_writer:
+            x, y = 1, 0
+            for group_name, group in groups.children.items():
+                x, y = xlsx_writer.write_group(x, y, group_name, group)
+
+        return xlsx_writer.value
+
+    def from_data(self, fields, rows):
+        with ExportXlsxWriter(fields, len(rows)) as xlsx_writer:
+            for row_index, row in enumerate(rows):
+                for cell_index, cell_value in enumerate(row):
+                    if isinstance(cell_value, (list, tuple)):
+                        cell_value = pycompat.to_text(cell_value)
+                    xlsx_writer.write_cell(row_index + 1, cell_index, cell_value)
+
+        return xlsx_writer.value
+    
\ No newline at end of file
diff --git a/indoteknik_custom/__manifest__.py b/indoteknik_custom/__manifest__.py
index c7e65b37..2c0a4ceb 100755
--- a/indoteknik_custom/__manifest__.py
+++ b/indoteknik_custom/__manifest__.py
@@ -107,6 +107,8 @@
         'views/purchase_order_multi_update.xml',
         'views/purchase_order_multi_confirm.xml',
         'views/invoice_reklas_penjualan.xml',
+        'views/role_permission/ir_model_access.xml',
+        'views/role_permission/res_groups.xml',
         'report/report.xml',
         'report/report_banner_banner.xml',
         'report/report_banner_banner2.xml',
diff --git a/indoteknik_custom/models/__init__.py b/indoteknik_custom/models/__init__.py
index 76387ff8..9588a835 100755
--- a/indoteknik_custom/models/__init__.py
+++ b/indoteknik_custom/models/__init__.py
@@ -98,3 +98,4 @@ from . import purchase_order_multi_update
 from . import invoice_reklas_penjualan
 from . import purchase_order_multi_confirm
 from . import stock_quant
+from . import role_permission
diff --git a/indoteknik_custom/models/base_import_import.py b/indoteknik_custom/models/base_import_import.py
index 6a100cb8..01e02a4a 100644
--- a/indoteknik_custom/models/base_import_import.py
+++ b/indoteknik_custom/models/base_import_import.py
@@ -56,7 +56,10 @@ class Import(models.TransientModel):
         raise UserError(message)
 
