Skip to content

Commit

Permalink
Merge pull request #732 from Tecnativa/11.0-sale_team_permission
Browse files Browse the repository at this point in the history
[11.0][MIG] sales_team_security: Adaptation to v11 + enhancement
  • Loading branch information
pedrobaeza authored Nov 13, 2018
2 parents b0f46f3 + 3e1ed52 commit 8b3ef3f
Show file tree
Hide file tree
Showing 18 changed files with 957 additions and 0 deletions.
134 changes: 134 additions & 0 deletions sales_team_security/README.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,134 @@
===============================================
Sales documents permissions by channels (teams)
===============================================

.. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!! This file is generated by oca-gen-addon-readme !!
!! changes will be overwritten. !!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
.. |badge1| image:: https://img.shields.io/badge/maturity-Production%2FStable-green.png
:target: https://odoo-community.org/page/development-status
:alt: Production/Stable
.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
:target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
:alt: License: AGPL-3
.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fsale--workflow-lightgray.png?logo=github
:target: https://github.com/OCA/sale-workflow/tree/11.0/sales_team_security
:alt: OCA/sale-workflow
.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
:target: https://translation.odoo-community.org/projects/sale-workflow-11-0/sale-workflow-11-0-sales_team_security
:alt: Translate me on Weblate
.. |badge5| image:: https://img.shields.io/badge/runbot-Try%20me-875A7B.png
:target: https://runbot.odoo-community.org/runbot/167/11.0
:alt: Try me on Runbot

|badge1| |badge2| |badge3| |badge4| |badge5|

This module adds a new group called "Channel manager", that includes
the proper permissions for showing only the information related to that
channel:

* Leads/Opportunities
* Customers
* Quotations/Sales Orders

It also handles the propagation of the sales team from commercial partners to
the contacts, which standard doesn't do.

And finally, there are rules for partners to be restricted to the own ones for
the group "User: Own Documents Only" for being coherent with the permission
scheme.

REMARK: partner restrictions won't work unless you touch in the DB an existing
record rule. See more details in Know issues section.

**Table of contents**

.. contents::
:local:

Installation
============

At installation time, this module sets in all the contacts that have the sales
team empty the sales team of the parent. If you have a lot of contacts, this
operation can take a while.

Configuration
=============

#. Go to *Configuration > Users & Companies > Users*.
#. Open or create a user.
#. On the section "Application Accesses", select "Channel Manager" option in
"Sales" part.

Known issues / Roadmap
======================

* For restricting partners access, you have to disable or edit the existing
rule "res.partner.rule.private.employee" to something similar to:

.. code-block:: python
[('message_follower_ids', 'in', user.partner_id.ids),
'|', ('type', '!=', 'private'), ('type', '=', False)]
* This module modifies sales security groups hierarchy, so any other module
doing something similar might conflict with this one.
* This module is designed for supporting only sales part, so someone that has
access to other Odoo parts (for example, an accountant), shouldn't have this
new permission, or some access errors will be found when seeing invoices and
other documents. A `sales_team_security_account` bridge module can be done
for fixing this case, but not in the case of other parts like warehouse.
* Split the module in 2 as now `crm` is independent.

Bug Tracker
===========

Bugs are tracked on `GitHub Issues <https://github.com/OCA/sale-workflow/issues>`_.
In case of trouble, please check there if your issue has already been reported.
If you spotted it first, help us smashing it by providing a detailed and welcomed
`feedback <https://github.com/OCA/sale-workflow/issues/new?body=module:%20sales_team_security%0Aversion:%2011.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.

Do not contact contributors directly about support or help with technical issues.

