-
- Downloads
[FIX] point_of_sale: rollback failed account move transaction
When closing a POS session, a journal entry is generated for it. By
default, first we try to create that entry as the logged in user, and if
that fails we try again with sudo.
Suppose you only have the Point of Sale and Accounting apps installed,
and the user has the Auditor role in Accounting. In that case they won't
be able to create account moves. If the user closes a POS session, the
creation of the account move in `_create_account_move` will fail with an
AccessError and the creation will be retried with `sudo` by
`_validate_session`. This works fine.
Now suppose that you have the Purchasing app installed as well. By
default that will give the User role in Purchasing. That role introduces
a restriction on which account move types the user can write to. The
permissions do not include 'entry', which is the move type of the POS
journal entry. If the user again tries to close a POS session, the
creation of the move is able to proceed further, because the role from
Purchasing granted additional rights. The SQL statement inserting the
account move data gets executed inside the transaction. When it
validates the Python constraints afterwards, another AccessError is
raised, because of the rule on `move_type` failing due to the move being
an 'entry'.
If at this point the operation is simply tried again with sudo, the
original database changes inside the transaction will still there, and
will be committed together with the journal entry created with sudo.
This results in an empty draft entry showing up in addition to the POS
journal entry.
To prevent this from happening, the initial attempt is wrapped in a
savepoint so that the transaction gets rolled back fully if the creation
of the account move fails, no matter at which point.
opw-3160140
closes odoo/odoo#114443
Signed-off-by: 
Trinh Jacky (trj) <trj@odoo.com>