[19.0][MIG] base_mixin_restrict_field_access: Migration to 19.0

base_mixin_restrict_field_access/README.rst

@@ -0,0 +1,123 @@
+.. image:: https://img.shields.io/badge/licence-AGPL--3-blue.svg
+    :alt: License: AGPL-3
+
+=====================
+Restrict field access
+=====================
+
+This module was written to help developers restricting access to fields in a
+secure and flexible manner on record level.
+
+If you're not a developer, this module is not for you as you need to write code
+in order to actually use it.
+
+Usage
+=====
+
+To use this module, you need to inherit this mixin for the model whose fields
+you want to restrict, and implement at least the following methods to do
+something useful:
+
+.. code:: python
+
+    class ResPartner(models.Model):
+        # inherit from the mixin
+        _inherit = ['restrict.field.access.mixin', 'res.partner']
+        _name = 'res.partner'
+
+        @api.multi
+        def _restrict_field_access_get_field_whitelist(self, action='read'):
+            # return a whitelist (or a blacklist) of fields, depending on the
+            # action passed
+            whitelist = [
+                'name', 'parent_id', 'is_company', 'firstname', 'lastname',
+                'infix', 'initials',
+            ] + super(ResPartner, self)\
+                ._restrict_field_access_get_field_whitelist(action=action)
+            if action == 'read':
+                whitelist.extend(['section_id', 'user_id'])
+            return whitelist
+
+        @api.multi
+        def _restrict_field_access_is_field_accessible(self, field_name,
+                                                       action='read'):
+            # in case the whitelist is not enough, you can also decide for
+            # specific records if an action can be carried out on it or not
+            result = super(ResPartner, self)\
+                ._restrict_field_access_is_field_accessible(
+                    field_name, action=action)
+            if result or not self:
+                return result
+            return all(this.section_id in self.env.user.section_ids or
+                       this.user_id == self.env.user
+                       for this in self)
+
+        @api.multi
+        @api.onchange('section_id', 'user_id')
+        @api.depends('section_id', 'user_id')
+        def _compute_restrict_field_access(self):
+            # if your decision depends on other fields, you probably need to
+            # override this function in order to attach the correct onchange/
+            # depends decorators
+            return super(ResPartner, self)._compute_restrict_field_access()
+
+        @api.model
+        def _restrict_field_access_inject_restrict_field_access_domain(
+                self, domain):
+            # you also might want to decide with a domain expression which
+            # records are visible in the first place
+            domain[:] = expression.AND([
+                domain,
+                [
+                    '|',
+                    ('section_id', 'in', self.env.user.section_ids.ids),
+                    ('user_id', '=', self.env.user.id),
+                ],
+            ])
+
+The example code here will allow only reading a few fields for partners of
+which the current user is neither the sales person nor in this partner's sales
+team.
+
+Read the comments of the mixin, that's part of the documentation. Also have a
+look at the tests, that's another example on how to use this code.
+
+For further information, please visit:
+
+* https://www.odoo.com/forum/help-1
+
+Known issues / Roadmap
+======================
+
+* the code contains some TODOs which should be done
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-tools/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us smashing it by providing a detailed and welcomed feedback
+`here <https://github.com/OCA/server-tools/issues/new?body=module:%20base_mixin_restrict_field_access%0Aversion:%208.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Credits
+=======
+
+Contributors
+------------
+
+* Holger Brunn <hbrunn@therp.nl>
+
+Maintainer
+----------
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+This module is maintained by the OCA.
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+To contribute to this module, please visit https://odoo-community.org.

base_mixin_restrict_field_access/__init__.py

@@ -0,0 +1,3 @@
+# © 2016 Therp BV <http://therp.nl>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+from . import models

base_mixin_restrict_field_access/__manifest__.py

@@ -0,0 +1,15 @@
+# © 2016 Therp BV <http://therp.nl>
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+{
+    "name": "Restrict field access",
+    "version": "19.0.1.0.0",
+    "author": "Therp BV,Odoo Community Association (OCA)",
+    "license": "AGPL-3",
+    "website": "https://github.com/OCA/server-tools",
+    "category": "Hidden/Dependency",
+    "summary": "Make it simple to restrict read and/or write access to "
+    "certain fields base on some condition",
+    "depends": [
+        "web",
+    ],
+}

base_mixin_restrict_field_access/i18n/am.po

@@ -0,0 +1,51 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+# * base_mixin_restrict_field_access
+#
+# Translators:
+# OCA Transbot <transbot@odoo-community.org>, 2017
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 8.0\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2017-10-26 03:04+0000\n"
+"PO-Revision-Date: 2017-10-26 03:04+0000\n"
+"Last-Translator: OCA Transbot <transbot@odoo-community.org>, 2017\n"
+"Language-Team: Amharic (https://www.transifex.com/oca/teams/23907/am/)\n"
+"Language: am\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+
+#. module: base_mixin_restrict_field_access
+#: field:restrict.field.access.mixin,display_name:0
+msgid "Display Name"
+msgstr ""
+
+#. module: base_mixin_restrict_field_access
+#: field:restrict.field.access.mixin,restrict_field_access:0
+msgid "Field access restricted"
+msgstr ""
+
+#. module: base_mixin_restrict_field_access
+#: field:restrict.field.access.mixin,id:0
+msgid "ID"
+msgstr "ID"
+
+#. module: base_mixin_restrict_field_access
+#: field:restrict.field.access.mixin,__last_update:0
+msgid "Last Modified on"
+msgstr ""
+
+#. module: base_mixin_restrict_field_access
+#: code:addons/base_mixin_restrict_field_access/models/restrict_field_access_mixin.py:30
+#, python-format
+msgid "Warning"
+msgstr ""
+
+#. module: base_mixin_restrict_field_access
+#: code:addons/base_mixin_restrict_field_access/models/restrict_field_access_mixin.py:31
+#, python-format
+msgid "You will lose access to fields if you save now!"
+msgstr ""

