Initial commit: Odoo 18.0-20251222 extra-addons
Some checks failed
pre-commit / pre-commit (push) Has been cancelled
tests / Detect unreleased dependencies (push) Has been cancelled
tests / test with OCB (push) Has been cancelled
tests / test with Odoo (push) Has been cancelled

This commit is contained in:
tocmo0nlord
2026-03-13 20:43:25 +00:00
parent 36e847a7df
commit adbe430761
9472 changed files with 1265727 additions and 0 deletions

146
sales_team_security/README.rst Executable file
View File

@@ -0,0 +1,146 @@
===============================================
Sales documents permissions by channels (teams)
===============================================
..
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!! This file is generated by oca-gen-addon-readme !!
!! changes will be overwritten. !!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!! source digest: sha256:24b329b5d549776cc4304d55a06f0257822eea382c56b85bbc9e0cba29843d6a
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
.. |badge1| image:: https://img.shields.io/badge/maturity-Production%2FStable-green.png
:target: https://odoo-community.org/page/development-status
:alt: Production/Stable
.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
:target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
:alt: License: AGPL-3
.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fsale--workflow-lightgray.png?logo=github
:target: https://github.com/OCA/sale-workflow/tree/18.0/sales_team_security
:alt: OCA/sale-workflow
.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
:target: https://translation.odoo-community.org/projects/sale-workflow-18-0/sale-workflow-18-0-sales_team_security
:alt: Translate me on Weblate
.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
:target: https://runboat.odoo-community.org/builds?repo=OCA/sale-workflow&target_branch=18.0
:alt: Try me on Runboat
|badge1| |badge2| |badge3| |badge4| |badge5|
This module adds a new "Sale" group called "User: Team documents", that
includes the proper permissions for showing only the information related
to that user sale team (having assigned that team/channel or no team at
all, independently from the assigned salesman):
- Contacts.
- Quotations/Sales Orders (implemented in sales_team_security_sale)
- Leads/Opportunities (implemented in sales_team_security_crm)
It also handles the sync (auto-creation and remove) of followers in
company partners and childs of them according to salesmans. Any example
about it: - Partner company > Salesman: Admin - Partner company, Contact
1 > Without salesman - Partner company, Contact 2 > Salesman: Demo All
these partners have these followers: Admin + Demo
And finally, there are rules for partners to be restricted to the own
ones for the group "User: Own Documents Only" for being coherent with
the permission scheme. Someone with this permission will see:
- Contacts without salesman assigned.
- Contacts with them as salesman.
- Contacts with them as follower.
For keeping consistent accesses, followers of the main and
shipping/invoice contacts are synced according the salesman of the
children contacts
**Table of contents**
.. contents::
:local:
Installation
============
At installation time, this module syncs followers in parent contacts and
invoice/shipping addresses. If you have a lot of contacts, this
operation can take a while.
Configuration
=============
1. Go to *Configuration > Users & Companies > Users*.
2. Open or create a user.
3. On the section "Sale", select "User: Team documents".
Known issues / Roadmap
======================
- This module modifies the sales security groups hierarchy, so any other
module doing something similar might conflict with this one.
Bug Tracker
===========
Bugs are tracked on `GitHub Issues <https://github.com/OCA/sale-workflow/issues>`_.
In case of trouble, please check there if your issue has already been reported.
If you spotted it first, help us to smash it by providing a detailed and welcomed
`feedback <https://github.com/OCA/sale-workflow/issues/new?body=module:%20sales_team_security%0Aversion:%2018.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
Do not contact contributors directly about support or help with technical issues.
Credits
=======
Authors
-------
* Tecnativa
Contributors
------------
- `Tecnativa <https://www.tecnativa.com>`__:
- Pedro M. Baeza
- Víctor Martínez
- César A. Sánchez
- Carlos Lopez
- `Guadaltech <https://www.guadaltech.es>`__:
- Ramón Bajona
- Iván Todorovich <ivan.todorovich@gmail.com>
- `Pesol <https://www.pesol.es>`__:
- Jonathan Oscategui Taza <info@pesol.es>
Maintainers
-----------
This module is maintained by the OCA.
.. image:: https://odoo-community.org/logo.png
:alt: Odoo Community Association
:target: https://odoo-community.org
OCA, or the Odoo Community Association, is a nonprofit organization whose
mission is to support the collaborative development of Odoo features and
promote its widespread use.
.. |maintainer-pedrobaeza| image:: https://github.com/pedrobaeza.png?size=40px
:target: https://github.com/pedrobaeza
:alt: pedrobaeza
.. |maintainer-ivantodorovich| image:: https://github.com/ivantodorovich.png?size=40px
:target: https://github.com/ivantodorovich
:alt: ivantodorovich
Current `maintainers <https://odoo-community.org/page/maintainer-role>`__:
|maintainer-pedrobaeza| |maintainer-ivantodorovich|
This module is part of the `OCA/sale-workflow <https://github.com/OCA/sale-workflow/tree/18.0/sales_team_security>`_ project on GitHub.
You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

