From 503e12ae48b13868b12e3cb99b5eb5aba9337076 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Iv=C3=A1n=20Todorovich?= Date: Tue, 24 Apr 2018 20:51:03 -0300 Subject: [PATCH] [document_page_approval] FIX BUG: am_i_approver was being run as sudo(), hence always giving the user Approving rights. --- document_page_approval/models/document_page.py | 13 ++++++++----- .../models/document_page_history.py | 10 ++-------- 2 files changed, 10 insertions(+), 13 deletions(-) diff --git a/document_page_approval/models/document_page.py b/document_page_approval/models/document_page.py index 54c6937e..44c881c8 100644 --- a/document_page_approval/models/document_page.py +++ b/document_page_approval/models/document_page.py @@ -105,14 +105,17 @@ class DocumentPage(models.Model): # if it's not required, anyone can approve if not self.is_approval_required: return True - # to approve, you must have approver rights - approver_group_id = self.env.ref( - 'document_page_approval.group_document_approver_user') - if approver_group_id not in user.groups_id: + # if user belongs to 'Knowledge / Manager', he can approve anything + if user.has_group('document_page.group_document_manager'): + return True + # to approve, user must have approver rights + if not user.has_group( + 'document_page_approval.group_document_approver_user'): return False - # and belong to at least one of the approver_groups (if any is set) + # if there aren't any approver_groups_defined, user can approve if not self.approver_group_ids: return True + # to approve, user must belong to any of the approver groups return len(user.groups_id & self.approver_group_ids) > 0 @api.multi diff --git a/document_page_approval/models/document_page_history.py b/document_page_approval/models/document_page_history.py index 32c56f24..fd9bfc96 100644 --- a/document_page_approval/models/document_page_history.py +++ b/document_page_approval/models/document_page_history.py @@ -41,7 +41,8 @@ class DocumentPageHistory(models.Model): ) am_i_approver = fields.Boolean( - compute='_compute_am_i_approver' + related='page_id.am_i_approver', + related_sudo=False, ) page_url = fields.Text( @@ -151,13 +152,6 @@ class DocumentPageHistory(models.Model): for rec in self: rec.am_i_owner = (rec.create_uid == self.env.user) - @api.multi - def _compute_am_i_approver(self): - """check if current user is a approver""" - for rec in self: - rec.am_i_approver = rec.page_id.can_user_approve_this_page( - self.env.user) - @api.multi def _compute_page_url(self): """Compute the page url."""