是否可以从方法check_access_rights中访问带有参数(vals(提供给write()的数据?
我继承了res.partner和覆盖的方法check_access_rights,目的是允许对res.partner没有写入权限的用户更新child_ids(该合作伙伴的(如果该孩子是由该用户创建的(create_uid = user.id(。我希望能够在某处(在方法write或check_access_rights(实现此伪代码:
if `the user belongs to a group "GroupX"` and `user tries to only update field "child_ids" with records that are created by that user`
then `allow this write operation on res.partner`
else `raise AccessError`
要让用户(来自"X 组"(修改由他创建的 res.partner 对象,并允许修改任何人创建的 res.partner 对象上的child_ids:
首先创建一个组"X组",其权限为:a( r,w,c,u on res.partner ;b( r,w,c 在 ir.property 上。
然后创建一个继承自 res.partner 的类并重写方法write。
# -*- coding: utf-8 -*-
class InheritedResPartner(models.Model):
"""Description"""
_inherit = 'res.partner'
@api.multi
def write(self, vals):
is_in_group = 'Group X' in map(lambda x: x.name, self.env.user.groups_id)
if is_in_group:
operation = 'write'
owns_record = self.create_uid == self.env.user
if owns_record:
True
else:
allowed = True
# Do all checks further and set `allowed` to either True or False
...<omitted intentionaly> put your logic here
#
if not allowed:
raise AccessError(_('The requested operation cannot be completed due to security restrictions. Please contact your system administrator.nn(Document type: %s, Operation: %s)') % (self._description, operation))
return super(InheritedResPartner, self).write(vals)
注意:我们授予res.partner的全部权利,但如果检测到不需要的操作,我们将覆盖写入方法并引发AccessError。