View File

@@ -0,0 +1,4 @@
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
from . import models
from .hooks import post_init_hook, uninstall_hook

View File

@@ -0,0 +1,19 @@
# Copyright 2016-2020 Tecnativa - Pedro M. Baeza
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
{
"name": "Sales documents permissions by channels (teams)",
"summary": "New group for seeing only sales channel's documents",
"version": "18.0.1.0.0",
"category": "Sales",
"website": "https://github.com/OCA/sale-workflow",
"author": "Tecnativa, Odoo Community Association (OCA)",
"license": "AGPL-3",
"installable": True,
"development_status": "Production/Stable",
"maintainers": ["pedrobaeza", "ivantodorovich"],
"depends": ["sales_team"],
"data": ["security/sales_team_security.xml"],
"post_init_hook": "post_init_hook",
"uninstall_hook": "uninstall_hook",
}

28
sales_team_security/hooks.py Executable file
View File

@@ -0,0 +1,28 @@
# Copyright 2018-2016 Tecnativa - Pedro M. Baeza
# Copyright 2020 - Iván Todorovich
# License AGPL-3 - See http://www.gnu.org/licenses/agpl-3.0.html
def post_init_hook(env):
# At installation time, we need to sync followers
partners = env["res.partner"].search(
[
("parent_id", "=", False),
("is_company", "=", True),
"|",
("user_id", "!=", False),
("child_ids.user_id", "!=", False),
]
)
partners._add_followers_from_salesmen()
def uninstall_hook(env): # pragma: no cover
"""At uninstall, revert changes made to record rules"""
env.ref("sales_team.group_sale_salesman_all_leads").write(
{
"implied_ids": [
(6, 0, [env.ref("sales_team.group_sale_salesman").id]),
],
}
)

69
sales_team_security/i18n/es.po Executable file
View File

@@ -0,0 +1,69 @@
# Translation of Odoo Server.
# This file contains the translation of the following modules:
# * sales_team_security
#
msgid ""
msgstr ""
"Project-Id-Version: Odoo Server 15.0\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2022-06-28 21:00+0000\n"
"PO-Revision-Date: 2022-06-28 21:00+0000\n"
"Last-Translator: \n"
"Language-Team: \n"
"Language: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: \n"
"Plural-Forms: \n"
#. module: sales_team_security
#: model:ir.model,name:sales_team_security.model_res_partner
msgid "Contact"
msgstr "Contacto"
#. module: sales_team_security
#: model:ir.model.fields,help:sales_team_security.field_res_partner__team_id
#: model:ir.model.fields,help:sales_team_security.field_res_users__team_id
msgid ""
"If set, this Sales Team will be used for sales and assignments related to "
"this partner"
msgstr ""
"Si está configurado, este equipo de ventas será usado para las ventas y "
"asignaciones relacionadas a este partner."
#. module: sales_team_security
#: model:ir.model,name:sales_team_security.model_ir_rule
msgid "Record Rule"
msgstr "Regla de registro"
#. module: sales_team_security
#: model:ir.model.fields,field_description:sales_team_security.field_res_partner__team_id
#: model:ir.model.fields,field_description:sales_team_security.field_res_users__team_id
msgid "Sales Team"
msgstr "Equipo de ventas"
#. module: sales_team_security
#: model:ir.model.fields,field_description:sales_team_security.field_res_partner__user_id
#: model:ir.model.fields,field_description:sales_team_security.field_res_users__user_id
msgid "Salesperson"
msgstr "Comercial"
#. module: sales_team_security
#: model:ir.model.fields,help:sales_team_security.field_res_partner__user_id
#: model:ir.model.fields,help:sales_team_security.field_res_users__user_id
msgid "The internal user in charge of this contact."
msgstr "El usuario interno a cargo de este contacto."
#. module: sales_team_security
#: model:res.groups,comment:sales_team_security.group_sale_team_manager
msgid ""
"The user will have an access to the documents of the sales teams he/she "
"belongs to."
msgstr ""
"El usuario tendrá acceso a los documentos de los equipos comerciales a los "
"que pertenece."
#. module: sales_team_security
#: model:res.groups,name:sales_team_security.group_sale_team_manager
msgid "User: Team Documents Only"
msgstr "Usuario: Solo documentos del equipo"

