NeoAnd/knowledge
1
0
Fork 0
mirror of https://github.com/OCA/knowledge.git synced 2025-07-14 01:41:26 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity

[knowledge][11.0.3.0.0] - add security for access to ir.attachment.

Browse Source 
Otherwise the module grants too wide permissions for all users.
This commit is contained in:
Jordi Ballester Alomar 2019-02-28 11:06:23 +01:00 committed by Khôi (Kiên Kim)
parent 6fac6414ca
commit 8e43688530
9 changed files with 51 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
document_knowledge/__manifest__.py
View File

@ -2,10 +2,11 @@
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
{ {
"name": "Knowledge Management System", "name": "Knowledge Management System",
"version": "11.0.2.0.0", "version": "11.0.3.0.0",
"author": "OpenERP SA," "author": "OpenERP SA,"
"MONK Software, " "MONK Software, "
"Tecnativa, " "Tecnativa, "
"Eficent, "
"Odoo Community Association (OCA)", "Odoo Community Association (OCA)",
"category": "Knowledge", "category": "Knowledge",
"license": "AGPL-3", "license": "AGPL-3",

8
document_knowledge/models/res_config.py
View File

@ -9,11 +9,17 @@ class KnowledgeConfigSettings(models.TransientModel):
_inherit = 'res.config.settings' _inherit = 'res.config.settings'
module_document = fields.Boolean( module_document = fields.Boolean(
'Manage documents', 'Attachments List and Document Indexation',
help='Document indexation, full text search of attachements.\n' help='Document indexation, full text search of attachements.\n'
'- This installs the module document.' '- This installs the module document.'
) )
group_ir_attachment_user = fields.Boolean(
string='Central access to Documents',
help="When you set this field all users will be able to manage "
"attachments centrally, from the Knowledge/Documents menu.",
implied_group='knowledge.group_ir_attachment_user')
module_document_page = fields.Boolean( module_document_page = fields.Boolean(
'Manage document pages (Wiki)', 'Manage document pages (Wiki)',
help='Provide document page and category as a wiki.\n' help='Provide document page and category as a wiki.\n'

20
document_knowledge/readme/CONFIGURE.rst Normal file
View File

@ -0,0 +1,20 @@
To set up this module, you need to go to:
* Knowledge / Configuration / Settings
From this menu you'll have a central access to install the apps that belong
to Knowledge.
* Check *Attachments List and Document Indexation* if you want to install the
module that allows users to attach documents to any model.
* Check *Manage attachments centrally* if you want all users to be able to
access to the all attachments to which they have read permissions, from the
menu *Knowledge / Documents*
If you want to grant Central Access to Documents only to some users:
#. Go to *Settings/Activate the developer mode*. Only a user with
*Administration / Settings* permissions can do that.
#. Go to *Settings / Users & Companies / Users* and set the checkbox
*Central access to Documents* to the selected users.

1
document_knowledge/readme/CONTRIBUTORS.rst
View File

@ -6,3 +6,4 @@
* Fayez Qandeel * Fayez Qandeel
* Vicent Cubells <vicent.cubells@tecnativa.com> * Vicent Cubells <vicent.cubells@tecnativa.com>
* Iván Todorovich <ivan.todorovich@gmail.com> * Iván Todorovich <ivan.todorovich@gmail.com>
* Jordi Ballester <jordi.ballester@eficent.com>

2
document_knowledge/readme/ROADMAP.rst
View File

@ -1,2 +0,0 @@
* Migrate related modules to v11 and add options in the settings as soon as
they are installable.

6
document_knowledge/readme/USAGE.rst
View File

@ -1,3 +1,5 @@
To use this module, you need to: This module adds a new top level menu *Knowledge*
* Go to Knowledge / Configuration / Settings Users with permission *Central access to Documents* can access in
*Knowledge/Documents* to all the documents attached to records of any model
for which they have read permission.

6
document_knowledge/security/knowledge_security.xml
View File

@ -7,4 +7,10 @@
<field name="users" eval="[(4, ref('base.user_root'))]"/> <field name="users" eval="[(4, ref('base.user_root'))]"/>
</record> </record>
<record id="group_ir_attachment_user" model="res.groups">
<field name="name">Central access to Documents</field>
<field name="category_id" ref="base.module_category_hidden"/>
<field name="implied_ids" eval="[(4, ref('group_document_user'))]"/>
</record>
</odoo> </odoo>

4
document_knowledge/views/knowledge.xml
View File

@ -37,9 +37,9 @@
<menuitem <menuitem
id="menu_document_section" id="menu_document_section"
name="Documents" name="Documents"
groups="knowledge.group_document_user" groups="knowledge.group_ir_attachment_user"
parent="menu_document_root" parent="menu_document_root"
sequence="10"/> sequence="150"/>
<menuitem <menuitem
id="menu_document" id="menu_document"

10
document_knowledge/views/res_config.xml
View File

@ -21,6 +21,14 @@
<label for="module_document"/> <label for="module_document"/>
</div> </div>
</div> </div>
<div class="col-xs-12 col-md-12 o_setting_box">
<div class="o_setting_left_pane">
<field name="group_ir_attachment_user"/>
</div>
<div class="o_setting_right_pane">
<label for="group_ir_attachment_user"/>
</div>
</div>
<div class="col-xs-12 col-md-12 o_setting_box"> <div class="col-xs-12 col-md-12 o_setting_box">
<div class="o_setting_left_pane"> <div class="o_setting_left_pane">
<field name="module_document_page"/> <field name="module_document_page"/>
@ -75,7 +83,7 @@
name="Configuration" name="Configuration"
parent="menu_document_root" parent="menu_document_root"
groups="base.group_system" groups="base.group_system"
sequence="50"/> sequence="200"/>
<menuitem id="menu_knowledge_configuration" <menuitem id="menu_knowledge_configuration"
name="Settings" name="Settings"
parent="menu_document_configuration" parent="menu_document_configuration"