base_mixin_restrict_field_access/i18n/ar.po

@@ -0,0 +1,52 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+# * base_mixin_restrict_field_access
+#
+# Translators:
+# OCA Transbot <transbot@odoo-community.org>, 2017
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 8.0\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2017-10-26 03:04+0000\n"
+"PO-Revision-Date: 2017-10-26 03:04+0000\n"
+"Last-Translator: OCA Transbot <transbot@odoo-community.org>, 2017\n"
+"Language-Team: Arabic (https://www.transifex.com/oca/teams/23907/ar/)\n"
+"Language: ar\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: nplurals=6; plural=n==0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 "
+"&& n%100<=10 ? 3 : n%100>=11 && n%100<=99 ? 4 : 5;\n"
+
+#. module: base_mixin_restrict_field_access
+#: field:restrict.field.access.mixin,display_name:0
+msgid "Display Name"
+msgstr "اسم العرض"
+
+#. module: base_mixin_restrict_field_access
+#: field:restrict.field.access.mixin,restrict_field_access:0
+msgid "Field access restricted"
+msgstr ""
+
+#. module: base_mixin_restrict_field_access
+#: field:restrict.field.access.mixin,id:0
+msgid "ID"
+msgstr "المعرف"
+
+#. module: base_mixin_restrict_field_access
+#: field:restrict.field.access.mixin,__last_update:0
+msgid "Last Modified on"
+msgstr "آخر تعديل في"
+
+#. module: base_mixin_restrict_field_access
+#: code:addons/base_mixin_restrict_field_access/models/restrict_field_access_mixin.py:30
+#, python-format
+msgid "Warning"
+msgstr ""
+
+#. module: base_mixin_restrict_field_access
+#: code:addons/base_mixin_restrict_field_access/models/restrict_field_access_mixin.py:31
+#, python-format
+msgid "You will lose access to fields if you save now!"
+msgstr ""

base_mixin_restrict_field_access/i18n/base_mixin_restrict_field_access.pot

@@ -0,0 +1,47 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+#	* base_mixin_restrict_field_access
+#
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 8.0\n"
+"Report-Msgid-Bugs-To: \n"
+"Last-Translator: <>\n"
+"Language-Team: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: \n"
+
+#. module: base_mixin_restrict_field_access
+#: field:restrict.field.access.mixin,display_name:0
+msgid "Display Name"
+msgstr ""
+
+#. module: base_mixin_restrict_field_access
+#: field:restrict.field.access.mixin,restrict_field_access:0
+msgid "Field access restricted"
+msgstr ""
+
+#. module: base_mixin_restrict_field_access
+#: field:restrict.field.access.mixin,id:0
+msgid "ID"
+msgstr ""
+
+#. module: base_mixin_restrict_field_access
+#: field:restrict.field.access.mixin,__last_update:0
+msgid "Last Modified on"
+msgstr ""
+
+#. module: base_mixin_restrict_field_access
+#: code:addons/base_mixin_restrict_field_access/models/restrict_field_access_mixin.py:30
+#, python-format
+msgid "Warning"
+msgstr ""
+
+#. module: base_mixin_restrict_field_access
+#: code:addons/base_mixin_restrict_field_access/models/restrict_field_access_mixin.py:31
+#, python-format
+msgid "You will lose access to fields if you save now!"
+msgstr ""
+

base_mixin_restrict_field_access/i18n/bg.po

@@ -0,0 +1,51 @@
+# Translation of Odoo Server.
+# This file contains the translation of the following modules:
+# * base_mixin_restrict_field_access
+#
+# Translators:
+# OCA Transbot <transbot@odoo-community.org>, 2017
+msgid ""
+msgstr ""
+"Project-Id-Version: Odoo Server 8.0\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2017-10-26 03:04+0000\n"
+"PO-Revision-Date: 2017-10-26 03:04+0000\n"
+"Last-Translator: OCA Transbot <transbot@odoo-community.org>, 2017\n"
+"Language-Team: Bulgarian (https://www.transifex.com/oca/teams/23907/bg/)\n"
+"Language: bg\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: \n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+
+#. module: base_mixin_restrict_field_access
+#: field:restrict.field.access.mixin,display_name:0
+msgid "Display Name"
+msgstr "Име за Показване"
+
+#. module: base_mixin_restrict_field_access
+#: field:restrict.field.access.mixin,restrict_field_access:0
+msgid "Field access restricted"
+msgstr ""
+
+#. module: base_mixin_restrict_field_access
+#: field:restrict.field.access.mixin,id:0
+msgid "ID"
+msgstr "ID"
+
+#. module: base_mixin_restrict_field_access
+#: field:restrict.field.access.mixin,__last_update:0
+msgid "Last Modified on"
+msgstr "Последно обновено на"
+
+#. module: base_mixin_restrict_field_access
+#: code:addons/base_mixin_restrict_field_access/models/restrict_field_access_mixin.py:30
+#, python-format
+msgid "Warning"
+msgstr ""
+
+#. module: base_mixin_restrict_field_access
+#: code:addons/base_mixin_restrict_field_access/models/restrict_field_access_mixin.py:31
+#, python-format
+msgid "You will lose access to fields if you save now!"
+msgstr ""