69
sales_team_security/i18n/it.po Executable file
View File

@@ -0,0 +1,69 @@
# Translation of Odoo Server.
# This file contains the translation of the following modules:
# * sales_team_security
#
msgid ""
msgstr ""
"Project-Id-Version: Odoo Server 15.0\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2022-06-28 21:01+0000\n"
"PO-Revision-Date: 2023-12-12 11:01+0000\n"
"Last-Translator: mymage <stefano.consolaro@mymage.it>\n"
"Language-Team: \n"
"Language: it\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: \n"
"Plural-Forms: nplurals=2; plural=n != 1;\n"
"X-Generator: Weblate 4.17\n"
#. module: sales_team_security
#: model:ir.model,name:sales_team_security.model_res_partner
msgid "Contact"
msgstr "Contatto"
#. module: sales_team_security
#: model:ir.model.fields,help:sales_team_security.field_res_partner__team_id
#: model:ir.model.fields,help:sales_team_security.field_res_users__team_id
msgid ""
"If set, this Sales Team will be used for sales and assignments related to "
"this partner"
msgstr ""
"Se impostato, il team di vendita viene utilizzato per vendite e assegnazioni "
"correlate al partner"
#. module: sales_team_security
#: model:ir.model,name:sales_team_security.model_ir_rule
msgid "Record Rule"
msgstr "Regola su record"
#. module: sales_team_security
#: model:ir.model.fields,field_description:sales_team_security.field_res_partner__team_id
#: model:ir.model.fields,field_description:sales_team_security.field_res_users__team_id
msgid "Sales Team"
msgstr "Team di vendita"
#. module: sales_team_security
#: model:ir.model.fields,field_description:sales_team_security.field_res_partner__user_id
#: model:ir.model.fields,field_description:sales_team_security.field_res_users__user_id
msgid "Salesperson"
msgstr "Addetto vendite"
#. module: sales_team_security
#: model:ir.model.fields,help:sales_team_security.field_res_partner__user_id
#: model:ir.model.fields,help:sales_team_security.field_res_users__user_id
msgid "The internal user in charge of this contact."
msgstr "L'utente interno responsabile di questo contatto."
#. module: sales_team_security
#: model:res.groups,comment:sales_team_security.group_sale_team_manager
msgid ""
"The user will have an access to the documents of the sales teams he/she "
"belongs to."
msgstr ""
"L'utente avrà accesso ai documenti del team di vendita a cui appartiene."
#. module: sales_team_security
#: model:res.groups,name:sales_team_security.group_sale_team_manager
msgid "User: Team Documents Only"
msgstr "Utente: solo documenti del team"

49
sales_team_security/i18n/pt.po Executable file
View File

@@ -0,0 +1,49 @@
# Translation of Odoo Server.
# This file contains the translation of the following modules:
# * sales_team_security
#
msgid ""
msgstr ""
"Project-Id-Version: Odoo Server 18.0\n"
"Report-Msgid-Bugs-To: \n"
"Last-Translator: Automatically generated\n"
"Language-Team: none\n"
"Language: pt\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: \n"
"Plural-Forms: nplurals=2; plural=n > 1;\n"
#. module: sales_team_security
#: model:ir.model,name:sales_team_security.model_res_partner
msgid "Contact"
msgstr ""
#. module: sales_team_security
#: model:ir.model,name:sales_team_security.model_ir_rule
msgid "Record Rule"
msgstr ""
#. module: sales_team_security
#: model:ir.model.fields,field_description:sales_team_security.field_res_partner__user_id
#: model:ir.model.fields,field_description:sales_team_security.field_res_users__user_id
msgid "Salesperson"
msgstr ""
#. module: sales_team_security
#: model:ir.model.fields,help:sales_team_security.field_res_partner__user_id
#: model:ir.model.fields,help:sales_team_security.field_res_users__user_id
msgid "The internal user in charge of this contact."
msgstr ""
#. module: sales_team_security
#: model:res.groups,comment:sales_team_security.group_sale_team_manager
msgid ""
"The user will have an access to the documents of the sales teams he/she "
"belongs to."
msgstr ""
#. module: sales_team_security
#: model:res.groups,name:sales_team_security.group_sale_team_manager
msgid "User: Team Documents Only"
msgstr ""

