Initial commit: OCA Technical packages (595 packages)

2026-04-19 02:52:08 +02:00 · 2025-08-29 15:43:03 +02:00 · 2025-08-29 15:43:03 +02:00 · 2cc02aac6e
commit 2cc02aac6e
24950 changed files with 2318079 additions and 0 deletions
--- a/odoo-bringout-oca-dms-dms/dms/security/ir.model.access.csv
+++ b/odoo-bringout-oca-dms-dms/dms/security/ir.model.access.csv
@ -0,0 +1,27 @@
+id,name,model_id/id,group_id/id,perm_read,perm_write,perm_create,perm_unlink
+
+access_dms_tag_user,dms_tag_user,model_dms_tag,group_dms_user,1,1,1,1
+access_dms_category_user,dms_category_user,model_dms_category,group_dms_user,1,1,1,1
+
+access_dms_storage_base_user,dms_storage_base_user,model_dms_storage,base.group_user,1,0,0,0
+access_dms_storage_portal,dms_storage_portal,model_dms_storage,base.group_portal,1,0,0,0
+access_dms_storage_user,dms_storage_user,model_dms_storage,group_dms_user,1,0,0,0
+access_dms_storage_manager,dms_storage_manager,model_dms_storage,group_dms_manager,1,1,1,1
+
+access_dms_directory_public,dms_directory_public,model_dms_directory,base.group_public,1,0,0,0
+access_dms_directory_portal,dms_directory_portal,model_dms_directory,base.group_portal,1,0,0,0
+access_dms_directory_base_user,dms_directory_base_user,model_dms_directory,base.group_user,1,0,0,0
+access_dms_directory_user,dms_directory_user,model_dms_directory,group_dms_user,1,1,1,1
+
+access_dms_file_public,dms_file_public,model_dms_file,base.group_public,1,0,0,0
+access_dms_file_portal,dms_file_portal,model_dms_file,base.group_portal,1,0,0,0
+access_dms_file_base_user,dms_file_base_user,model_dms_file,base.group_user,1,0,0,0
+access_dms_file_user,dms_file_user,model_dms_file,group_dms_user,1,1,1,1
+
+access_dms_access_group_public,access_dms_access_group_public,model_dms_access_group,base.group_public,1,0,0,0
+access_dms_access_group_portal,access_dms_access_group_portal,model_dms_access_group,base.group_portal,1,0,0,0
+access_security_access_groups_user,access_security_access_groups_user,model_dms_access_group,base.group_user,1,0,0,0
+access_security_access_groups_dms_user,access_security_access_groups_dms_user,model_dms_access_group,group_dms_user,1,1,1,1
+
+access_wizard_dms_file_move,access_wizard_dms_file_move,model_wizard_dms_file_move,group_dms_user,1,1,1,1
+access_wizard_dms_share,access_wizard_dms_share,model_wizard_dms_share,group_dms_manager,1,1,1,0
--- a/odoo-bringout-oca-dms-dms/dms/security/security.xml
+++ b/odoo-bringout-oca-dms-dms/dms/security/security.xml
@ -0,0 +1,190 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!--
+
+    Copyright 2017-2019 MuK IT GmbH
+    Copyright 2020 Creu Blanca
+    Copyright 2021 Tecnativa - Víctor Martínez
+    License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl).
+
+  -->
+<odoo>
+    <record id="category_dms_security" model="ir.module.category">
+        <field name="name">Documents</field>
+    </record>
+    <record id="group_dms_user" model="res.groups">
+        <field name="name">User</field>
+        <field name="category_id" ref="category_dms_security" />
+        <field name="implied_ids" eval="[(4, ref('base.group_user'))]" />
+    </record>
+    <record id="group_dms_manager" model="res.groups">
+        <field name="name">Manager</field>
+        <field name="implied_ids" eval="[(4, ref('group_dms_user'))]" />
+        <field name="category_id" ref="category_dms_security" />
+        <field
+            name="users"
+            eval="[(4, ref('base.user_root')), (4, ref('base.user_admin'))]"
+        />
+    </record>
+    <record id="rule_multi_company_storage" model="ir.rule">
+        <field name="name">DMS Storage multi-company</field>
+        <field name="model_id" ref="model_dms_storage" />
+        <field name="global" eval="True" />
+        <field
+            name="domain_force"
+        >['|',('company_id','=',False),('company_id','in',company_ids)]</field>
+    </record>
+    <record id="rule_multi_company_directory" model="ir.rule">
+        <field name="name">DMS Directory multi-company</field>
+        <field name="model_id" ref="model_dms_directory" />
+        <field name="global" eval="True" />
+        <field
+            name="domain_force"
+        >['|',('company_id','=',False),('company_id','in',company_ids)]</field>
+    </record>
+    <record id="rule_multi_company_file" model="ir.rule">
+        <field name="name">File multi-company</field>
+        <field name="model_id" ref="model_dms_file" />
+        <field name="global" eval="True" />
+        <field
+            name="domain_force"
+        >['|',('company_id','=',False),('company_id','in',company_ids)]</field>
+    </record>
+    <record id="rule_file_locked" model="ir.rule">
+        <field name="name">Locked files are only modified by locker user.</field>
+        <field name="model_id" ref="model_dms_file" />
+        <field name="groups" eval="[(4, ref('base.group_user'))]" />
+        <field name="global" eval="True" />
+        <field name="perm_read" eval="0" />
+        <field name="perm_create" eval="1" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="1" />
+        <field
+            name="domain_force"
+        >['|', ('locked_by', '=', False), ('locked_by', '=', user.id)]</field>
+    </record>
+    <record id="rule_security_groups_user" model="ir.rule">
+        <field name="name">DMS users can only edit and delete their own groups.</field>
+        <field name="model_id" ref="model_dms_access_group" />
+        <field name="groups" eval="[(4, ref('group_dms_user'))]" />
+        <field name="perm_read" eval="0" />
+        <field name="perm_create" eval="0" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="1" />
+        <field name="domain_force">[('create_uid','=',user.id)]</field>
+    </record>
