mirror of
https://github.com/bringout/oca-ocb-core.git
synced 2026-04-20 08:12:09 +02:00
19.0 vanilla
This commit is contained in:
Ernad Husremovic
parent
d1963a3c3a
commit
2d3ee4855a
7430 changed files with 2687981 additions and 2965473 deletions
|
|
@ -1,69 +1,70 @@
|
|||
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
|
||||
access_fetchmail_server,fetchmail.server,model_fetchmail_server,base.group_system,1,1,1,1
|
||||
access_mail_message_all,mail.message.all,model_mail_message,,1,0,0,0
|
||||
access_mail_message_all,mail.message.all,model_mail_message,base.group_public,1,0,0,0
|
||||
access_mail_message_portal,mail.message.portal,model_mail_message,base.group_portal,1,1,1,1
|
||||
access_mail_message_user,mail.message.user,model_mail_message,base.group_user,1,1,1,1
|
||||
access_mail_message_scheduled_all,mail.message.scheduled.all,model_mail_message_schedule,,0,0,0,0
|
||||
access_mail_message_scheduled_system,mail.message.scheduled.system,model_mail_message_schedule,base.group_system,1,1,1,1
|
||||
access_mail_mail_all,mail.mail.all,model_mail_mail,,0,0,0,0
|
||||
access_mail_mail_portal,mail.mail.portal,model_mail_mail,base.group_portal,0,0,0,0
|
||||
access_mail_mail_user,mail.mail.user,model_mail_mail,base.group_user,0,0,0,0
|
||||
access_mail_mail_system,mail.mail.system,model_mail_mail,base.group_system,1,1,1,1
|
||||
access_mail_followers_all,mail.followers.all,model_mail_followers,,0,0,0,0
|
||||
access_mail_followers_user,mail.followers.user,model_mail_followers,base.group_user,1,0,0,0
|
||||
access_mail_followers_system,mail.followers.system,model_mail_followers,base.group_system,1,1,1,1
|
||||
access_mail_notification_portal,mail.notification.portal,model_mail_notification,base.group_portal,1,0,0,0
|
||||
access_mail_notification_user,mail.notification.user,model_mail_notification,base.group_user,1,1,1,0
|
||||
access_mail_notification_system, mail.notification.system,model_mail_notification,base.group_system,1,1,1,1
|
||||
access_mail_channel_all,mail.group.all,model_mail_channel,,1,0,0,0
|
||||
access_mail_channel_user,mail.group.user,model_mail_channel,base.group_user,1,1,1,0
|
||||
access_mail_channel_admin,mail.group.system,model_mail_channel,base.group_system,1,1,1,1
|
||||
access_mail_channel_member_public,mail.channel.member.public,model_mail_channel_member,base.group_public,1,0,0,0
|
||||
access_mail_channel_member_portal,mail.channel.member.portal,model_mail_channel_member,base.group_portal,1,1,1,1
|
||||
access_mail_channel_member_user,mail.channel.member.user,model_mail_channel_member,base.group_user,1,1,1,1
|
||||
access_mail_channel_rtc_session_all,mail.channel.rtc.session.all,model_mail_channel_rtc_session,,0,0,0,0
|
||||
access_mail_channel_rtc_session_system,mail.channel.rtc.session.system,model_mail_channel_rtc_session,base.group_system,1,1,1,1
|
||||
access_mail_alias_all,mail.alias.all,model_mail_alias,,1,0,0,0
|
||||
access_discuss_channel_public,discuss.channel.public,model_discuss_channel,base.group_public,1,0,0,0
|
||||
access_discuss_channel_portal,discuss.channel.portal,model_discuss_channel,base.group_portal,1,0,0,0
|
||||
access_discuss_channel_user,discuss.channel.user,model_discuss_channel,base.group_user,1,1,1,0
|
||||
access_discuss_channel_system,discuss.channel.system,model_discuss_channel,base.group_system,1,1,1,1
|
||||
access_discuss_channel_member_public,discuss.channel.member.public,model_discuss_channel_member,base.group_public,1,1,1,1
|
||||
access_discuss_channel_member_portal,discuss.channel.member.portal,model_discuss_channel_member,base.group_portal,1,1,1,1
|
||||