View File

@@ -0,0 +1,48 @@
# Translation of Odoo Server.
# This file contains the translation of the following modules:
# * sales_team_security
#
msgid ""
msgstr ""
"Project-Id-Version: Odoo Server 18.0\n"
"Report-Msgid-Bugs-To: \n"
"Last-Translator: \n"
"Language-Team: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: \n"
"Plural-Forms: \n"
#. module: sales_team_security
#: model:ir.model,name:sales_team_security.model_res_partner
msgid "Contact"
msgstr ""
#. module: sales_team_security
#: model:ir.model,name:sales_team_security.model_ir_rule
msgid "Record Rule"
msgstr ""
#. module: sales_team_security
#: model:ir.model.fields,field_description:sales_team_security.field_res_partner__user_id
#: model:ir.model.fields,field_description:sales_team_security.field_res_users__user_id
msgid "Salesperson"
msgstr ""
#. module: sales_team_security
#: model:ir.model.fields,help:sales_team_security.field_res_partner__user_id
#: model:ir.model.fields,help:sales_team_security.field_res_users__user_id
msgid "The internal user in charge of this contact."
msgstr ""
#. module: sales_team_security
#: model:res.groups,comment:sales_team_security.group_sale_team_manager
msgid ""
"The user will have an access to the documents of the sales teams he/she "
"belongs to."
msgstr ""
#. module: sales_team_security
#: model:res.groups,name:sales_team_security.group_sale_team_manager
msgid "User: Team Documents Only"
msgstr ""

View File

@@ -0,0 +1,3 @@
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
from . import ir_rule
from . import res_partner

View File

@@ -0,0 +1,44 @@
# Copyright 2020 Tecnativa - Pedro M. Baeza
# License AGPL-3 - See http://www.gnu.org/licenses/agpl-3.0.html
from odoo import api, models, tools
from odoo.osv import expression
from odoo.tools import config
class IrRule(models.Model):
_inherit = "ir.rule"
@api.model
@tools.conditional(
"xml" not in config["dev_mode"],
tools.ormcache(
"self.env.uid",
"self.env.su",
"model_name",
"mode",
"tuple(self._compute_domain_context_values())",
),
)
def _compute_domain(self, model_name, mode="read"):
"""Inject extra domain for restricting partners when the user
has the group 'Sales / User: Own Documents Only'.
"""
res = super()._compute_domain(model_name, mode=mode)
user = self.env.user
group_my_records = "sales_team.group_sale_salesman"
group_all_records = "sales_team.group_sale_salesman_all_leads"
if model_name == "res.partner" and not self.env.su:
if user.has_group(group_my_records) and not user.has_group(
group_all_records
):
domain_followers = [
"|",
("message_partner_ids", "in", user.partner_id.ids),
("id", "=", user.partner_id.id),
]
domain_user = [("user_id", "in", [user.id, False])]
extra_domain = expression.OR([domain_followers, domain_user])
extra_domain = expression.normalize_domain(extra_domain)
res = expression.AND([extra_domain] + [res])
return res

View File

@@ -0,0 +1,53 @@
# Copyright 2016-2018 Tecnativa - Pedro M. Baeza
# Copyright 2021 Tecnativa - Víctor Martínez
# License AGPL-3 - See http://www.gnu.org/licenses/agpl-3.0.html
from odoo import api, fields, models
class ResPartner(models.Model):
_inherit = "res.partner"
# add indexes for better performance on record rules
user_id = fields.Many2one(index=True)
def _remove_key_followers(self, partner):
for record in self.mapped("commercial_partner_id"):
# Look for delivery and invoice addresses
childrens = record.child_ids.filtered(
lambda x: x.type in {"invoice", "delivery"}
)
(childrens + record).message_unsubscribe(partner_ids=partner.ids)
def _add_followers_from_salesmen(self):
"""Sync followers in commercial partner + delivery/invoice contacts."""
for record in self.commercial_partner_id:
followers = (record.child_ids + record).user_id.partner_id
# Look for delivery and invoice addresses
childrens = record.child_ids.filtered(
lambda x: x.type in {"invoice", "delivery"}
)
(childrens + record).message_subscribe(partner_ids=followers.ids)
@api.model_create_multi
def create(self, vals_list):
"""Sync followers on contact creation."""
records = super().create(vals_list)
records._add_followers_from_salesmen()
return records
def write(self, vals):
"""If the salesman is changed, first remove the old salesman as follower
of the key contacts (commercial + delivery/invoice), and then sync for
the new ones.
It performs as well the followers sync on contact type change.
"""
if "user_id" in vals:
for record in self.filtered("user_id"):
record._remove_key_followers(record.user_id.partner_id)
result = super().write(vals)
if "user_id" in vals or vals.get("type") in {"invoice", "delivery"}:
self._add_followers_from_salesmen()
return result

View File

@@ -0,0 +1,3 @@
[build-system]
requires = ["whool"]
build-backend = "whool.buildapi"

View File

@@ -0,0 +1,3 @@
1. Go to *Configuration \> Users & Companies \> Users*.
2. Open or create a user.
3. On the section "Sale", select "User: Team documents".

