From 3751379f1e9a4c215fb6eb898b4ccc67659b9ace Mon Sep 17 00:00:00 2001 From: stephanchrst Date: Tue, 10 May 2022 21:51:50 +0700 Subject: initial commit 2 --- .../security/website_slides_security.xml | 191 +++++++++++++++++++++ 1 file changed, 191 insertions(+) create mode 100644 addons/website_slides/security/website_slides_security.xml (limited to 'addons/website_slides/security/website_slides_security.xml') diff --git a/addons/website_slides/security/website_slides_security.xml b/addons/website_slides/security/website_slides_security.xml new file mode 100644 index 00000000..ab800865 --- /dev/null +++ b/addons/website_slides/security/website_slides_security.xml @@ -0,0 +1,191 @@ + + + + 21 + + + + Officer + + + + + + Manager + + + + + + + + + + + + + + + + Channel: always visible (sub rules exist) + + [(1, '=', 1)] + + + + Channel: public/portal/user: restricted to published and (public or member only) + + + ['&', ('website_published', '=', True), '|', ('visibility', '=', 'public'), ('partner_ids', '=', user.partner_id.id)] + + + + + + + + Channel: officer: read all + + [(1, '=', 1)] + + + + + + + + Channel: officer: create/write own only + + [('user_id', '=', user.id)] + + + + + + + + + Channel: manager: crud all + + [(1, '=', 1)] + + + + + + + + + + Slide: always visible (sub rules exist) + + [(1, '=', 1)] + + + + Slide: public/portal/user: restricted to published or uploaded by user, and either channel member or public channel & (category or previewable) + + + ['&', + '|', + '&', ('channel_id.visibility', '=', 'public'), '|', ('is_category','=', True), ('is_preview', '=', True), + ('channel_id.partner_ids', '=', user.partner_id.id), + '&', ('channel_id.website_published', '=', True), '|', ('user_id', '=', user.id), ('website_published', '=', True)] + + + + + + + + Slide: officer: read all + + [(1, '=', 1)] + + + + + + + + + Slide: officer: create/write own only + + [('channel_id.user_id', '=', user.id)] + + + + + + + + + Slide: manager: crud all + + [(1, '=', 1)] + + + + + + + + + + Channel Partner: officer: create/write/unlink own only + + [('channel_id.user_id', '=', user.id)] + + + + + + + + + Channel Partner: manager: crud all + + [(1, '=', 1)] + + + + + + + + + + Slide Partner: officer: create/write/unlink own only + + [('channel_id.user_id', '=', user.id)] + + + + + + + + + Slide Partner: manager: crud all + + [(1, '=', 1)] + + + + + + + + + + Resource: restricted to channel members and channel responsible + + [('slide_id.channel_id.partner_ids', '=', user.partner_id.id)] + + + + + + + + -- cgit v1.2.3