access_discuss_channel_member_user,discuss.channel.member.user,model_discuss_channel_member,base.group_user,1,1,1,1
|
||||
access_discuss_channel_rtc_session_system,discuss.channel.rtc.session.system,model_discuss_channel_rtc_session,base.group_system,1,1,1,1
|
||||
access_discuss_call_history_user,discuss.call.history.user,model_discuss_call_history,base.group_user,1,0,0,0
|
||||
access_discuss_call_history_public,discuss.call.history.public,model_discuss_call_history,base.group_public,1,0,0,0
|
||||
access_discuss_call_history_portal,discuss.call.history.portal,model_discuss_call_history,base.group_portal,1,0,0,0
|
||||
access_res_role_user,res.role.user,model_res_role,base.group_user,1,0,0,0
|
||||
access_res_role_admin,res.role.admin,model_res_role,base.group_erp_manager,1,1,1,1
|
||||
access_mail_alias_user,mail.alias.user,model_mail_alias,base.group_user,1,0,0,0
|
||||
access_mail_alias_system,mail.alias.system,model_mail_alias,base.group_system,1,1,1,1
|
||||
access_mail_alias_domain_user,mail.alias.domain.user,model_mail_alias_domain,base.group_user,1,0,0,0
|
||||
access_mail_alias_domain_system,mail.alias.domain.system,model_mail_alias_domain,base.group_erp_manager,1,1,1,1
|
||||
access_mail_gateway_allowed_system,mail.gateway.allowed.system,model_mail_gateway_allowed,base.group_system,1,1,1,1
|
||||
access_mail_message_reaction_all,mail.message.reaction.all,model_mail_message_reaction,,0,0,0,0
|
||||
access_mail_message_reaction_system,mail.message.reaction.system,model_mail_message_reaction,base.group_system,1,1,1,1
|
||||
access_mail_message_subtype_all,mail.message.subtype.all,model_mail_message_subtype,,1,0,0,0
|
||||
access_mail_message_subtype_public,mail.message.subtype.all,model_mail_message_subtype,base.group_public,1,0,0,0
|
||||
access_mail_message_subtype_portal,mail.message.subtype.all,model_mail_message_subtype,base.group_portal,1,0,0,0
|
||||
access_mail_message_subtype_user,mail.message.subtype.user,model_mail_message_subtype,base.group_user,1,0,0,0
|
||||
access_mail_message_subtype_system,mail.message.subtype.system,model_mail_message_subtype,base.group_system,1,1,1,1
|
||||
access_mail_tracking_value_all,mail.tracking.value.all,model_mail_tracking_value,,0,0,0,0
|
||||
access_mail_tracking_value_portal,mail.tracking.value.portal,model_mail_tracking_value,base.group_portal,0,0,0,0
|
||||
access_mail_tracking_value_user,mail.tracking.value.user,model_mail_tracking_value,base.group_user,0,0,0,0
|
||||
access_mail_presence,mail.presence,model_mail_presence,base.group_system,1,1,1,1
|
||||
access_mail_tracking_value_system,mail.tracking.value.system,model_mail_tracking_value,base.group_system,1,1,1,1
|
||||
access_publisher_warranty_contract_all,publisher.warranty.contract.all,model_publisher_warranty_contract,,1,1,1,1
|
||||
access_publisher_warranty_contract_all,publisher.warranty.contract.all,model_publisher_warranty_contract,base.group_system,1,1,1,1
|
||||
access_mail_template,mail.template,model_mail_template,base.group_user,1,1,1,1
|
||||
access_mail_template_editor,mail.template_editor,model_mail_template,mail.group_mail_template_editor,1,1,1,1
|
||||
access_mail_template_system,mail.template_system,model_mail_template,base.group_system,1,1,1,1
|
||||
access_mail_shortcode,mail.shortcode,model_mail_shortcode,base.group_user,1,1,1,1
|
||||
access_mail_shortcode_portal,mail.shortcode.portal,model_mail_shortcode,base.group_portal,1,0,0,0
|
||||
access_mail_activity_all,mail.activity.all,model_mail_activity,,0,0,0,0
|
||||
access_mail_canned_reponse,mail.canned.response,model_mail_canned_response,base.group_user,1,1,1,1
|
||||
access_mail_activity_user,mail.activity.user,model_mail_activity,base.group_user,1,1,1,1