     def do(self, fields, columns, options, dryrun=False):
-        enable_import = self._check_enable_import()
-        if not enable_import:
-            self._unable_import_notif()
+        model = self.res_model
+        can_import = self.env.user.check_access(model, 'import')
+        
+        if not can_import:
+            raise UserError('You are not allowed to import')
+        
         return super(Import, self).do(fields, columns, options, dryrun)
diff --git a/indoteknik_custom/models/res_users.py b/indoteknik_custom/models/res_users.py
index 09321fc6..33f64ce3 100755
--- a/indoteknik_custom/models/res_users.py
+++ b/indoteknik_custom/models/res_users.py
@@ -39,3 +39,20 @@ class ResUsers(models.Model):
             if not vouchers: return None
             return ', '.join(x.code for x in vouchers)
         return None
+    
+    def check_access(self, model, mode):
+        assert mode in ('read', 'write', 'create', 'unlink', 'import', 'export'), 'Invalid access mode'
+        
+        self._cr.execute("""
+            SELECT MAX(CASE WHEN perm_{mode} THEN 1 ELSE 0 END)
+            FROM ir_model_access a
+            JOIN ir_model m ON (m.id = a.model_id)
+            JOIN res_groups_users_rel gu ON (gu.gid = a.group_id)
+            WHERE m.model = %s
+            AND gu.uid = %s
+            AND a.active IS TRUE
+        """.format(mode=mode), (model, self._uid,))
+        r = self._cr.fetchone()[0]
+        
+        return bool(r)
+        
diff --git a/indoteknik_custom/models/role_permission/__init__.py b/indoteknik_custom/models/role_permission/__init__.py
new file mode 100644
index 00000000..da36bc1e
--- /dev/null
+++ b/indoteknik_custom/models/role_permission/__init__.py
@@ -0,0 +1 @@
+from . import ir_model_access
\ No newline at end of file
diff --git a/indoteknik_custom/models/role_permission/ir_model_access.py b/indoteknik_custom/models/role_permission/ir_model_access.py
new file mode 100644
index 00000000..c77e9b79
--- /dev/null
+++ b/indoteknik_custom/models/role_permission/ir_model_access.py
@@ -0,0 +1,9 @@
+from odoo import fields, models
+
+
+class IrModelAccess(models.Model):
+    _inherit = 'ir.model.access'
+    
+    perm_import = fields.Boolean(string='Import Access')
+    perm_export = fields.Boolean(string='Export Access')
+    
\ No newline at end of file
diff --git a/indoteknik_custom/views/role_permission/ir_model_access.xml b/indoteknik_custom/views/role_permission/ir_model_access.xml
new file mode 100644
index 00000000..0c74d5e2
--- /dev/null
+++ b/indoteknik_custom/views/role_permission/ir_model_access.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <data>
+        <record id="ir_model_access_tree_view_inherit" model="ir.ui.view">
+            <field name="name">Access Rights</field>
+            <field name="model">ir.model.access</field>
+            <field name="inherit_id" ref="base.ir_access_view_tree_edition"/>
+            <field name="arch" type="xml">
+                <field name="perm_unlink" position="after">
+                    <field name="perm_import"/>
+                    <field name="perm_export"/>
+                </field>
+            </field>
+        </record>
+    </data>
+</odoo>
diff --git a/indoteknik_custom/views/role_permission/res_groups.xml b/indoteknik_custom/views/role_permission/res_groups.xml
new file mode 100644
index 00000000..ad6af732
--- /dev/null
+++ b/indoteknik_custom/views/role_permission/res_groups.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<odoo>
+    <data>
+        <record model="ir.module.category" id="module_category_roles">
+            <field name="name">Roles</field>
+            <field name="sequence">70</field>
+            <field name="visible" eval="0" />
+        </record>
+
+        <record id="group_role_it" model="res.groups">
+            <field name="name">IT</field>
+            <field name="category_id" ref="module_category_roles" />
+        </record>
+        
+        <record id="group_role_accounting" model="res.groups">
+            <field name="name">Accounting</field>
+            <field name="category_id" ref="module_category_roles" />
+        </record>
+
+        <record id="group_role_finance" model="res.groups">
+            <field name="name">Finance</field>
+            <field name="category_id" ref="module_category_roles" />
+        </record>
+
+        <record id="group_role_sales" model="res.groups">
+            <field name="name">Sales</field>
+            <field name="category_id" ref="module_category_roles" />
+        </record>
+
+        <record id="group_role_marketing" model="res.groups">
+            <field name="name">Marketing</field>
+            <field name="category_id" ref="module_category_roles" />
+        </record>
+
+        <record id="group_role_purchasing" model="res.groups">
+            <field name="name">Purchasing</field>
+            <field name="category_id" ref="module_category_roles" />
+        </record>
+
+        <record id="group_role_logistic" model="res.groups">
+            <field name="name">Logistic</field>
+            <field name="category_id" ref="module_category_roles" />
+        </record>
+    </data>
+</odoo>
\ No newline at end of file
-- 
cgit v1.2.3


From 20b1410fc2335f51ab08fdbecb54d6bfc437b6e1 Mon Sep 17 00:00:00 2001
From: Rafi Zadanly <zadanlyr@gmail.com>
Date: Wed, 7 Feb 2024 14:40:28 +0700
Subject: Update role FAT and add merchandiser

---
 indoteknik_custom/views/role_permission/res_groups.xml | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/indoteknik_custom/views/role_permission/res_groups.xml b/indoteknik_custom/views/role_permission/res_groups.xml
index ad6af732..910469fd 100644
--- a/indoteknik_custom/views/role_permission/res_groups.xml
+++ b/indoteknik_custom/views/role_permission/res_groups.xml
@@ -11,14 +11,9 @@
             <field name="name">IT</field>
             <field name="category_id" ref="module_category_roles" />
         </record>
-        
-        <record id="group_role_accounting" model="res.groups">
-            <field name="name">Accounting</field>
-            <field name="category_id" ref="module_category_roles" />
-        </record>
 
-        <record id="group_role_finance" model="res.groups">
-            <field name="name">Finance</field>
+        <record id="group_role_fat" model="res.groups">
+            <field name="name">FAT</field>
             <field name="category_id" ref="module_category_roles" />
         </record>
 
@@ -41,5 +36,10 @@
             <field name="name">Logistic</field>
             <field name="category_id" ref="module_category_roles" />
         </record>
+
+        <record id="group_role_merchandiser" model="res.groups">
+            <field name="name">Merchandiser</field>
+            <field name="category_id" ref="module_category_roles" />
+        </record>
     </data>
 </odoo>
\ No newline at end of file
-- 
cgit v1.2.3