This question has been flagged
1 Reply
6118 Views
python2.7odoo9
Avatar
Dhouha

i have created a new group which is personal to restrict some users to create new product. So i have developed a custom module to do my needs. After installing the module and adding the user to the group i connect with this user to verify if he is able to add a new product or not , and i found he can. Could any body help me please to verify if my code is right or not because i'm not sure if it is the right way to create a new group and add user to it

https://ibb.co/9cgssBt

security.xml

<?xml version="1.0" encoding="utf-8"?>
<openerp>
<data>
    <record model="res.groups" id="your_group">
        <field name="name">Group of users who cannot create new products</field>
    </record>
</data>

product.py

  # -*- coding: utf-8 -*-

from openerp import fields,models,api
from openerp import tools

import openerp.addons.decimal_precision as dp
from openerp.tools.translate import _


 class product_product(models.Model):
_inherit = "product.product"


@api.model
def create(self, vals):
if self.env.user.has_group('yor_module.your_group'):
    raise Warning(
        _('Sorry, you are not allowed to create new products.'),
    )
else:
    return super(product_product, self).create(vals)
Avatar
Discard
Sehrish

Odoo Tips: https://plus.google.com/collection/MrdEWE

Avatar
Volodymyr
Best Answer

Hi, 

You should try to replace "self.env.user.has_group" with "request.env.user.has_group" where "request" should be imported as follows: "from odoo.http import request". That should solve your issue, however I would advise to do the same with record rules declaration - that's what they are for :)

Here you can read about it: https://www.odoo.com/documentation/11.0/reference/security.html#record-rules

Hope this helps :)

PS: if you like the answer - please upvote it! Thanks! :)

Avatar
Discard