|
||||
access_mail_activity_type_all,mail.activity.type.all,model_mail_activity_type,,0,0,0,0
|
||||
access_mail_activity_plan_user,mail.activity.plan.user,model_mail_activity_plan,base.group_user,1,0,0,0
|
||||
access_mail_activity_plan_system,mail.activity.plan.system,model_mail_activity_plan,base.group_system,1,1,1,1
|
||||
access_mail_activity_plan_template_user,mail.activity.plan.template.user,model_mail_activity_plan_template,base.group_user,1,0,0,0
|
||||
access_mail_activity_plan_template_system,mail.activity.plan.template.system,model_mail_activity_plan_template,base.group_system,1,1,1,1
|
||||
access_mail_activity_schedule_user,mail.activity.schedule.user,model_mail_activity_schedule,base.group_user,1,1,1,0
|
||||
access_mail_activity_schedule_line_user,mail.activity.schedule.line.user,model_mail_activity_schedule_line,base.group_user,1,1,1,0
|
||||
access_mail_activity_type_user,mail.activity.type.user,model_mail_activity_type,base.group_user,1,0,0,0
|
||||
access_mail_activity_type_system,mail.activity.type.system,model_mail_activity_type,base.group_system,1,1,1,1
|
||||
access_mail_blacklist_system,access_mail_blacklist_system,model_mail_blacklist,base.group_system,1,1,1,1
|
||||
access_mail_wizard_invite,access.mail.wizard.invite,model_mail_wizard_invite,base.group_user,1,1,1,0
|
||||
access_mail_followers_edit,access.mail.followers.edit,model_mail_followers_edit,base.group_user,1,1,1,0
|
||||
access_mail_compose_message,access.mail.compose.message,model_mail_compose_message,base.group_user,1,1,1,0
|
||||
access_mail_compose_message_portal,access.mail.compose.message.portal,model_mail_compose_message,base.group_portal,1,1,1,0
|
||||
access_mail_resend_message,access.mail.resend.message,model_mail_resend_message,base.group_user,1,1,1,0
|
||||
access_mail_resend_partner,access.mail.resend.partner,model_mail_resend_partner,base.group_user,1,1,1,0
|
||||
access_mail_template_preview,access.mail.template.preview,model_mail_template_preview,base.group_user,1,1,1,0
|
||||
access_mail_blacklist_remove_system,acesss.mail.blacklist.remove.system,model_mail_blacklist_remove,base.group_system,1,1,1,1
|
||||
access_mail_guest_all,mail.guest,model_mail_guest,,0,0,0,0
|
||||
access_mail_guest_user,mail.guest,model_mail_guest,base.group_user,1,0,0,0
|
||||
access_mail_guest_system,mail.guest,model_mail_guest,base.group_system,1,1,1,1
|
||||
access_mail_ice_server_all,mail.ice.server.all,model_mail_ice_server,,0,0,0,0
|
||||
access_mail_ice_server_system,mail.ice.server.system,model_mail_ice_server,base.group_system,1,1,1,1
|
||||
access_res_users_settings_all,res.users.settings,model_res_users_settings,,0,0,0,0
|
||||
access_res_users_settings_user,res.users.settings,model_res_users_settings,base.group_user,1,1,1,1
|
||||
access_res_users_settings_volumes_all,res.users.settings.volumes,model_res_users_settings_volumes,,0,0,0,0
|
||||
access_res_users_settings_volumes_user,res.users.settings.volumes,model_res_users_settings_volumes,base.group_user,1,1,1,1
|
||||
access_mail_template_reset,access.mail.template.reset,model_mail_template_reset,mail.group_mail_template_editor,1,1,1,1
|
||||
ir_actions_report_access_user,ir.actions.report.access.user,base.model_ir_actions_report,base.group_user,1,0,0,0
|
||||
access_mail_link_preview_admin,mail.link.preview.admin,model_mail_link_preview,base.group_erp_manager,1,1,1,1
|
||||
access_mail_message_link_preview_erp_manager,mail.link.preview.erp_manager,model_mail_message_link_preview,base.group_erp_manager,1,1,1,1
|
||||
access_discuss_gif_favorite,discuss.gif.favorite,model_discuss_gif_favorite,base.group_user,1,1,1,1
