initial commit 2

author: stephanchrst <stephanchrst@gmail.com> 2022-05-10 21:51:50 +0700
committer: stephanchrst <stephanchrst@gmail.com> 2022-05-10 21:51:50 +0700
commit: 3751379f1e9a4c215fb6eb898b4ccc67659b9ace (patch)
tree: a44932296ef4a9b71d5f010906253d8c53727726 /addons/sale/security/sale_security.xml
parent: 0a15094050bfde69a06d6eff798e9a8ddf2b8c21 (diff)
1 files changed, 229 insertions, 0 deletions
diff --git a/addons/sale/security/sale_security.xml b/addons/sale/security/sale_security.xml
new file mode 100644
index 00000000..b1afcab9
--- /dev/null
+++ b/addons/sale/security/sale_security.xml
@@ -0,0 +1,229 @@
+<?xml version="1.0" encoding="utf-8"?>
+<odoo>
+
+    <record id="base.group_multi_currency" model="res.groups">
+        <!--
+            Sales multi-currency is based on pricelists, if multi-currency is enabled,
+            enable pricelists.
+        -->
+        <field name="implied_ids" eval="[(4, ref('product.group_product_pricelist'))]"/>
+    </record>
+
+     <record id="group_auto_done_setting" model="res.groups">
+        <field name="name">Lock Confirmed Sales</field>
+        <field name="category_id" ref="base.module_category_hidden"/>
+    </record>
+
+    <record id="group_delivery_invoice_address" model="res.groups">
+        <field name="name">Addresses in Sales Orders</field>
+        <field name="category_id" ref="base.module_category_hidden"/>
+    </record>
+
+    <record id="group_warning_sale" model="res.groups">
+        <field name="name">A warning can be set on a product or a customer (Sale)</field>
+        <field name="category_id" ref="base.module_category_hidden"/>
+    </record>
+
+    <record id="group_proforma_sales" model="res.groups">
+        <field name="name">Pro-forma Invoices</field>
+        <field name="category_id" ref="base.module_category_hidden"/>
+    </record>
+
+    <record model="res.users" id="base.user_root">
+        <field eval="[(4,ref('base.group_partner_manager'))]" name="groups_id"/>
+    </record>
+
+    <record model="res.users" id="base.user_admin">
+        <field eval="[(4,ref('base.group_partner_manager'))]" name="groups_id"/>
+    </record>
+
+<data noupdate="1">
+    <!-- Multi - Company Rules -->
+
+    <record model="ir.rule" id="sale_order_comp_rule">
+        <field name="name">Sales Order multi-company</field>
+        <field name="model_id" ref="model_sale_order"/>
+        <field name="domain_force">[('company_id', 'in', company_ids)]</field>
+    </record>
+
+    <record model="ir.rule" id="sale_order_line_comp_rule">
+        <field name="name">Sales Order Line multi-company</field>
+        <field name="model_id" ref="model_sale_order_line"/>
+        <field name="domain_force">['|', ('company_id', '=', False), ('company_id', 'in', company_ids)]</field>
+    </record>
+
+    <record model="ir.rule" id="sale_order_report_comp_rule">
+        <field name="name">Sales Order Analysis multi-company</field>
+        <field name="model_id" ref="model_sale_report"/>
+        <field name="domain_force">['|',('company_id','=',False),('company_id', 'in', company_ids)]</field>
+    </record>
+
+    <!-- Payments -->
+    <record id="payment_transaction_salesman_rule" model="ir.rule">
+        <field name="name">Access every payment transaction</field>
+        <field name="model_id" ref="payment.model_payment_transaction"/>
+        <field name="domain_force">[(1, '=', 1)]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman'))]"/>
+    </record>
+
+    <record id="payment_token_salesman_rule" model="ir.rule">
+        <field name="name">Access every payment token</field>
+        <field name="model_id" ref="payment.model_payment_token"/>
+        <field name="domain_force">[(1, '=', 1)]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman'))]"/>
+    </record>
+
+    <!-- Portal Access Rules -->
+    <record id="sale_order_rule_portal" model="ir.rule">
+        <field name="name">Portal Personal Quotations/Sales Orders</field>
+        <field name="model_id" ref="sale.model_sale_order"/>
