Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[11.0][MIG] sales_team_security: Adaptation to v11 + enhancement #732

Merged
merged 2 commits into from
Nov 13, 2018
Merged

[11.0][MIG] sales_team_security: Adaptation to v11 + enhancement #732

merged 2 commits into from
Nov 13, 2018

Conversation

pedrobaeza
Copy link
Member

Sales documents permissions by channels (teams)

This module adds a new group called "Channel manager", that includes
the proper permissions for showing only the information related to that
channel:

  • Leads/Opportunities
  • Customers
  • Quotations/Sales Orders

It also handles the propagation of the sales team from commercial partners to
the contacts, which standard doesn't do.

And finally, partners are restricted to the own ones for the group
"User: Own Documents Only" for being coherent with the permission scheme.

Installation

At installation time, this module sets in all the contacts that have the sales
team empty the sales team of the parent. If you have a lot of contacts, this
operation can take a while.

Configuration

  • Go to Configuration > Users & Companies > Users.
  • Open or create a user.
  • On the section "Application Accesses", select "Channel Manager" option.

Known issues / Roadmap

  • This module modifies sales security groups hierarchy, so any other module
    doing something similar might conflict with this one.
  • This module is designed for supporting only sales part, so someone that has
    access to other Odoo parts (for example, an accountant), shouldn't have this
    new permission, or some access errors will be found when seeing invoices and
    other documents. A sales_team_security_account bridge module can be done
    for fixing this case, but not in the case of other parts like warehouse.
  • Split the module in 2 as now crm is independent.

@pedrobaeza
[ADD] sales_team_security
166f065 
==============================
Security rules for sales teams
==============================

This module sets different permissions levels for accessing sales and CRM
records based on the sales team: customers, sales orders, leads, opportunities,
phone calls and sales teams.

It also handles the propagation of the sales team from commercial partners to
the contacts, which standard doesn't make.

Installation
============

At installation time, this module sets int all the contacts that have the sales
team empty the sales team of the parent. If you have a lot of contacts, this
operation can take a while.

Usage
=====

On the user configuration (Configuration > Users > Users), select in the
*Sales Team* section the option "See only own team". Then, the documents
mentioned before will be filtered out to have only those belonging to the
teams the user belongs to.

This is complementary to the Sales level access, but sometimes can be
incoherent depending on the combination chosen. If you chose "See Own Leads"
on _Sales_ section, marking on unmarking the sales team check will be
irrelevant, because the most restricting level, which the sales one, will
prevail.

Known issues/Roadmap
====================

* This module is designed for supporting only sales part, so someone that has
  access to other Odoo parts (for example, an accountant), shouldn't have
  this new permission, or some access errors will be found when seeing invoices
  and other documents. A _sales_team_security_account_ bridge module can be
  done for fixing this case, but not in the case of for example warehouse.
@pedrobaeza pedrobaeza added this to the 11.0 milestone Nov 5, 2018
@pedrobaeza
Copy link
Member Author

@ernestotejeda please review

@pedrobaeza pedrobaeza force-pushed the 11.0-sale_team_permission branch from 3b06697 to b2dbbf1 Compare November 6, 2018 11:10
cristinamartinrod
cristinamartinrod approved these changes Nov 6, 2018
View reviewed changes
Copy link
Member

@cristinamartinrod cristinamartinrod left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Works perfect on Leads, Pipeline and Quotations. 👍🏻

sales_team_security/readme/CONFIGURE.rst Outdated Show resolved Hide resolved
ernestotejeda
ernestotejeda reviewed Nov 7, 2018
View reviewed changes
Copy link
Member

@ernestotejeda ernestotejeda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Error when accessing a client's form, even if I access as administrator

ernestotejeda
ernestotejeda reviewed Nov 7, 2018
View reviewed changes
Copy link
Member

@ernestotejeda ernestotejeda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In the readme it says that the group "User: Own Documents Only" shows those clients who have the user in 'Salesperson'' field, or do not have an assigned Salesperson, however, when I try to reproduce this, also shows clients who have others users in 'Salesperson' field.

ernestotejeda
ernestotejeda reviewed Nov 7, 2018
View reviewed changes
Copy link
Member

@ernestotejeda ernestotejeda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For Leads, Pipeline and Quotations I think it works well

oihane
oihane approved these changes Nov 7, 2018
View reviewed changes
Copy link
Contributor

@oihane oihane left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@pedrobaeza pedrobaeza force-pushed the 11.0-sale_team_permission branch from c352c31 to e1e34fc Compare November 7, 2018 18:48
@pedrobaeza
Copy link
Member Author

@ernestotejeda thanks for the remarks. I have modified some things according your comments and there are something that should be done in the DB. An alternative solution would be to overwrite some _check_* method in the ORM for doing that, but it's not worth being possible to do it simply modifying the record rule in the DB.

@pedrobaeza pedrobaeza force-pushed the 11.0-sale_team_permission branch 2 times, most recently from db62299 to 2a54b4c Compare November 8, 2018 17:05
@pedrobaeza pedrobaeza force-pushed the 11.0-sale_team_permission branch from 2a54b4c to 3e1ed52 Compare November 8, 2018 18:08
@pedrobaeza pedrobaeza merged commit 8b3ef3f into OCA:11.0 Nov 13, 2018
@pedrobaeza pedrobaeza deleted the 11.0-sale_team_permission branch November 13, 2018 17:05
@emagdalenaC2i emagdalenaC2i mentioned this pull request Dec 29, 2018
Closed
65 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ernestotejeda ernestotejeda ernestotejeda approved these changes

@cristinamartinrod cristinamartinrod cristinamartinrod approved these changes

@oihane oihane oihane approved these changes

Assignees
No one assigned
Labels
needs review
Projects
None yet
Milestone
11.0
Development

Successfully merging this pull request may close these issues.
4 participants
@pedrobaeza @oihane @cristinamartinrod @ernestotejeda