Credits
=======

Authors
~~~~~~~

* Tecnativa

Contributors
~~~~~~~~~~~~

* `Tecnativa <https://www.tecnativa.com>`__:

* Pedro M. Baeza

Maintainers
~~~~~~~~~~~

This module is maintained by the OCA.

.. image:: https://odoo-community.org/logo.png
:alt: Odoo Community Association
:target: https://odoo-community.org

OCA, or the Odoo Community Association, is a nonprofit organization whose
mission is to support the collaborative development of Odoo features and
promote its widespread use.

.. |maintainer-pedrobaeza| image:: https://github.com/pedrobaeza.png?size=40px
:target: https://github.com/pedrobaeza
:alt: pedrobaeza

Current `maintainer <https://odoo-community.org/page/maintainer-role>`__:

|maintainer-pedrobaeza|

This module is part of the `OCA/sale-workflow <https://github.com/OCA/sale-workflow/tree/11.0/sales_team_security>`_ project on GitHub.

You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
4 changes: 4 additions & 0 deletions sales_team_security/__init__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).

from . import models
from .hooks import post_init_hook
26 changes: 26 additions & 0 deletions sales_team_security/__manifest__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
# Copyright 2016-2018 Tecnativa - Pedro M. Baeza
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).

{
"name": "Sales documents permissions by channels (teams)",
"summary": "New group for seeing only sales channel's documents",
"version": "11.0.1.0.0",
"category": "Sales",
"website": "https://github.com/OCA/sale-workflow",
"author": "Tecnativa, Odoo Community Association (OCA)",
"license": "AGPL-3",
"installable": True,
"development_status": "Production/Stable",
"maintainers": [
"pedrobaeza",
],
"depends": [
"crm",
"sale",
],
"data": [
"security/sales_team_security.xml",
"views/res_partner_view.xml",
],
"post_init_hook": "post_init_hook",
}
17 changes: 17 additions & 0 deletions sales_team_security/hooks.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
# Copyright 2018-2016 Tecnativa - Pedro M. Baeza
# License AGPL-3 - See http://www.gnu.org/licenses/agpl-3.0.html


def post_init_hook(cr, registry):
"""At installation time, propagate the parent sales team to the children
contacts that have this field empty, as it's supposed that the intention
is to have the same.
"""
cr.execute(
"""UPDATE res_partner
SET team_id=parent.team_id
FROM res_partner AS parent
WHERE parent.team_id IS NOT NULL
AND res_partner.parent_id = parent.id
AND res_partner.team_id IS NULL"""
)
31 changes: 31 additions & 0 deletions sales_team_security/i18n/es.po
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# Translation of Odoo Server.
# This file contains the translation of the following modules:
# * sales_team_security
#
msgid ""
msgstr ""
"Project-Id-Version: Odoo Server 11.0\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2018-11-05 23:50+0000\n"
"PO-Revision-Date: 2018-11-05 23:50+0000\n"
"Last-Translator: <>\n"
"Language-Team: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: \n"
"Plural-Forms: \n"

#. module: sales_team_security
#: model:res.groups,name:sales_team_security.group_sale_team_manager
msgid "Channel Manager"
msgstr "Responsable de canal"

#. module: sales_team_security
#: model:ir.model,name:sales_team_security.model_res_partner
msgid "Contact"
msgstr "Contacto"

#. module: sales_team_security
#: model:res.groups,comment:sales_team_security.group_sale_team_manager
msgid "the user will have an access to the documents of the sales channels he/she belongs to."
msgstr "el usuario tendrá acceso a los documentos del canal al que pertenezca."
31 changes: 31 additions & 0 deletions sales_team_security/i18n/sales_team_security.pot
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# Translation of Odoo Server.
# This file contains the translation of the following modules:
# * sales_team_security
#
msgid ""
msgstr ""
"Project-Id-Version: Odoo Server 11.0\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2018-11-05 23:50+0000\n"
"PO-Revision-Date: 2018-11-05 23:50+0000\n"
"Last-Translator: <>\n"
"Language-Team: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: \n"
"Plural-Forms: \n"

#. module: sales_team_security
#: model:res.groups,name:sales_team_security.group_sale_team_manager
msgid "Channel Manager"
msgstr ""

#. module: sales_team_security
