Skip to content

Commit

Permalink
[FIX] project: User following task can't edit it
Browse files Browse the repository at this point in the history 
Issue

	- Login as Mitchell Admin
	- In Projects module, Create a new project
	- Set Visibility to 'Invited employees'
	- Create new task and assign it to Mitchell Admin
	- Edit the task and add Marc Demo as follower
	- Login as Marc Demo
	- Go to the task previously created
	- Edit description and save

	IrRule Error

Cause

	Rule "Project: employees: following required for follower-only projects"
	allow only follower of project to read it.

Solution

	Add condition to domain to allow to read project if user follow
	task(s) in this project.

opw-2303443

closes odoo#55425

Signed-off-by: bon-odoo <[email protected]>
  • Loading branch information
@nboulif
nboulif committed Aug 6, 2020
1 parent b534c82 commit 844fdac
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 2 deletions.
5 changes: 3 additions & 2 deletions addons/project/security/project_security.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,9 +49,10 @@
<record model="ir.rule" id="project_public_members_rule">
<field name="name">Project: employees: following required for follower-only projects</field>
<field name="model_id" ref="model_project_project"/>
<field name="domain_force">['|',
<field name="domain_force">['|','|',
('privacy_visibility', '!=', 'followers'),
('message_partner_ids', 'in', [user.partner_id.id])
('message_partner_ids', 'in', [user.partner_id.id]),
('task_ids.message_partner_ids', 'in', [user.partner_id.id]),
]</field>
<field name="groups" eval="[(4, ref('base.group_user'))]"/>
</record>
Expand Down
26 changes: 26 additions & 0 deletions addons/project/tests/test_access_rights.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,10 @@ class TestPortalProjectBase(TestProjectBase):

def setUp(self):
super(TestPortalProjectBase, self).setUp()

user_group_employee = self.env.ref('base.group_user')
user_group_project_user = self.env.ref('project.group_project_user')

self.user_noone = self.env['res.users'].with_context({'no_reset_password': True, 'mail_create_nosubscribe': True}).create({
'name': 'Noemie NoOne',
'login': 'noemie',
Expand All @@ -18,6 +22,15 @@ def setUp(self):
'notification_type': 'email',
'groups_id': [(6, 0, [])]})

self.user_follower = self.env['res.users'].with_context({'no_reset_password': True, 'mail_create_nosubscribe': True}).create({
'name': 'Jack Follow',
'login': 'jack',
'email': '[email protected]',
'signature': '--\nJack',
'notification_type': 'email',
'groups_id': [(6, 0, [user_group_employee.id, user_group_project_user.id])]
})

self.task_3 = self.env['project.task'].with_context({'mail_create_nolog': True}).create({
'name': 'Test3', 'user_id': self.user_portal.id, 'project_id': self.project_pigs.id})
self.task_4 = self.env['project.task'].with_context({'mail_create_nolog': True}).create({
Expand All @@ -27,6 +40,8 @@ def setUp(self):
self.task_6 = self.env['project.task'].with_context({'mail_create_nolog': True}).create({
'name': 'Test5', 'user_id': False, 'project_id': self.project_pigs.id})

self.task_6.message_subscribe(partner_ids=[self.user_follower.partner_id.id])


class TestPortalProject(TestPortalProjectBase):

Expand Down Expand Up @@ -66,8 +81,19 @@ def test_followers_project_access_rights(self):
pigs = self.project_pigs
pigs.write({'privacy_visibility': 'followers'})

# Do: Jack reads project -> ok (task follower ok followers)
pigs.sudo(self.user_follower).read(['user_id'])
# Do: Jack edit project -> ko (task follower ko followers)
self.assertRaises(AccessError, pigs.sudo(self.user_follower).write, {'name': 'Test Follow not ok'})
# Do: Jack edit task not followed -> ko (task follower ko followers)
self.assertRaises(AccessError, self.task_5.sudo(self.user_follower).write, {'name': 'Test Follow not ok'})
# Do: Jack edit task followed-> ok (task follower ok followers)
self.task_6.sudo(self.user_follower).write({'name': 'Test Follow ok'})

# Do: Alfred reads project -> ko (employee ko followers)
pigs.task_ids.message_unsubscribe(partner_ids=[self.user_projectuser.partner_id.id])
self.assertRaises(AccessError, pigs.sudo(self.user_projectuser).read, ['user_id'])

# Test: no project task visible
tasks = self.env['project.task'].sudo(self.user_projectuser).search([('project_id', '=', pigs.id)])
self.assertEqual(tasks, self.task_1,
Expand Down

0 comments on commit 844fdac

Please sign in to comment.