Hi everyone,
I'm encountering an access control issue in Odoo 15 when trying to mark a mail activity as "done." Although the activity was created by the same user who is marking it as done—and thus should have sufficient rights—the process fails with an ACL error.
Here’s what’s happening:
- When a user marks a mail activity as done (via the action_done method), the process unexpectedly attempts to read from the res.config.settings model.
- The log shows the following error message:
"Access Denied by ACLs for operation: read, uid: 47, model: res.config.settings
No puedes ingresar a los registros 'res.config.settings' (res.config.settings)
Se permite esta operación para los grupos siguientes:
- Administration/Settings
Ponte en contacto con tu administrador para pedirle acceso si es necesario"
The UID in the error (47) indicates that the operation is running in the context of a non-administrative user, even though the activity creator should have permissions to complete their own activity.
To work around the issue, I tried overriding the action_done method in a custom module. My first attempt was to elevate privileges with sudo():
However, the error still occurred because, inside the super().action_done() call, some code is reading from res.config.settings with the original user context.
Any insights or recommendations would be greatly appreciated!