odoo Rekord Regel Access

Question

Anfangsdaten:

1. System: odoo V8, Ubuntu 14.04
2. Modul: Remake

Remake/OpenERP Py >>erfolgreich

# -*- coding: utf-8 -*- 
{ 
    'name': 'Remake', 
    'version': '1.0.1', 
    'author': 'BZ Group', 
    'category': 'System', 
    'sequence': 8, 
    'depends': [ 
     'base', 
     'account', 
     'project', 
     'account_analytic_analysis' 
    ], 
    'data': [ 
     'security/remake_security.xml', 
     'security/ir.model.access.csv', 
    ], 
    'installable': True, 
    'application': True, 
    'post_init_hook': 'set_account_analytic_account_project_id', 
} 

Remake/Init Py >>erfolgreich

# -*- coding: utf-8 -*- 
from . import account_analytic_project_id 
from .post_install import set_account_analytic_account_project_id 

Remake/account_analytic_project_id.py >>erfolgreich

# -*- coding: utf-8 -*- 

from openerp import fields, models, api 

class AccountAnalyticAccount(models.Model): 
    _inherit = 'account.analytic.account' 

    project_id = fields.Many2one(
     'project.project', 'Project', copy=False, 
     index=True) 


class ProjectProject(models.Model): 
    _name = 'project.project' 
    _inherit = 'project.project' 

    @api.model 
    @api.returns('self', lambda value: value.id) 
    def create(self, vals): 
     project = super(ProjectProject, self).create(vals) 
     project.analytic_account_id.sudo().write({'project_id': project.id}) 
     return project 

Remake/post_install.py >>erfolgreich

def set_account_analytic_account_project_id(cr, pool): 
    ''' 
     Initialize the project_id field in case the module is 
     installed when projects already exist 
    ''' 
    cr.execute(""" 
      update account_analytic_account 
       set project_id = (select id 
        from project_project where 
        analytic_account_id = account_analytic_account.id) 
     """) 
    return 

Remake/security/ir.model.access.csv >>erfolgreich

id,      name,     model_id:id,             group_id:id,perm_read,perm_write,perm_create,perm_unlink 
remake_g4_pr_pr,  remake_g4_pr.pr,  project.model_project_project,         remake.remake_g4,1,0,0,0 
remake_g4_ac_an_in_ln, remake_g4_ac.an.in.ln, account_analytic_analysis.model_account_analytic_invoice_line, remake.remake_g4,1,0,0,0 
remake_g4_ac_an_ac,  remake_g4_ac.an.ac,  analytic.model_account_analytic_account,      remake.remake_g4,1,0,0,0 
remake_g4_ac_ac,  remake_g4_ac.ac,  account.model_account_account,         remake.remake_g4,1,0,0,0 
remake_g4_pr_ac_an_ln, remake_g4_pr.ac.an.ln, account.model_project_account_analytic_line,     remake.remake_g4,1,0,0,0 
remake_g4_ac_in,  remake_g4_ac.in,  account.model_account_invoice,         remake.remake_g4,1,0,0,0 
remake_g4_ac_in_ln,  remake_g4_ac.in.ln,  account.model_account_invoice_line,        remake.remake_g4,1,0,0,0 

Remake/security/remake_security.xml >>need help: remake_g4_rule_account

<?xml version="1.0" encoding="utf-8" ?> 
- <openerp> 
- <data noupdate="0"> 

- <record id="remake_group_category" model="ir.module.category"> 
    <field name="name">Remake</field> 
    </record> 

- <record id="remake_g4" model="res.groups"> 
    <field name="name">Security Group IV</field> 
    <field name="implied_ids" eval="[(4, ref('base.group_user'))]" /> 
    <field name="category_id" ref="remake_group_category" /> 
</record> 


    <delete model="ir.rule" id="project.task_visibility_rule" /> 
    <delete model="ir.rule" id="project.project_public_members_rule" /> 

- <record model="ir.rule" id="remake_g4_rule_project"> 
    <field name="name">Remake group 4 project, member or follower: read</field> 
    <field name="model_id" ref="project.model_project_project" /> 
    <field name="domain_force">[ '|', '&', ('privacy_visibility', '=', 'employees'), ('members','in',[user.id]), '&', ('privacy_visibility', '=', 'followers'), ('message_follower_ids', 'in', [user.partner_id.id])]</field> 
    <field name="groups" eval="[(6,0,[ref('remake_g4')])]" /> 
    <field name="global" eval="False" /> 
    <field name="perm_read" eval="True" /> 
    <field name="perm_write" eval="False" /> 
    <field name="perm_create" eval="False" /> 
    <field name="perm_unlink" eval="False" /> 
    </record> 

- <!-- If uncomment this rule >> raise AccessError  
- <record model="ir.rule" id="remake_g4_rule_account"> 
    <field name="name">Remake group 4 account, member or follower: read</field> 
    <field name="model_id" ref="analytic.model_account_analytic_account" /> 
    <field name="domain_force">[ '|', '&', ('project_id.privacy_visibility', '=', 'employees'), ('project_id.members','in',[user.id]), '&', ('project_id.privacy_visibility', '=', 'followers'), ('project_id.message_follower_ids', 'in', [user.partner_id.id])]</field> 
    <field name="groups" eval="[(6,0,[ref('remake_g4')])]" /> 
    <field name="global" eval="False" /> 
    <field name="perm_read" eval="True" /> 
    <field name="perm_write" eval="False" /> 
    <field name="perm_create" eval="False" /> 
    <field name="perm_unlink" eval="False" /> 
    </record> --> 
</data> 
</openerp> 

---

Bei Umzug in Sales> Verträge:

Ergebnis: Access, Die angeforderte Operation kann nicht zu Restriktionsbeschränkung abgeschlossen werden. Bitte kontaktieren Sie Ihren Systemadministrator . (Dokumenttyp: account.analytic.account, Operation: Lese)

Answer 1

Sie benötigen Zugriffsregeln in ir.model.access.csv erstellen und Zugriffsregeln für das jeweilige Modell definieren und Gruppen- und CRUD-Zugriff. Das wird für Sie tun.