|
||||
access_discuss_voice_metadata_user,discuss.voice.metadata.user,model_discuss_voice_metadata,base.group_system,1,1,1,1
|
||||
access_mail_push_system,access.mail.push.system,mail.model_mail_push,base.group_system,1,1,1,1
|
||||
access_mail_push_device_system,access.mail.push.device.system,mail.model_mail_push_device,base.group_system,1,1,1,1
|
||||
access_mail_message_translation_system,mail.message.translation,model_mail_message_translation,base.group_system,1,1,1,1
|
||||
access_mail_scheduled_message,access.mail.scheduled.message,model_mail_scheduled_message,base.group_user,1,1,1,1
|
||||
|
|
|
|||
|
|
|
@ -1,60 +1,218 @@
|
|||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<odoo noupdate="1">
|
||||
|
||||
<!-- RULES -->
|
||||
<record id="mail_channel_rule" model="ir.rule">
|
||||
<field name="name">Mail.channel: access only public and joined groups</field>
|
||||
<field name="model_id" ref="model_mail_channel"/>
|
||||
<field name="groups" eval="[Command.link(ref('base.group_user')), Command.link(ref('base.group_portal')), Command.link(ref('base.group_public'))]"/>
|
||||
<field name="domain_force">[
|
||||
'|',
|
||||
'&',
|
||||
('channel_type', '!=', 'channel'),
|
||||
('is_member', '=', True),
|
||||
'&',
|
||||
('channel_type', '=', 'channel'),
|
||||
'|',
|
||||
('group_public_id', '=', False),
|
||||
('group_public_id', 'in', user.groups_id.ids)]
|
||||
<record id="ir_rule_discuss_channel_all" model="ir.rule">
|
||||
<field name="name">discuss.channel: can access channels (as member or as group allowed)</field>
|
||||
<field name="model_id" ref="mail.model_discuss_channel"/>
|
||||
<field name="groups"
|
||||
eval="[
|
||||
Command.link(ref('base.group_user')),
|
||||
Command.link(ref('base.group_portal')),
|
||||
Command.link(ref('base.group_public')),
|
||||
]"
|
||||
/>
|
||||
<field name="domain_force">
|
||||
[
|
||||
"|",
|
||||
"&",
|
||||
("channel_type", "!=", "channel"),
|
||||
"|",
|
||||
("is_member", "=", True),
|
||||
("parent_channel_id.is_member", "=", True),
|
||||
"&",
|
||||
("channel_type", "=", "channel"),
|
||||
"|",
|
||||
("group_public_id", "=", False),
|
||||
("group_public_id", "in", user.all_group_ids.ids),
|
||||
]
|
||||
</field>
|
||||
<field name="perm_create" eval="False"/>
|
||||
</record>
|
||||
|
||||
<record id="mail_channel_admin" model="ir.rule">
|
||||
<field name="name">Mail.channel: admin full access</field>
|
||||
<field name="model_id" ref="model_mail_channel"/>
|
||||
<record id="ir_rule_discuss_channel_group_system" model="ir.rule">
|
||||
<field name="name">discuss.channel: admin full access</field>
|
||||
<field name="model_id" ref="mail.model_discuss_channel"/>
|
||||
<field name="groups" eval="[Command.link(ref('base.group_system'))]"/>
|
||||
<field name="domain_force">[(1, '=', 1)]</field>
|
||||
</record>
|
||||
|
||||
<record id="ir_rule_mail_channel_member_group_user" model="ir.rule">
|
||||
<field name="name">mail.channel.member: write its own entries</field>
|
||||
<field name="model_id" ref="model_mail_channel_member"/>
|
||||
<field name="groups" eval="[(4, ref('base.group_user')), (4, ref('base.group_portal'))]"/>
|
||||
<field name="domain_force">[
|
||||
'|',
|
||||
'&',
|
||||
('channel_id.channel_type', '!=', 'channel'),
|
||||
('channel_id.is_member', '=', True),
|
||||
'&',
|
||||
('channel_id.channel_type', '=', 'channel'),
|
||||
'|',
|
||||
('channel_id.group_public_id', '=', False),
|
||||
('channel_id.group_public_id', 'in', user.groups_id.ids)]
|
||||
<record id="ir_rule_discuss_channel_member_is_self_all" model="ir.rule">
|
||||
<field name="name">discuss.channel.member: access their own entries</field>
|
||||
<field name="model_id" ref="mail.model_discuss_channel_member"/>
|
||||
<field name="groups"
|
||||
eval="[
|
||||
Command.link(ref('base.group_user')),
|
||||
Command.link(ref('base.group_portal')),
|
||||
Command.link(ref('base.group_public')),
|
||||
]"
|
||||
/>
|
||||
<field name="domain_force">
|
||||
[
|
||||
('is_self', '=', True),
|
||||
"|",
|
||||
("channel_id.channel_type", "!=", "channel"),
|
||||
"|",
|
||||
("channel_id.group_public_id", "=", False),
|
||||
("channel_id.group_public_id", "in", user.all_group_ids.ids),
|
||||
]
|
||||
</field>
|
||||
<field name="perm_read" eval="False"/>
|
||||
<field name="perm_write" eval="True"/>
|
||||
<!--
|
||||
create() is controlled by other rules because create() rules are applied after the record contains
|
||||
its data, which means just using 'is_self' would allow any user to add themselves in any channel.
|
||||
-->
|
||||
<field name="perm_create" eval="False"/>
|
||||
<field name="perm_unlink" eval="True"/>
|
||||
<!--
|
||||
read() is controlled by other rules, in particular the current rule for reading self member is
|
||||
"contained" within the rule for reading any member of accessible channel which is more generic.
|
||||
-->
|
||||
<field name="perm_read" eval="False"/>
|
||||
</record>
|
||||
|
||||
<record id="ir_rule_mail_channel_member_group_system" model="ir.rule">
|
||||
<field name="name">mail.channel.member: admin can manipulate all entries</field>
|
||||
<field name="model_id" ref="model_mail_channel_member"/>
|
||||
<record id="ir_rule_discuss_channel_member_read_all" model="ir.rule">
|
||||
<field name="name">discuss.channel.member: read members of accessible channels</field>
|
||||
<field name="model_id" ref="mail.model_discuss_channel_member"/>
|
||||
<field name="groups"
|
||||
eval="[
|
||||
Command.link(ref('base.group_user')),
|
||||
Command.link(ref('base.group_portal')),
|
||||
Command.link(ref('base.group_public')),
|
||||
]"
|
||||
/>
|
||||
<field name="domain_force">
|
||||
[
|
||||
"|",
|
||||
"&",
|
||||
("channel_id.channel_type", "!=", "channel"),
|
||||
"|",
|
||||
("channel_id.is_member", "=", True),
|
||||
("channel_id.parent_channel_id.is_member", "=", True),
|
||||
"&",
|
||||
("channel_id.channel_type", "=", "channel"),
|
||||
"|",
|
||||
("channel_id.group_public_id", "=", False),
|
||||
("channel_id.group_public_id", "in", user.all_group_ids.ids),
|
||||
]
|
||||
</field>
|
||||
<field name="perm_create" eval="False"/>
|
||||
<field name="perm_write" eval="False"/>
|
||||
<field name="perm_unlink" eval="False"/>
|
||||
</record>
|
||||
|
||||
<record id="ir_rule_discuss_channel_member_create_is_group_matching_all" model="ir.rule">
|
||||
<field name="name">discuss.channel.member: can join group restricted channels when group is matching</field>
|
||||
<field name="model_id" ref="mail.model_discuss_channel_member"/>
|
||||
<field name="groups"
|
||||
eval="[
|
||||
Command.link(ref('base.group_user')),
|
||||
Command.link(ref('base.group_portal')),
|
||||
Command.link(ref('base.group_public')),
|
||||
]"
|
||||
/>
|
||||
<field name="domain_force">
|
||||
[
|
||||
('is_self', '=', True),
|
||||
('channel_id.channel_type', '=', 'channel'),
|
||||
'|',
|
||||
('channel_id.group_public_id', '=', False),
|
||||
('channel_id.group_public_id', 'in', user.all_group_ids.ids)
|
||||
]
|
||||
</field>
|
||||
<!--
|
||||
This is the only case where the current user can join themselves (is_self = True) when the channel
|
||||
is already created, in all other cases they must be invited by someone else.
|
||||
-->
|
||||
<field name="perm_read" eval="False"/>
|
||||
<field name="perm_write" eval="False"/>
|
||||
<field name="perm_unlink" eval="False"/>
|
||||
</record>
|
||||
|
||||
<record id="ir_rule_discuss_channel_member_create_is_group_matching_group_user" model="ir.rule">
|
||||
<field name="name">discuss.channel.member: internal users can invite others in group restricted channels when group is matching</field>
|
||||
<field name="model_id" ref="mail.model_discuss_channel_member"/>
|
||||
<field name="groups" eval="[Command.link(ref('base.group_user'))]"/>
|
||||
<field name="domain_force">
|
||||
[
|
||||
('is_self', '=', False),
|
||||
('channel_id.channel_type', '=', 'channel'),
|
||||
'|',
|
||||
('channel_id.group_public_id', '=', False),
|
||||
('channel_id.group_public_id', 'in', user.all_group_ids.ids)
|
||||
]
|
||||
</field>
|
||||
<field name="perm_read" eval="False"/>
|
||||
<field name="perm_write" eval="False"/>
|
||||
<field name="perm_unlink" eval="False"/>
|
||||
</record>
|
||||
|
||||
<record id="ir_rule_discuss_channel_member_create_is_member_group_user" model="ir.rule">
|
||||
<field name="name">discuss.channel.member: internal users can invite others in channels they are member of</field>
|
||||
<field name="model_id" ref="mail.model_discuss_channel_member"/>
|
||||
<field name="groups" eval="[Command.link(ref('base.group_user'))]"/>
|
||||
<field name="domain_force">
|
||||
[
|
||||
('is_self', '=', False),
|
||||
('channel_id.channel_type', 'not in', ('channel', 'chat')),
|
||||
('channel_id.is_member', '=', True)
|
||||
]
|
||||
</field>
|
||||
<!--
|
||||
create() for the current user is controlled by other rules because create() rules are applied after the record
|
||||
contains its data, which means allowing 'is_self' would allow any user to add themselves in any channel.
|
||||
-->
|
||||
<field name="perm_read" eval="False"/>
|
||||
<field name="perm_write" eval="False"/>
|
||||
<field name="perm_unlink" eval="False"/>
|
||||
</record>
|
||||
|
||||
<record id="ir_rule_discuss_call_history_read_all" model="ir.rule">
|
||||
<field name="name">discuss.call.history: read call history of accessible channels</field>
|
||||
<field name="model_id" ref="mail.model_discuss_call_history"/>
|
||||
<field name="groups"
|
||||
eval="[
|
||||
Command.link(ref('base.group_user')),
|
||||
Command.link(ref('base.group_portal')),
|
||||
Command.link(ref('base.group_public')),
|
||||
]"
|
||||
/>
|
||||
<field name="domain_force">
|
||||
[
|
||||
"|",
|
||||
"&",
|
||||
("channel_id.channel_type", "!=", "channel"),
|
||||
"|",
|
||||
("channel_id.is_member", "=", True),
|
||||
("channel_id.parent_channel_id.is_member", "=", True),
|
||||
"&",
|
||||
("channel_id.channel_type", "=", "channel"),
|
||||
"|",
|
||||
("channel_id.group_public_id", "=", False),
|
||||
("channel_id.group_public_id", "in", user.all_group_ids.ids),
|
||||
]
|
||||
</field>
|
||||
<field name="perm_create" eval="False"/>
|
||||
<field name="perm_write" eval="False"/>
|
||||
<field name="perm_unlink" eval="False"/>
|
||||
</record>
|
||||
|
||||
<record id="ir_rule_discuss_channel_member_group_system" model="ir.rule">
|
||||
<field name="name">discuss.channel.member: admin can manipulate all entries</field>
|
||||
<field name="model_id" ref="mail.model_discuss_channel_member"/>