+    <record id="rule_security_groups_manager" model="ir.rule">
+        <field name="name">DMS Managers can edit and delete all groups.</field>
+        <field name="model_id" ref="model_dms_access_group" />
+        <field name="groups" eval="[(4, ref('group_dms_manager'))]" />
+        <field name="perm_read" eval="0" />
+        <field name="perm_create" eval="0" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="1" />
+        <field name="domain_force">[(1 ,'=', 1)]</field>
+    </record>
+    <!-- Forbid lower groups access to hidden storage -->
+    <record id="rule_forbid_hidden_storage" model="ir.rule">
+        <field name="name">Basic users cannot access hidden storage</field>
+        <field name="model_id" ref="model_dms_storage" />
+        <field
+            name="groups"
+            eval="[(4, ref('base.group_portal')), (4, ref('group_dms_user'))]"
+        />
+        <field name="perm_read" eval="1" />
+        <field name="perm_create" eval="1" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="1" />
+        <field name="domain_force">[('is_hidden', '=', False)]</field>
+    </record>
+    <record id="rule_allow_hidden_storage" model="ir.rule">
+        <field name="name">Managers can access hidden storage</field>
+        <field name="model_id" ref="model_dms_storage" />
+        <field name="groups" eval="[(4, ref('group_dms_manager'))]" />
+        <field name="perm_read" eval="1" />
+        <field name="perm_create" eval="1" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="1" />
+        <field name="domain_force">[('is_hidden', '=', True)]</field>
+    </record>
+    <!-- These rules leverage computed permission management -->
+    <record id="rule_directory_computed_create" model="ir.rule">
+        <field name="name">Apply computed create permissions.</field>
+        <field name="model_id" ref="model_dms_directory" />
+        <field name="global" eval="True" />
+        <field name="perm_read" eval="0" />
+        <field name="perm_create" eval="1" />
+        <field name="perm_write" eval="0" />
+        <field name="perm_unlink" eval="0" />
+        <field name="domain_force">[('permission_create', '=', user.id)]</field>
+    </record>
+    <record id="rule_directory_computed_read" model="ir.rule">
+        <field name="name">Apply computed read permissions.</field>
+        <field name="model_id" ref="model_dms_directory" />
+        <field name="global" eval="True" />
+        <field name="perm_read" eval="1" />
+        <field name="perm_create" eval="0" />
+        <field name="perm_write" eval="0" />
+        <field name="perm_unlink" eval="0" />
+        <field name="domain_force">[('permission_read', '=', user.id)]</field>
+    </record>
+    <record id="rule_directory_computed_unlink" model="ir.rule">
+        <field name="name">Apply computed unlink permissions.</field>
+        <field name="model_id" ref="model_dms_directory" />
+        <field name="global" eval="True" />
+        <field name="perm_read" eval="0" />
+        <field name="perm_create" eval="0" />
+        <field name="perm_write" eval="0" />
+        <field name="perm_unlink" eval="1" />
+        <field name="domain_force">[('permission_unlink', '=', user.id)]</field>
+    </record>
+    <record id="rule_directory_computed_write" model="ir.rule">
+        <field name="name">Apply computed write permissions.</field>
+        <field name="model_id" ref="model_dms_directory" />
+        <field name="global" eval="True" />
+        <field name="perm_read" eval="0" />
+        <field name="perm_create" eval="0" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="0" />
+        <field name="domain_force">[('permission_write', '=', user.id)]</field>
+    </record>
+    <record id="rule_file_computed_create" model="ir.rule">
+        <field name="name">Apply computed create permissions.</field>
+        <field name="model_id" ref="model_dms_file" />
+        <field name="global" eval="True" />
+        <field name="perm_read" eval="0" />
+        <field name="perm_create" eval="1" />
+        <field name="perm_write" eval="0" />
+        <field name="perm_unlink" eval="0" />
+        <field name="domain_force">[('permission_create', '=', user.id)]</field>
+    </record>
+    <record id="rule_file_computed_read" model="ir.rule">
+        <field name="name">Apply computed read permissions.</field>
+        <field name="model_id" ref="model_dms_file" />
+        <field name="global" eval="True" />
+        <field name="perm_read" eval="1" />
+        <field name="perm_create" eval="0" />
+        <field name="perm_write" eval="0" />
+        <field name="perm_unlink" eval="0" />
+        <field name="domain_force">[('permission_read', '=', user.id)]</field>
+    </record>
+    <record id="rule_file_computed_unlink" model="ir.rule">
+        <field name="name">Apply computed unlink permissions.</field>
+        <field name="model_id" ref="model_dms_file" />
+        <field name="global" eval="True" />
+        <field name="perm_read" eval="0" />
+        <field name="perm_create" eval="0" />
+        <field name="perm_write" eval="0" />
+        <field name="perm_unlink" eval="1" />
+        <field name="domain_force">[('permission_unlink', '=', user.id)]</field>
+    </record>
+    <record id="rule_file_computed_write" model="ir.rule">
+        <field name="name">Apply computed write permissions.</field>
+        <field name="model_id" ref="model_dms_file" />
+        <field name="global" eval="True" />
+        <field name="perm_read" eval="0" />
+        <field name="perm_create" eval="0" />
+        <field name="perm_write" eval="1" />
+        <field name="perm_unlink" eval="0" />
+        <field name="domain_force">[('permission_write', '=', user.id)]</field>
+    </record>
+</odoo>