+        <field name="domain_force">[('message_partner_ids','child_of',[user.commercial_partner_id.id])]</field>
+        <field name="groups" eval="[(4, ref('base.group_portal'))]"/>
+        <field name="perm_unlink" eval="True"/>
+        <field name="perm_write" eval="True"/>
+        <field name="perm_read" eval="True"/>
+        <field name="perm_create" eval="False"/>
+    </record>
+
+    <record id="sale_order_line_rule_portal" model="ir.rule">
+        <field name="name">Portal Sales Orders Line</field>
+        <field name="model_id" ref="sale.model_sale_order_line"/>
+        <field name="domain_force">[('order_id.message_partner_ids','child_of',[user.commercial_partner_id.id])]</field>
+        <field name="groups" eval="[(4, ref('base.group_portal'))]"/>
+    </record>
+
+    <!-- Multi - Salesmen sales order assignation rules -->
+
+    <record id="sale_order_personal_rule" model="ir.rule">
+        <field name="name">Personal Orders</field>
+        <field ref="model_sale_order" name="model_id"/>
+        <field name="domain_force">['|',('user_id','=',user.id),('user_id','=',False)]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman'))]"/>
+    </record>
+    <record id="sale_order_see_all" model="ir.rule">
+        <field name="name">All Orders</field>
+        <field ref="model_sale_order" name="model_id"/>
+        <field name="domain_force">[(1,'=',1)]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman_all_leads'))]"/>
+    </record>
+
+    <record id="sale_order_report_personal_rule" model="ir.rule">
+        <field name="name">Personal Orders Analysis</field>
+        <field ref="model_sale_report" name="model_id"/>
+        <field name="domain_force">['|',('user_id','=',user.id),('user_id','=',False)]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman'))]"/>
+    </record>
+
+    <record id="sale_order_report_see_all" model="ir.rule">
+        <field name="name">All Orders Analysis</field>
+        <field ref="model_sale_report" name="model_id"/>
+        <field name="domain_force">[(1,'=',1)]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman_all_leads'))]"/>
+    </record>
+
+    <record id="sale_order_line_personal_rule" model="ir.rule">
+        <field name="name">Personal Order Lines</field>
+        <field ref="model_sale_order_line" name="model_id"/>
+        <field name="domain_force">['|',('salesman_id','=',user.id),('salesman_id','=',False)]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman'))]"/>
+    </record>
+
+    <record id="sale_order_line_see_all" model="ir.rule">
+        <field name="name">All Orders Lines</field>
+        <field ref="model_sale_order_line" name="model_id"/>
+        <field name="domain_force">[(1,'=',1)]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman_all_leads'))]"/>
+    </record>
+
+    <record id="account_invoice_report_rule_see_personal" model="ir.rule">
+        <field name="name">Personal Invoices Analysis</field>
+        <field name="model_id" ref="model_account_invoice_report"/>
+        <field name="domain_force">['|', ('invoice_user_id', '=', user.id), ('invoice_user_id', '=', False)]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman'))]"/>
+    </record>
+
+    <record id="account_invoice_report_rule_see_all" model="ir.rule">
+        <field name="name">All Invoices Analysis</field>
+        <field name="model_id" ref="model_account_invoice_report"/>
+        <field name="domain_force">[(1, '=', 1)]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman_all_leads'))]"/>
+    </record>
+
+    <!-- Payment transactions and tokens access rules -->
+
+    <record id="payment_transaction_salesman_rule" model="ir.rule">
+        <field name="name">Access every payment transaction</field>
+        <field name="model_id" ref="payment.model_payment_transaction"/>
+        <field name="domain_force">[(1, '=', 1)]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman'))]"/>
+    </record>
+
+    <record id="payment_token_salesman_rule" model="ir.rule">
+        <field name="name">Access every payment token</field>
