İçereği Atla
Menü
Bu soru işaretlendi
2 Cevaplar
1300 Görünümler

Hi everyone,

I'm encountering an access control issue in Odoo 15 when trying to mark a mail activity as "done." Although the activity was created by the same user who is marking it as done—and thus should have sufficient rights—the process fails with an ACL error.

Here’s what’s happening:

  • When a user marks a mail activity as done (via the action_done method), the process unexpectedly attempts to read from the res.config.settings model.
  • The log shows the following error message:

"Access Denied by ACLs for operation: read, uid: 47, model: res.config.settings

No puedes ingresar a los registros 'res.config.settings' (res.config.settings) Se permite esta operación para los grupos siguientes: - Administration/Settings Ponte en contacto con tu administrador para pedirle acceso si es necesario"

The UID in the error (47) indicates that the operation is running in the context of a non-administrative user, even though the activity creator should have permissions to complete their own activity.  

To work around the issue, I tried overriding the action_done method in a custom module. My first attempt was to elevate privileges with sudo():

However, the error still occurred because, inside the super().action_done() call, some code is reading from res.config.settings with the original user context. 

Any insights or recommendations would be greatly appreciated!

Avatar
Vazgeç
Üretici En İyi Yanıt

This worked for me, it was a different method with a initial underscore:

import logging
from odoo import models, api

_logger = logging.getLogger(__name__)

class MailActivity(models.Model):
_inherit = "mail.activity"

def _action_done(self, feedback=False, attachment_ids=None):
return super(MailActivity, self.sudo())._action_done(feedback=feedback, attachment_ids=attachment_ids)
Avatar
Vazgeç
En İyi Yanıt

Hi,
If you're encountering an access denied error when calling super().action_done() even after using sudo(), it indicates that the underlying method (or a method it calls) is still executing in the context of the original user, which does not have access to res.config.settings. Here are some strategies to address this issue:

Override the Method with Proper Context,

import logging

_logger = logging.getLogger(__name__)

class MailActivity(models.Model):
    _inherit = 'mail.activity'

    @api.model
    def action_done(self):
        _logger.info("User  %s is attempting to mark activity as done.", self.env.user.id)
        self = self.sudo()
       
        # Log before calling super
        _logger.info("Calling super().action_done() with sudo.")
        return super(MailActivity, self).action_done()

Regards,
Jishna
Accurates

Avatar
Vazgeç
İlgili Gönderiler Cevaplar Görünümler Aktivite
1
Mar 25
729
1
Mar 24
1787
2
Oca 24
2160
1
Mar 15
4579
1
Ağu 25
433