I have a doubt about security groups in Odoo 8, I will show a simple example to make it more understandable:
I have created two new models, Mother and Child. The relationship between them is that a mother can have several children, but a child will only have one mother. Therefore, we have an One2many
field pointing to Child (named child_ids
) in Mother, and a Many2one
pointing to Mother (named mother_id
) in Child.
Now, I have an user who can create some children, but not mothers. When he creates a child, he will only be able to select between a mother already created by other users with more privileges.
The problem
When this user creates the child, a security error raises telling that the user belongs to a group which cannot modify the Mother model. I think this is due to that when a child is created, the field child_ids
of Mother is automatically modified.
Temporal solution
For the moment I have solved this giving writing permissions in Mother model to the group of the mentioned user. Because of this, when the user opens the form to create a child and selects a mother in mother_id
, the open and edit icon is shown beside it. If the user clicks on it, he can modify the mother freely, which I do not want. I have hidden that icon, but due to this nobody can modify the mother from here, which I do not want neither. In addition to this, if the field mother_id
appeared in other part which I did not know, the open and edit icon would not even be hidden.
Note
In the real case, I have not even created the field child_ids
in Mother, I mean, I have only declared the Many2one mother_id
in Child, but it seems that the program knows that an One2many
field should exist in Mother, so I get the error mentioned above if I do not modify the writing permissions.
I have simplified my code and the problem is still there. Below you can read the whole code, I do not have anymore. If I remove the line related='mother_id.is_a_good_mother',
from the field has_a_good_mother
of Child, the ORM method write of Mother is not called (which is what I need).
Can anyone help me? Do you know how to achieve my purpose?
Python code
class mother(models.Model): _name = 'mother' name = fields.Char(string='Name', size=64, required=True) is_a_good_mother = fields.Boolean(string='Is a good mother?') @api.multi def write(self, vals): _logger.info('I DO NOT KNOW WHY WHEN CREATING A CHILD THIS ORM ' 'METHOD IS BEING EXECUTED, RECEIVING THE KEY ' 'is_a_good_mother') return super(mother, self).write(vals) class child(models.Model): _name = 'child' mother_id = fields.Many2one(comodel_name='mother', string='Mother', ondelete='cascade') has_a_good_mother = fields.Boolean( string='Does the child have a good mother?', related='mother_id.is_a_good_mother', related_sudo=True) @api.one def create_child(self): return { 'type': 'ir.actions.act_window_close', }
XML code
<?xml version="1.0" encoding="utf-8"?> <openerp> <data> <record id="child_create_form_view" model="ir.ui.view"> <field name="name">child.create.form</field> <field name="model">child</field> <field name="type">form</field> <field name="arch" type="xml"> <form string="A child"> <group> <group col="2"> <field name="id" invisible="1" /> <field name="mother_id" required="1" options="{'no_open': True}" /> </group> <group col="2"> <field name="has_a_good_mother" invisible="1"/> </group> </group> <footer attrs="{'invisible': [('id','!=',False)]}"> <button name="create_child" string="Create" type="object" class="oe_highlight" /> or <button string="Discard" class="oe_link" special="cancel" /> </footer> </form> </field> </record> <record id="action_child_create_form" model="ir.actions.act_window"> <field name="name">Create child</field> <field name="type">ir.actions.act_window</field> <field name="res_model">child</field> <field name="view_type">form</field> <field name="view_mode">form</field> <field name="view_id" ref="child_create_form_view" /> <field name="target">new</field> </record> <record id="res_partner_test_view" model="ir.ui.view"> <field name="name">res.partner.test.form</field> <field name="model">res.partner</field> <field name="inherit_id" ref="base_location.view_partner_form" /> <field name="type">form</field> <field name="arch" type="xml"> <xpath expr="//field[@name='website']" position="after"> <button name="%(test.action_child_create_form)d" string="Create child" type="action" class="oe_highlight oe_edit_only" /> </xpath> </field> </record> </data> </openerp>