You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The current implementation defaults to the "read" mode when checking access permissions, which inadvertently grants users access to write, create, and unlink operations if they already have read access.
@api.model
def check(self, model, mode='read', raise_exception=True):
"""Overrides the default check method to allow
only read access to the user."""
model_name = ['res.users.log', 'mail.channel', 'mail.alias',
'bus.presence', 'res.lang',
'mail.channel.member']
res = super().check(model, mode, raise_exception=raise_exception)
if self.env.user.has_group('odoo_readonly_user.group_users_readonly') \
and model not in model_name and mode in (
'write', 'create', 'unlink'):
return False
return res
The text was updated successfully, but these errors were encountered:
The current implementation defaults to the "read" mode when checking access permissions, which inadvertently grants users access to write, create, and unlink operations if they already have read access.
https://github.com/CybroOdoo/CybroAddons/blame/29df15e9050eeeb889bc234884eb8a11a3e7a23a/odoo_readonly_user/models/ir_model_access.py#L30-L42
Suggested code:
The text was updated successfully, but these errors were encountered: