[FIX] website_crm: restrict CRM columns to users having CRM rights

If leads are created using live chat, users without CRM rights cannot access the visitors list anymore because the lead/opportunity information is not available to them. This commit limits the display of `lead_count` to the `sales_team.group_sale_salesman` group. Then, the visitor's form cannot be accessed because the "Lead" smart button fails to load. This commit therefore limits the display of the button to that same `sales_team.group_sale_salesman` group. In 14.0, the column still appeared without the `lead_count` value displayed, but clicking on it raised a traceback. Steps to reproduce: - Install `website_crm_livechat` - Login as Mitchell Admin - Send a message in the live chat - Go to Discuss - Answer the livechat message with `/lead New` - Go to Settings / Users / Marc Demo - Remove the Sales rights - Logout - Login as Marc Demo - Go to the Website / Reporting / Visitors page => The page could not be reached and an access right error message was generated. opw-3475301 closes odoo/odoo#135399 X-original-commit: 7de453477d7c23e607a15e0d60613080857e3371 Signed-off-by: Thibault Delavallee (tde) <tde@openerp.com> Signed-off-by: Quentin Smetz (qsm) <qsm@odoo.com> Co-authored-by: Robin Lejeune (role) <role@odoo.com>

[FIX] website_crm: restrict CRM columns to users having CRM rights
4f67701f · Benoit Socias · qsm-odoo · c27f9b6b · 4f67701f
Commit 4f67701f authored 1 year ago by Benoit Socias Committed by qsm-odoo 1 year ago
--- a/addons/website_crm/views/website_visitor_views.xml
+++ b/addons/website_crm/views/website_visitor_views.xml
@@ -7,7 +7,7 @@
        <field name="arch" type="xml">
            <xpath expr="//button[@id='w_visitor_visit_counter']" position="before">
                <button name="%(website_crm.crm_lead_action_from_visitor)d" type="action" class="oe_stat_button" icon="fa-star"
-                        attrs="{'invisible': [('lead_count', '=', 0)]}">
+                        groups="sales_team.group_sale_salesman" attrs="{'invisible': [('lead_count', '=', 0)]}">
                    <field name="lead_count" widget="statinfo" string="Leads"/>
                </button>
            </xpath>
@@ -48,7 +48,7 @@
                <field name="lead_count"/>
            </field>
            <xpath expr="//div[@id='o_page_count']" position="after">
-                <div t-if="record.lead_count.raw_value">
+                <div t-if="record.lead_count.raw_value" groups="sales_team.group_sale_salesman">
                    Leads / Opportunities
                    <span class="float-end fw-bold">
                        <field name="lead_count"/>
@@ -56,7 +56,7 @@
                </div>
            </xpath>
            <xpath expr="//div[@id='wvisitor_visited_page']" position="after">
-                <div class="col-lg col-sm-4 col-6 py-0 my-2">
+                <div class="col-lg col-sm-4 col-6 py-0 my-2" groups="sales_team.group_sale_salesman">
                    <span t-att-class="record.lead_count.raw_value ? 'fw-bold' : 'text-muted'">
                        <field name="lead_count"/>
                    </span>