View File

@@ -0,0 +1,10 @@
- [Tecnativa](https://www.tecnativa.com):
- Pedro M. Baeza
- Víctor Martínez
- César A. Sánchez
- Carlos Lopez
- [Guadaltech](https://www.guadaltech.es):
- Ramón Bajona
- Iván Todorovich \<<ivan.todorovich@gmail.com>\>
- [Pesol](https://www.pesol.es):
- Jonathan Oscategui Taza \<<info@pesol.es>\>

View File

@@ -0,0 +1,26 @@
This module adds a new "Sale" group called "User: Team documents", that
includes the proper permissions for showing only the information related
to that user sale team (having assigned that team/channel or no team at
all, independently from the assigned salesman):
- Contacts.
- Quotations/Sales Orders (implemented in sales_team_security_sale)
- Leads/Opportunities (implemented in sales_team_security_crm)
It also handles the sync (auto-creation and remove) of followers in
company partners and childs of them according to salesmans. Any example
about it: - Partner company \> Salesman: Admin - Partner company,
Contact 1 \> Without salesman - Partner company, Contact 2 \> Salesman:
Demo All these partners have these followers: Admin + Demo
And finally, there are rules for partners to be restricted to the own
ones for the group "User: Own Documents Only" for being coherent with
the permission scheme. Someone with this permission will see:
- Contacts without salesman assigned.
- Contacts with them as salesman.
- Contacts with them as follower.
For keeping consistent accesses, followers of the main and
shipping/invoice contacts are synced according the salesman of the
children contacts

View File

@@ -0,0 +1,3 @@
At installation time, this module syncs followers in
parent contacts and invoice/shipping addresses. If you have a lot of
contacts, this operation can take a while.

View File

@@ -0,0 +1,2 @@
- This module modifies the sales security groups hierarchy, so any other
module doing something similar might conflict with this one.

View File

@@ -0,0 +1,15 @@
<?xml version="1.0" encoding="utf-8" ?>
<odoo>
<record id="group_sale_team_manager" model="res.groups">
<field name="name">User: Team Documents Only</field>
<field
name="comment"
>The user will have an access to the documents of the sales teams he/she belongs to.</field>
<field name="category_id" ref="base.module_category_sales_sales" />
<field name="implied_ids" eval="[(4, ref('sales_team.group_sale_salesman'))]" />
</record>
<record id="sales_team.group_sale_salesman_all_leads" model="res.groups">
<field name="implied_ids" eval="[(6, 0, [ref('group_sale_team_manager')])]" />
</record>
</odoo>

Binary file not shown.

