From d4913c30c804c20024584182d9b70d4c87544340 Mon Sep 17 00:00:00 2001 From: Rafi Zadanly Date: Fri, 2 Feb 2024 14:07:12 +0700 Subject: Add role permission feature --- indoteknik_custom/models/__init__.py | 1 + indoteknik_custom/models/base_import_import.py | 9 ++++++--- indoteknik_custom/models/res_users.py | 17 +++++++++++++++++ indoteknik_custom/models/role_permission/__init__.py | 1 + .../models/role_permission/ir_model_access.py | 9 +++++++++ 5 files changed, 34 insertions(+), 3 deletions(-) create mode 100644 indoteknik_custom/models/role_permission/__init__.py create mode 100644 indoteknik_custom/models/role_permission/ir_model_access.py (limited to 'indoteknik_custom/models') diff --git a/indoteknik_custom/models/__init__.py b/indoteknik_custom/models/__init__.py index 76387ff8..9588a835 100755 --- a/indoteknik_custom/models/__init__.py +++ b/indoteknik_custom/models/__init__.py @@ -98,3 +98,4 @@ from . import purchase_order_multi_update from . import invoice_reklas_penjualan from . import purchase_order_multi_confirm from . import stock_quant +from . import role_permission diff --git a/indoteknik_custom/models/base_import_import.py b/indoteknik_custom/models/base_import_import.py index 6a100cb8..01e02a4a 100644 --- a/indoteknik_custom/models/base_import_import.py +++ b/indoteknik_custom/models/base_import_import.py @@ -56,7 +56,10 @@ class Import(models.TransientModel): raise UserError(message) def do(self, fields, columns, options, dryrun=False): - enable_import = self._check_enable_import() - if not enable_import: - self._unable_import_notif() + model = self.res_model + can_import = self.env.user.check_access(model, 'import') + + if not can_import: + raise UserError('You are not allowed to import') + return super(Import, self).do(fields, columns, options, dryrun) diff --git a/indoteknik_custom/models/res_users.py b/indoteknik_custom/models/res_users.py index 09321fc6..33f64ce3 100755 --- a/indoteknik_custom/models/res_users.py +++ b/indoteknik_custom/models/res_users.py @@ -39,3 +39,20 @@ class ResUsers(models.Model): if not vouchers: return None return ', '.join(x.code for x in vouchers) return None + + def check_access(self, model, mode): + assert mode in ('read', 'write', 'create', 'unlink', 'import', 'export'), 'Invalid access mode' + + self._cr.execute(""" + SELECT MAX(CASE WHEN perm_{mode} THEN 1 ELSE 0 END) + FROM ir_model_access a + JOIN ir_model m ON (m.id = a.model_id) + JOIN res_groups_users_rel gu ON (gu.gid = a.group_id) + WHERE m.model = %s + AND gu.uid = %s + AND a.active IS TRUE + """.format(mode=mode), (model, self._uid,)) + r = self._cr.fetchone()[0] + + return bool(r) + diff --git a/indoteknik_custom/models/role_permission/__init__.py b/indoteknik_custom/models/role_permission/__init__.py new file mode 100644 index 00000000..da36bc1e --- /dev/null +++ b/indoteknik_custom/models/role_permission/__init__.py @@ -0,0 +1 @@ +from . import ir_model_access \ No newline at end of file diff --git a/indoteknik_custom/models/role_permission/ir_model_access.py b/indoteknik_custom/models/role_permission/ir_model_access.py new file mode 100644 index 00000000..c77e9b79 --- /dev/null +++ b/indoteknik_custom/models/role_permission/ir_model_access.py @@ -0,0 +1,9 @@ +from odoo import fields, models + + +class IrModelAccess(models.Model): + _inherit = 'ir.model.access' + + perm_import = fields.Boolean(string='Import Access') + perm_export = fields.Boolean(string='Export Access') + \ No newline at end of file -- cgit v1.2.3