#: model:ir.model,name:sales_team_security.model_res_partner
msgid "Contact"
msgstr ""

#. module: sales_team_security
#: model:res.groups,comment:sales_team_security.group_sale_team_manager
msgid "the user will have an access to the documents of the sales channel he/she belongs to."
msgstr ""
3 changes: 3 additions & 0 deletions sales_team_security/models/__init__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).

from . import res_partner
40 changes: 40 additions & 0 deletions sales_team_security/models/res_partner.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
# Copyright 2016-2018 Tecnativa - Pedro M. Baeza
# License AGPL-3 - See http://www.gnu.org/licenses/agpl-3.0.html

from odoo import api, models
from lxml import etree


class ResPartner(models.Model):
_inherit = 'res.partner'

@api.model
def fields_view_get(self, view_id=None, view_type='form', toolbar=False,
submenu=False):
"""Patch view to inject the default value for the team_id and user_id.
"""
# FIXME: Use base_view_inheritance_extension when available
res = super().fields_view_get(
view_id=view_id, view_type=view_type, toolbar=toolbar,
submenu=submenu,
)
if view_type == 'form':
eview = etree.fromstring(res['arch'])
xml_fields = eview.xpath("//field[@name='child_ids']")
if xml_fields:
context_str = xml_fields[0].get('context', '{}').replace(
'{',
"{'default_team_id': team_id, 'default_user_id': user_id,",
1,
)
xml_fields[0].set('context', context_str)
res['arch'] = etree.tostring(eview)
return res

@api.onchange('parent_id')
def _onchange_parent_id_sales_team_security(self):
"""If assigning a parent partner and the contact doesn't have
team, we put the parent's one (if any).
"""
if self.parent_id and self.parent_id.team_id and not self.team_id:
self.team_id = self.parent_id.team_id.id
4 changes: 4 additions & 0 deletions sales_team_security/readme/CONFIGURE.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
#. Go to *Configuration > Users & Companies > Users*.
#. Open or create a user.
#. On the section "Application Accesses", select "Channel Manager" option in
"Sales" part.
3 changes: 3 additions & 0 deletions sales_team_security/readme/CONTRIBUTORS.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
* `Tecnativa <https://www.tecnativa.com>`__:

* Pedro M. Baeza
17 changes: 17 additions & 0 deletions sales_team_security/readme/DESCRIPTION.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
This module adds a new group called "Channel manager", that includes
the proper permissions for showing only the information related to that
channel:

* Leads/Opportunities
* Customers
* Quotations/Sales Orders

It also handles the propagation of the sales team from commercial partners to
the contacts, which standard doesn't do.

And finally, there are rules for partners to be restricted to the own ones for
the group "User: Own Documents Only" for being coherent with the permission
scheme.

REMARK: partner restrictions won't work unless you touch in the DB an existing
record rule. See more details in Know issues section.
3 changes: 3 additions & 0 deletions sales_team_security/readme/INSTALL.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
At installation time, this module sets in all the contacts that have the sales
team empty the sales team of the parent. If you have a lot of contacts, this
operation can take a while.
16 changes: 16 additions & 0 deletions sales_team_security/readme/ROADMAP.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
* For restricting partners access, you have to disable or edit the existing
rule "res.partner.rule.private.employee" to something similar to:

.. code-block:: python
[('message_follower_ids', 'in', user.partner_id.ids),
'|', ('type', '!=', 'private'), ('type', '=', False)]
* This module modifies sales security groups hierarchy, so any other module
doing something similar might conflict with this one.
* This module is designed for supporting only sales part, so someone that has
access to other Odoo parts (for example, an accountant), shouldn't have this
new permission, or some access errors will be found when seeing invoices and
other documents. A `sales_team_security_account` bridge module can be done
for fixing this case, but not in the case of other parts like warehouse.
* Split the module in 2 as now `crm` is independent.
Loading

0 comments on commit 8b3ef3f

Please sign in to comment.