A Dimecres, 23 de maig de 2012 18:06:04, Cédric Krier va escriure: > On 23/05/12 17:55 +0200, Albert Cervera i Areny wrote: > > A Divendres, 18 de maig de 2012 12:03:02, Cédric Krier va escriure: > > > I see two solutions to this issue: > > > - Using the root context switching in the code everywhere it is > > > > > > needed based on the default access right define in Tryton. > > > This means the developper must take care of this everytime he > > > write code. This is a little bit constraining but it has the > > > advantage to execute the smaller part of the code as root. > > > > > > - Remove the access right from within the CRUD to move it just on > > > > > > the rpc calls and run all the code as root. > > > This has the advantage to be simple but it is a bad design for > > > security principle to run the least possible code as root. > > > > I think there's a third option. We can add a new boolean field called > > "Use root context" to the new button access rights model that was > > introduced in 2.4. If this fields is set to True, the decorator of the > > button will use the root context. If not, it will work as it currently > > does. > > It is not only linked to the button methods. Some method could be > triggered by a CRUD operation.
But, we could add the button decorator to the triggered method. -- Albert Cervera i Areny http://www.NaN-tic.com Tel: +34 93 553 18 03 http://twitter.com/albertnan http://www.nan-tic.com/blog -- [email protected] mailing list