|
||||
<field name="groups" eval="[Command.link(ref('base.group_system'))]"/>
|
||||
<field name="domain_force">[(1, '=', 1)]</field>
|
||||
</record>
|
||||
|
||||
<record id="discuss_gif_favorite_user_rule" model="ir.rule">
|
||||
<field name="name">Discuss.gif.favorite: User access</field>
|
||||
<field name="model_id" ref="model_discuss_gif_favorite"/>
|
||||
<field name="groups" eval="[Command.link(ref('base.group_user'))]"/>
|
||||
<field name="domain_force">[('create_uid', '=', user.id)]</field>
|
||||
</record>
|
||||
|
||||
<record id="discuss_gif_favorite_admin_rule" model="ir.rule">
|
||||
<field name="name">Discuss.gif.favorite: admin full access</field>
|
||||
<field name="model_id" ref="model_discuss_gif_favorite"/>
|
||||
<field name="groups" eval="[Command.link(ref('base.group_erp_manager'))]"/>
|
||||
<field name="domain_force">[(1, '=', 1)]</field>
|
||||
</record>
|
||||
|
||||
<record id="ir_rule_mail_notifications_group_user" model="ir.rule">
|
||||
<field name="name">mail.notifications: group_user: write its own entries</field>
|
||||
<field name="model_id" ref="model_mail_notification"/>
|
||||
|
|
@ -90,6 +248,20 @@
|
|||
<field name="perm_unlink" eval="True"/>
|
||||
</record>
|
||||
|
||||
<record id="mail_activity_plan_rule_admin" model="ir.rule">
|
||||
<field name="name">Administrators can access all activity plans.</field>
|
||||
<field name="model_id" ref="model_mail_activity_plan"/>
|
||||
<field name="groups" eval="[Command.link(ref('base.group_system'))]"/>
|
||||
<field name="domain_force">[(1, '=', 1)]</field>
|
||||
</record>
|
||||
|
||||
<record id="mail_activity_plan_template_rule_admin" model="ir.rule">
|
||||
<field name="name">Administrators can access all activity plan templates.</field>
|
||||
<field name="model_id" ref="model_mail_activity_plan_template"/>
|
||||
<field name="groups" eval="[Command.link(ref('base.group_system'))]"/>
|
||||
<field name="domain_force">[(1, '=', 1)]</field>
|
||||
</record>
|
||||
|
||||
<record id="mail_compose_message_rule" model="ir.rule">
|
||||
<field name="name">Mail Compose Message Rule</field>
|
||||
<field name="model_id" ref="model_mail_compose_message"/>
|
||||
|
|
@ -101,9 +273,9 @@
|
|||
</record>
|
||||
|
||||
<record id="mail_template_employee_rule" model="ir.rule">
|
||||
<field name="name">Employees can only change their own templates</field>
|
||||
<field name="name">Employees can only modify templates they have created or been assigned</field>
|
||||
<field name="model_id" ref="model_mail_template"/>
|
||||
<field name="domain_force">[('create_uid', '=', user.id)]</field>
|
||||
<field name="domain_force">['|', ('create_uid', '=', user.id), ('user_id', '=', user.id)]</field>
|
||||
<field name="groups" eval="[Command.link(ref('base.group_user'))]"/>
|
||||
<field name="perm_create" eval="True"/>
|
||||
<field name="perm_read" eval="False"/>
|
||||
|
|
@ -122,28 +294,6 @@
|
|||
<field name="perm_unlink" eval="True"/>
|
||||
</record>
|
||||
|
||||
<record id="res_users_settings_rule_admin" model="ir.rule">
|
||||
<field name="name">Administrators can access all User Settings.</field>
|
||||
<field name="model_id" ref="model_res_users_settings"/>
|
||||
<field name="groups" eval="[Command.link(ref('base.group_system'))]"/>
|
||||
