Review: Needs Fixing
I agree with Stefan, this is definitely not correct. The issue is not about
changing the semantics of the combination of rules, it is only about being sure
a user does not get rules applied from a group he does not actually belong to.
As Lorenzo explained in the bug report, at line 117 there is an iteration on
the rule's groups, but obviously this could include groups the user does not
belong to! So we just need to filter out the groups that are irrelevant to the
user.
For example, say you have user U1 who belongs to group G1, and say rule R1 is
linked to groups G1 and G2. When iterating on R1's groups for user U1, we will
see G1 _and_ G2, and consider U1 a member of both groups, which leads to
mistakes.
This is better explained with code, so here's an unverified, dumb patch to
illustrate the desired result:
=== modified file 'bin/addons/base/ir/ir_rule.py'
--- bin/addons/base/ir/ir_rule.py 2011-03-02 11:08:16 +0000
+++ bin/addons/base/ir/ir_rule.py 2011-05-18 12:25:41 +0000
@@ -115,7 +115,9 @@
if ids:
for rule in self.browse(cr, uid, ids):
for group in rule.groups:
- group_rule.setdefault(group.id, []).append(rule.id)
+ # filter out irrelevant groups!
+ if uid in [u.id for u in group.users]:
+ group_rule.setdefault(group.id, []).append(rule.id)
if not rule.groups:
global_rules.append(rule.id)
global_domain = self.domain_create(cr, uid, global_rules)
--
https://code.launchpad.net/~openerp-dev/openobject-server/6.0-opw-5692-ach/+merge/61101
Your team OpenERP R&D Team is subscribed to branch
lp:~openerp-dev/openobject-server/6.0-opw-5692-ach.
_______________________________________________
Mailing list: https://launchpad.net/~openerp-dev-web
Post to : [email protected]
Unsubscribe : https://launchpad.net/~openerp-dev-web
More help : https://help.launchpad.net/ListHelp
