On 23/05/12 17:55 +0200, Albert Cervera i Areny wrote: > A Divendres, 18 de maig de 2012 12:03:02, Cédric Krier va escriure: > > I see two solutions to this issue: > > > > - Using the root context switching in the code everywhere it is > > needed based on the default access right define in Tryton. > > This means the developper must take care of this everytime he > > write code. This is a little bit constraining but it has the > > advantage to execute the smaller part of the code as root. > > > > - Remove the access right from within the CRUD to move it just on > > the rpc calls and run all the code as root. > > This has the advantage to be simple but it is a bad design for > > security principle to run the least possible code as root. > > > > I think there's a third option. We can add a new boolean field called "Use > root > context" to the new button access rights model that was introduced in 2.4. If > this fields is set to True, the decorator of the button will use the root > context. If not, it will work as it currently does.
It is not only linked to the button methods. Some method could be triggered by a CRUD operation. -- Cédric Krier B2CK SPRL Rue de Rotterdam, 4 4000 Liège Belgium Tel: +32 472 54 46 59 Email/Jabber: [email protected] Website: http://www.b2ck.com/
pgpJzbNdoT9wI.pgp
Description: PGP signature
