From 6da3648fd623b728fd4358776f46c2ce92e5dbd8 Mon Sep 17 00:00:00 2001
From: Olivier Dony <odo@openerp.com>
Date: Fri, 8 Aug 2014 16:56:44 +0200
Subject: [PATCH] [FIX] website_mail: mail.message.check_access_rule: no check
 for super-user

---
 addons/website_mail/models/mail_message.py | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/addons/website_mail/models/mail_message.py b/addons/website_mail/models/mail_message.py
index 4206872199c8..2f31daab30f7 100644
--- a/addons/website_mail/models/mail_message.py
+++ b/addons/website_mail/models/mail_message.py
@@ -77,13 +77,13 @@ class MailMessage(osv.Model):
             - read:
                 - raise if the type is comment and subtype NULL (internal note)
         """
-        group_ids = self.pool.get('res.users').browse(cr, uid, uid, context=context).groups_id
-        group_user_id = self.pool.get("ir.model.data").get_object_reference(cr, uid, 'base', 'group_public')[1]
-        if group_user_id in [group.id for group in group_ids]:
-            cr.execute('SELECT id FROM "%s" WHERE website_published IS FALSE AND id = ANY (%%s)' % (self._table), (ids,))
-            if cr.fetchall():
-                raise osv.except_osv(
-                    _('Access Denied'),
-                    _('The requested operation cannot be completed due to security restrictions. Please contact your system administrator.\n\n(Document type: %s, Operation: %s)') % (self._description, operation))
-
+        if uid != SUPERUSER_ID:
+            group_ids = self.pool.get('res.users').browse(cr, uid, uid, context=context).groups_id
+            group_user_id = self.pool.get("ir.model.data").get_object_reference(cr, uid, 'base', 'group_public')[1]
+            if group_user_id in [group.id for group in group_ids]:
+                cr.execute('SELECT id FROM "%s" WHERE website_published IS FALSE AND id = ANY (%%s)' % (self._table), (ids,))
+                if cr.fetchall():
+                    raise osv.except_osv(
+                        _('Access Denied'),
+                        _('The requested operation cannot be completed due to security restrictions. Please contact your system administrator.\n\n(Document type: %s, Operation: %s)') % (self._description, operation))
         return super(MailMessage, self).check_access_rule(cr, uid, ids=ids, operation=operation, context=context)
-- 
GitLab