After

Width:  |  Height:  |  Size: 9.2 KiB

View File

@@ -0,0 +1,488 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="generator" content="Docutils: https://docutils.sourceforge.io/" />
<title>Sales documents permissions by channels (teams)</title>
<style type="text/css">
/*
:Author: David Goodger (goodger@python.org)
:Id: $Id: html4css1.css 9511 2024-01-13 09:50:07Z milde $
:Copyright: This stylesheet has been placed in the public domain.
Default cascading style sheet for the HTML output of Docutils.
Despite the name, some widely supported CSS2 features are used.
See https://docutils.sourceforge.io/docs/howto/html-stylesheets.html for how to
customize this style sheet.
*/
/* used to remove borders from tables and images */
.borderless, table.borderless td, table.borderless th {
border: 0 }
table.borderless td, table.borderless th {
/* Override padding for "table.docutils td" with "! important".
The right padding separates the table cells. */
padding: 0 0.5em 0 0 ! important }
.first {
/* Override more specific margin styles with "! important". */
margin-top: 0 ! important }
.last, .with-subtitle {
margin-bottom: 0 ! important }
.hidden {
display: none }
.subscript {
vertical-align: sub;
font-size: smaller }
.superscript {
vertical-align: super;
font-size: smaller }
a.toc-backref {
text-decoration: none ;
color: black }
blockquote.epigraph {
margin: 2em 5em ; }
dl.docutils dd {
margin-bottom: 0.5em }
object[type="image/svg+xml"], object[type="application/x-shockwave-flash"] {
overflow: hidden;
}
/* Uncomment (and remove this text!) to get bold-faced definition list terms
dl.docutils dt {
font-weight: bold }
*/
div.abstract {
margin: 2em 5em }
div.abstract p.topic-title {
font-weight: bold ;
text-align: center }
div.admonition, div.attention, div.caution, div.danger, div.error,
div.hint, div.important, div.note, div.tip, div.warning {
margin: 2em ;
border: medium outset ;
padding: 1em }
div.admonition p.admonition-title, div.hint p.admonition-title,
div.important p.admonition-title, div.note p.admonition-title,
div.tip p.admonition-title {
font-weight: bold ;
font-family: sans-serif }
div.attention p.admonition-title, div.caution p.admonition-title,
div.danger p.admonition-title, div.error p.admonition-title,
div.warning p.admonition-title, .code .error {
color: red ;
font-weight: bold ;
font-family: sans-serif }
/* Uncomment (and remove this text!) to get reduced vertical space in
compound paragraphs.
div.compound .compound-first, div.compound .compound-middle {
margin-bottom: 0.5em }
div.compound .compound-last, div.compound .compound-middle {
margin-top: 0.5em }
*/
div.dedication {
margin: 2em 5em ;
text-align: center ;
font-style: italic }
div.dedication p.topic-title {
font-weight: bold ;
font-style: normal }
div.figure {
margin-left: 2em ;
margin-right: 2em }
div.footer, div.header {
clear: both;
font-size: smaller }
div.line-block {
display: block ;
margin-top: 1em ;
margin-bottom: 1em }
div.line-block div.line-block {
margin-top: 0 ;
margin-bottom: 0 ;
margin-left: 1.5em }
div.sidebar {
margin: 0 0 0.5em 1em ;
border: medium outset ;
padding: 1em ;
background-color: #ffffee ;
width: 40% ;
float: right ;
clear: right }
div.sidebar p.rubric {
font-family: sans-serif ;
font-size: medium }
div.system-messages {
margin: 5em }
div.system-messages h1 {
color: red }
div.system-message {
border: medium outset ;
padding: 1em }
div.system-message p.system-message-title {
color: red ;
font-weight: bold }
div.topic {
margin: 2em }
h1.section-subtitle, h2.section-subtitle, h3.section-subtitle,
h4.section-subtitle, h5.section-subtitle, h6.section-subtitle {
margin-top: 0.4em }
h1.title {
text-align: center }
h2.subtitle {
text-align: center }
hr.docutils {
width: 75% }
img.align-left, .figure.align-left, object.align-left, table.align-left {
clear: left ;
float: left ;
margin-right: 1em }
img.align-right, .figure.align-right, object.align-right, table.align-right {
clear: right ;
float: right ;
margin-left: 1em }
img.align-center, .figure.align-center, object.align-center {
display: block;
margin-left: auto;
margin-right: auto;
}
table.align-center {
margin-left: auto;
margin-right: auto;
}
.align-left {
text-align: left }
.align-center {
clear: both ;
text-align: center }
.align-right {
text-align: right }
/* reset inner alignment in figures */
div.align-right {
text-align: inherit }
/* div.align-center * { */
/* text-align: left } */
.align-top {
vertical-align: top }
.align-middle {
vertical-align: middle }
.align-bottom {
vertical-align: bottom }
ol.simple, ul.simple {
margin-bottom: 1em }
ol.arabic {
list-style: decimal }
ol.loweralpha {
list-style: lower-alpha }
ol.upperalpha {
list-style: upper-alpha }
ol.lowerroman {
list-style: lower-roman }
ol.upperroman {
list-style: upper-roman }
p.attribution {
text-align: right ;
margin-left: 50% }
p.caption {
font-style: italic }
p.credits {
font-style: italic ;
font-size: smaller }
p.label {
white-space: nowrap }
p.rubric {
font-weight: bold ;
font-size: larger ;
color: maroon ;
text-align: center }
p.sidebar-title {
font-family: sans-serif ;
font-weight: bold ;
font-size: larger }
p.sidebar-subtitle {