<field name="domain_force">[(1, '=', 1)]</field>
|
||||
<field name="perm_read" eval="True"/>
|
||||
<field name="perm_write" eval="True"/>
|
||||
<field name="perm_create" eval="True"/>
|
||||
<field name="perm_unlink" eval="True"/>
|
||||
</record>
|
||||
|
||||
<record id="res_users_settings_rule_user" model="ir.rule">
|
||||
<field name="name">res.users.settings: access their own entries</field>
|
||||
<field name="model_id" ref="model_res_users_settings"/>
|
||||
<field name="groups" eval="[Command.link(ref('base.group_user'))]"/>
|
||||
<field name="domain_force">[('user_id', '=', user.id)]</field>
|
||||
<field name="perm_read" eval="True"/>
|
||||
<field name="perm_write" eval="True"/>
|
||||
<field name="perm_create" eval="True"/>
|
||||
<field name="perm_unlink" eval="True"/>
|
||||
</record>
|
||||
|
||||
<record id="res_users_settings_volumes_rule_user" model="ir.rule">
|
||||
<field name="name">res.users.settings.volumes: access their own entries</field>
|
||||
<field name="model_id" ref="model_res_users_settings_volumes"/>
|
||||
|
|
@ -166,4 +316,39 @@
|
|||
<field name="perm_unlink" eval="True"/>
|
||||
</record>
|
||||
|
||||
<record id="ir_rule_mail_canned_response_admin" model="ir.rule">
|
||||
<field name="name">Canned response: admin has all access on shared canned response</field>
|
||||
<field name="model_id" ref="model_mail_canned_response"/>
|
||||
<field name="groups" eval="[Command.link(ref('group_mail_canned_response_admin'))]"/>
|
||||
<field name="domain_force">[('is_shared', '=', True)]</field>
|
||||
<field name="perm_create" eval="False"/>
|
||||
</record>
|
||||
|
||||
<!-- Internal user: rationale is that they read their own or the one belonging to
|
||||
their user groups. They can modify only their own -->
|
||||
<record id="ir_rule_mail_canned_response_user_read" model="ir.rule">
|
||||
<field name="name">Canned response: User read: own or in groups</field>
|
||||
<field name="model_id" ref="model_mail_canned_response"/>
|
||||
<field name="groups" eval="[Command.link(ref('base.group_user'))]"/>
|
||||
<field name="domain_force">['|', ('create_uid', '=', user.id), ('group_ids', 'in', user.all_group_ids.ids)]</field>
|
||||
<field name="perm_write" eval="False"/>
|
||||
<field name="perm_create" eval="False"/>
|
||||
<field name="perm_unlink" eval="False"/>
|
||||
</record>
|
||||
<record id="ir_rule_mail_canned_response_user_update" model="ir.rule">
|
||||
<field name="name">Canned response: User write/unlink: own only</field>
|
||||
<field name="model_id" ref="model_mail_canned_response"/>
|
||||
<field name="groups" eval="[Command.link(ref('base.group_user'))]"/>
|
||||
<field name="domain_force">[('create_uid', '=', user.id)]</field>
|
||||
<field name="perm_create" eval="False"/>
|
||||
<field name="perm_read" eval="False"/>
|
||||
</record>
|
||||
<record id="ir_rule_mail_scheduled_message_user" model="ir.rule">
|
||||
<field name="model_id" ref="model_mail_scheduled_message"/>
|
||||
<field name="domain_force">[('create_uid', '=', user.id)]</field>
|
||||
<field name="perm_read" eval="False"/>
|
||||
<field name="perm_write" eval="True"/>
|
||||
<field name="perm_create" eval="True"/>
|
||||
<field name="perm_unlink" eval="False"/>
|
||||
</record>
|
||||
</odoo>
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue