From 0e79e6f0e39d3c4738f9a2fa28e760220c0d8956 Mon Sep 17 00:00:00 2001
From: Jonatan Cloutier <jonatan.cloutier@savoirfairelinux.com>
Date: Mon, 10 Jun 2013 13:19:04 -0400
Subject: [PATCH] add access validation to approval (../7.0pageapproval/ rev 8)

---
 document_page_approval/__openerp__.py            |  4 ++++
 document_page_approval/document_page_approval.py | 11 +++++++----
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/document_page_approval/__openerp__.py b/document_page_approval/__openerp__.py
index 92c1f2f3..efb3c3a7 100644
--- a/document_page_approval/__openerp__.py
+++ b/document_page_approval/__openerp__.py
@@ -34,5 +34,9 @@ Add a workflow to approve page modification and show the approved version by def
     'installable': True,
     'auto_install': False,
     'images': [],
+    'data': [
+        'security/document_page_security.xml',
+        'security/ir.model.access.csv',
+        ]
 }
 # vim:expandtab:smartindent:tabstop=4:softtabstop=4:shiftwidth=4:
diff --git a/document_page_approval/document_page_approval.py b/document_page_approval/document_page_approval.py
index 4344e386..1c501b33 100644
--- a/document_page_approval/document_page_approval.py
+++ b/document_page_approval/document_page_approval.py
@@ -35,10 +35,11 @@ class document_page_history_wkfl(orm.Model):
                                   })
         return True
     
-    def _is_parent_approval_required(self, cr, uid, ids, name, args, context=None):
-        res = {}
+    def can_user_approve_page(self, cr, uid, ids, name, args, context=None):
+        user = self.pool.get('res.users').browse(cr,uid,uid)
         for page in self.browse(cr, uid, ids, context=context):
-            res[page.id] = page.page_id.is_parent_approval_required
+            res[page.id] = page.approver_gid in user.groups_id
+        
         return res
         
     _columns = {
@@ -47,7 +48,9 @@ class document_page_history_wkfl(orm.Model):
             ('approved','Approved')], 'Status', readonly=True),
         'approved_date': fields.datetime("Approved Date"),
         'approved_uid': fields.many2one('res.users', "Approved By"),
-        'is_parent_approval_required': fields.function(_is_parent_approval_required, string="parent approval", type='boolean'),
+        'is_parent_approval_required': fields.related('page_id', 'is_parent_approval_required', string="parent approval", type='boolean', store=False),
+        'approver_gid': fields.related('page_id', 'approver_gid', string="Approver group", type='many2one', relation='res.groups', store=False),
+        'can_user_approve_page': fields.function(can_user_approve_page, string="can user approve this page", type='boolean'),
         }