font-family: sans-serif ;
font-weight: bold }
p.topic-title {
font-weight: bold }
pre.address {
margin-bottom: 0 ;
margin-top: 0 ;
font: inherit }
pre.literal-block, pre.doctest-block, pre.math, pre.code {
margin-left: 2em ;
margin-right: 2em }
pre.code .ln { color: gray; } /* line numbers */
pre.code, code { background-color: #eeeeee }
pre.code .comment, code .comment { color: #5C6576 }
pre.code .keyword, code .keyword { color: #3B0D06; font-weight: bold }
pre.code .literal.string, code .literal.string { color: #0C5404 }
pre.code .name.builtin, code .name.builtin { color: #352B84 }
pre.code .deleted, code .deleted { background-color: #DEB0A1}
pre.code .inserted, code .inserted { background-color: #A3D289}
span.classifier {
font-family: sans-serif ;
font-style: oblique }
span.classifier-delimiter {
font-family: sans-serif ;
font-weight: bold }
span.interpreted {
font-family: sans-serif }
span.option {
white-space: nowrap }
span.pre {
white-space: pre }
span.problematic, pre.problematic {
color: red }
span.section-subtitle {
/* font-size relative to parent (h1..h6 element) */
font-size: 80% }
table.citation {
border-left: solid 1px gray;
margin-left: 1px }
table.docinfo {
margin: 2em 4em }
table.docutils {
margin-top: 0.5em ;
margin-bottom: 0.5em }
table.footnote {
border-left: solid 1px black;
margin-left: 1px }
table.docutils td, table.docutils th,
table.docinfo td, table.docinfo th {
padding-left: 0.5em ;
padding-right: 0.5em ;
vertical-align: top }
table.docutils th.field-name, table.docinfo th.docinfo-name {
font-weight: bold ;
text-align: left ;
white-space: nowrap ;
padding-left: 0 }
/* "booktabs" style (no vertical lines) */
table.docutils.booktabs {
border: 0px;
border-top: 2px solid;
border-bottom: 2px solid;
border-collapse: collapse;
}
table.docutils.booktabs * {
border: 0px;
}
table.docutils.booktabs th {
border-bottom: thin solid;
text-align: left;
}
h1 tt.docutils, h2 tt.docutils, h3 tt.docutils,
h4 tt.docutils, h5 tt.docutils, h6 tt.docutils {
font-size: 100% }
ul.auto-toc {
list-style-type: none }
</style>
</head>
<body>
<div class="document" id="sales-documents-permissions-by-channels-teams">
<h1 class="title">Sales documents permissions by channels (teams)</h1>
<!-- !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!! This file is generated by oca-gen-addon-readme !!
!! changes will be overwritten. !!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!! source digest: sha256:24b329b5d549776cc4304d55a06f0257822eea382c56b85bbc9e0cba29843d6a
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Production/Stable" src="https://img.shields.io/badge/maturity-Production%2FStable-green.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/sale-workflow/tree/18.0/sales_team_security"><img alt="OCA/sale-workflow" src="https://img.shields.io/badge/github-OCA%2Fsale--workflow-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/sale-workflow-18-0/sale-workflow-18-0-sales_team_security"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/sale-workflow&amp;target_branch=18.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
<p>This module adds a new “Sale” group called “User: Team documents”, that
includes the proper permissions for showing only the information related
to that user sale team (having assigned that team/channel or no team at
all, independently from the assigned salesman):</p>
<ul class="simple">
<li>Contacts.</li>
<li>Quotations/Sales Orders (implemented in sales_team_security_sale)</li>
<li>Leads/Opportunities (implemented in sales_team_security_crm)</li>
</ul>
<p>It also handles the sync (auto-creation and remove) of followers in
company partners and childs of them according to salesmans. Any example
about it: - Partner company &gt; Salesman: Admin - Partner company, Contact
1 &gt; Without salesman - Partner company, Contact 2 &gt; Salesman: Demo All
these partners have these followers: Admin + Demo</p>
<p>And finally, there are rules for partners to be restricted to the own
ones for the group “User: Own Documents Only” for being coherent with
the permission scheme. Someone with this permission will see:</p>
<ul class="simple">
<li>Contacts without salesman assigned.</li>
<li>Contacts with them as salesman.</li>
<li>Contacts with them as follower.</li>
</ul>
<p>For keeping consistent accesses, followers of the main and
shipping/invoice contacts are synced according the salesman of the
children contacts</p>
<p><strong>Table of contents</strong></p>
<div class="contents local topic" id="contents">
<ul class="simple">
<li><a class="reference internal" href="#installation" id="toc-entry-1">Installation</a></li>
<li><a class="reference internal" href="#configuration" id="toc-entry-2">Configuration</a></li>
<li><a class="reference internal" href="#known-issues-roadmap" id="toc-entry-3">Known issues / Roadmap</a></li>
<li><a class="reference internal" href="#bug-tracker" id="toc-entry-4">Bug Tracker</a></li>
<li><a class="reference internal" href="#credits" id="toc-entry-5">Credits</a><ul>
<li><a class="reference internal" href="#authors" id="toc-entry-6">Authors</a></li>
<li><a class="reference internal" href="#contributors" id="toc-entry-7">Contributors</a></li>
