Hi, I'm facing an issue with the access right. Here is a summary of the issue:
The access rights are enforced in Tryton in the CRWD methods, this
means that everywhere those rights are enforced except if the
context is switched to root.
So the problem is that most of the time, the developper forget about
this when writing code by assuming he will have access to
everything.
For example in account_stock_anglo_saxon:
The opening of invoice needs to read the moves via the
sale/purchase, but the user could have only access to account
stuffs.
I see two solutions to this issue:
- Using the root context switching in the code everywhere it is
needed based on the default access right define in Tryton.
This means the developper must take care of this everytime he
write code. This is a little bit constraining but it has the
advantage to execute the smaller part of the code as root.
- Remove the access right from within the CRUD to move it just on
the rpc calls and run all the code as root.
This has the advantage to be simple but it is a bad design for
security principle to run the least possible code as root.
So I would like to collect thoughts about this topic to decide how to
fix "account_stock_anglo_saxon" and the future issues.
--
Cédric Krier
B2CK SPRL
Rue de Rotterdam, 4
4000 Liège
Belgium
Tel: +32 472 54 46 59
Email/Jabber: [email protected]
Website: http://www.b2ck.com/
pgpxylZFQmMAZ.pgp
Description: PGP signature