+        <field name="model_id" ref="payment.model_payment_token"/>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman'))]"/>
+    </record>
+
+    <!-- Multi - Salesmen invoice and account move assignation rules -->
+    <record id="account_invoice_rule_see_personal" model="ir.rule">
+        <field name="name">Personal Invoices</field>
+        <field name="model_id" ref="model_account_move"/>
+        <field name="domain_force">[('move_type', 'in', ('out_invoice', 'out_refund')), '|', ('invoice_user_id', '=', user.id), ('invoice_user_id', '=', False)]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman'))]"/>
+    </record>
+
+    <record id="account_invoice_rule_see_all" model="ir.rule">
+        <field name="name">All Invoices</field>
+        <field name="model_id" ref="model_account_move"/>
+        <field name="domain_force">[('move_type', 'in', ('out_invoice', 'out_refund'))]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman_all_leads'))]"/>
+    </record>
+
+    <record id="account_invoice_line_rule_see_personal" model="ir.rule">
+        <field name="name">Personal Invoice Lines</field>
+        <field name="model_id" ref="model_account_move_line"/>
+        <field name="domain_force">[('move_id.move_type', 'in', ('out_invoice', 'out_refund')), '|', ('move_id.invoice_user_id', '=', user.id), ('move_id.invoice_user_id', '=', False)]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman'))]"/>
+    </record>
+
+    <record id="account_invoice_line_rule_see_all" model="ir.rule">
+        <field name="name">All Invoice Lines</field>
+        <field name="model_id" ref="model_account_move_line"/>
+        <field name="domain_force">[('move_id.move_type', 'in', ('out_invoice', 'out_refund'))]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman_all_leads'))]"/>
+    </record>
+
+    <record id="account_invoice_send_rule_see_personal" model="ir.rule">
+        <field name="name">Personal Invoice Send and Print</field>
+        <field name="model_id" ref="account.model_account_invoice_send"/>
+        <field name="domain_force">[('invoice_ids.move_type', 'in', ('out_invoice', 'out_refund')), '|', ('invoice_ids.invoice_user_id', '=', user.id), ('invoice_ids.invoice_user_id', '=', False)]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman'))]"/>
+    </record>
+
+    <record id="account_invoice_send_rule_see_all" model="ir.rule">
+        <field name="name">All Invoice Send and Print</field>
+        <field name="model_id" ref="account.model_account_invoice_send"/>
+        <field name="domain_force">[('invoice_ids.move_type', 'in', ('out_invoice', 'out_refund'))]</field>
+        <field name="groups" eval="[(4, ref('sales_team.group_sale_salesman_all_leads'))]"/>
+    </record>
+
+    <!-- Wizard access rules -->
+    <record id="sale_payment_acquirer_onboarding_wizard_rule" model="ir.rule">
+        <field name="name">Payment Acquier Onboarding Wizard Rule</field>
+        <field name="model_id" ref="model_sale_payment_acquirer_onboarding_wizard"/>
+        <field name="domain_force">[('create_uid', '=', user.id)]</field>
+    </record>
+
+    <record id="sale_advance_payment_inv_rule" model="ir.rule">
+        <field name="name">Sales Advance Payment Invoice Rule</field>
+        <field name="model_id" ref="model_sale_advance_payment_inv"/>
+        <field name="domain_force">[('create_uid', '=', user.id)]</field>
+    </record>
+
+    <record id="sale_order_cancel_rule" model="ir.rule">
+        <field name="name">Sales Order Cancel Rule</field>
+        <field name="model_id" ref="model_sale_order_cancel"/>
+        <field name="domain_force">[('create_uid', '=', user.id)]</field>
+    </record>
+</data>
+</odoo>
author	stephanchrst <stephanchrst@gmail.com>	2022-05-10 21:51:50 +0700
committer	stephanchrst <stephanchrst@gmail.com>	2022-05-10 21:51:50 +0700
commit	3751379f1e9a4c215fb6eb898b4ccc67659b9ace (patch)
tree	a44932296ef4a9b71d5f010906253d8c53727726 /addons/sale/security/sale_security.xml
parent	0a15094050bfde69a06d6eff798e9a8ddf2b8c21 (diff)