-
- Downloads
[FIX] fields, test_access_rights: get currency field in sudo
This commits fixes user duplication.
Suppose there is a monetary field, with a currency_field that is a related.
When going through model's _create, we do:
`if field.type in ('one2many', 'many2many'):
self.env.cache.set(record, field, ())`
knowing that thse values are false, with the intent to clean them later:
`for record, field in cachetoclear`
However, when setting the scalar values, we go through:
`accessing cache_value = field.convert_to_cache(value, record)`
In the case of the monetary field, this depends on another field value
(the currency_field). If it is a related, we can access its value.
However, at this point, if we check any access rights, we might use the value
of a relational in cache for which the value is incorrectly set to False.
In the case of the user, this is what happens: it inherits its currency_id
from partner, as well as its debit_limit which depends on it.
When the access if checked, company_ids is set to False in cache.
So when going through the rule 'user rule', which checks that the company_ids
intersects with the env.companies.ids, the result is always False.
In some way this is essentially hiding the problem, but the true fix is
probably not feasible in stable.
opw 2086661
closes odoo/odoo#39017
X-original-commit: aa05a935
Signed-off-by: 
Nans Lefebvre (len) <len@odoo.com>
Showing
- odoo/addons/test_access_rights/models.py 15 additions, 0 deletionsodoo/addons/test_access_rights/models.py
- odoo/addons/test_access_rights/tests/__init__.py 1 addition, 0 deletionsodoo/addons/test_access_rights/tests/__init__.py
- odoo/addons/test_access_rights/tests/test_access_monetary_related.py 36 additions, 0 deletions.../test_access_rights/tests/test_access_monetary_related.py
- odoo/fields.py 1 addition, 1 deletionodoo/fields.py
Loading
Please register or sign in to comment