<li><a class="reference internal" href="#maintainers" id="toc-entry-8">Maintainers</a></li>
</ul>
</li>
</ul>
</div>
<div class="section" id="installation">
<h1><a class="toc-backref" href="#toc-entry-1">Installation</a></h1>
<p>At installation time, this module syncs followers in parent contacts and
invoice/shipping addresses. If you have a lot of contacts, this
operation can take a while.</p>
</div>
<div class="section" id="configuration">
<h1><a class="toc-backref" href="#toc-entry-2">Configuration</a></h1>
<ol class="arabic simple">
<li>Go to <em>Configuration &gt; Users &amp; Companies &gt; Users</em>.</li>
<li>Open or create a user.</li>
<li>On the section “Sale”, select “User: Team documents”.</li>
</ol>
</div>
<div class="section" id="known-issues-roadmap">
<h1><a class="toc-backref" href="#toc-entry-3">Known issues / Roadmap</a></h1>
<ul class="simple">
<li>This module modifies the sales security groups hierarchy, so any other
module doing something similar might conflict with this one.</li>
</ul>
</div>
<div class="section" id="bug-tracker">
<h1><a class="toc-backref" href="#toc-entry-4">Bug Tracker</a></h1>
<p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/sale-workflow/issues">GitHub Issues</a>.
In case of trouble, please check there if your issue has already been reported.
If you spotted it first, help us to smash it by providing a detailed and welcomed
<a class="reference external" href="https://github.com/OCA/sale-workflow/issues/new?body=module:%20sales_team_security%0Aversion:%2018.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
<p>Do not contact contributors directly about support or help with technical issues.</p>
</div>
<div class="section" id="credits">
<h1><a class="toc-backref" href="#toc-entry-5">Credits</a></h1>
<div class="section" id="authors">
<h2><a class="toc-backref" href="#toc-entry-6">Authors</a></h2>
<ul class="simple">
<li>Tecnativa</li>
</ul>
</div>
<div class="section" id="contributors">
<h2><a class="toc-backref" href="#toc-entry-7">Contributors</a></h2>
<ul class="simple">
<li><a class="reference external" href="https://www.tecnativa.com">Tecnativa</a>:<ul>
<li>Pedro M. Baeza</li>
<li>Víctor Martínez</li>
<li>César A. Sánchez</li>
<li>Carlos Lopez</li>
</ul>
</li>
<li><a class="reference external" href="https://www.guadaltech.es">Guadaltech</a>:<ul>
<li>Ramón Bajona</li>
</ul>
</li>
<li>Iván Todorovich &lt;<a class="reference external" href="mailto:ivan.todorovich&#64;gmail.com">ivan.todorovich&#64;gmail.com</a>&gt;</li>
<li><a class="reference external" href="https://www.pesol.es">Pesol</a>:<ul>
<li>Jonathan Oscategui Taza &lt;<a class="reference external" href="mailto:info&#64;pesol.es">info&#64;pesol.es</a>&gt;</li>
</ul>
</li>
</ul>
</div>
<div class="section" id="maintainers">
<h2><a class="toc-backref" href="#toc-entry-8">Maintainers</a></h2>
<p>This module is maintained by the OCA.</p>
<a class="reference external image-reference" href="https://odoo-community.org">
<img alt="Odoo Community Association" src="https://odoo-community.org/logo.png" />
</a>
<p>OCA, or the Odoo Community Association, is a nonprofit organization whose
mission is to support the collaborative development of Odoo features and
promote its widespread use.</p>
<p>Current <a class="reference external" href="https://odoo-community.org/page/maintainer-role">maintainers</a>:</p>
<p><a class="reference external image-reference" href="https://github.com/pedrobaeza"><img alt="pedrobaeza" src="https://github.com/pedrobaeza.png?size=40px" /></a> <a class="reference external image-reference" href="https://github.com/ivantodorovich"><img alt="ivantodorovich" src="https://github.com/ivantodorovich.png?size=40px" /></a></p>
<p>This module is part of the <a class="reference external" href="https://github.com/OCA/sale-workflow/tree/18.0/sales_team_security">OCA/sale-workflow</a> project on GitHub.</p>
<p>You are welcome to contribute. To learn how please visit <a class="reference external" href="https://odoo-community.org/page/Contribute">https://odoo-community.org/page/Contribute</a>.</p>
</div>
</div>
</div>
</body>
</html>

View File

@@ -0,0 +1,3 @@
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
from . import test_sales_team_security

View File

@@ -0,0 +1,125 @@
# Copyright 2016-2020 Tecnativa - Pedro M. Baeza
# Copyright 2021 Tecnativa - Víctor Martínez
# License AGPL-3 - See http://www.gnu.org/licenses/agpl-3.0.html
from odoo.tools import mute_logger
from odoo.addons.base.tests.common import BaseCommon
class TestCommon(BaseCommon):
@classmethod
def setUpClass(cls):
super().setUpClass()
cls.team = cls.env["crm.team"].create({"name": "Test channel"})
cls.team2 = cls.env["crm.team"].create({"name": "Test channel 2"})
cls.user = cls.env["res.users"].create(
{
"login": "sales_team_security",
"name": "Test sales_team_security user",
"groups_id": [(4, cls.env.ref("sales_team.group_sale_salesman").id)],
}
)
cls.crm_team_member = cls.env["crm.team.member"].create(
{
"user_id": cls.user.id,
"crm_team_id": cls.team.id,
}
)
cls.partner = cls.env["res.partner"].create({"name": "Test partner"})
cls.partner_child_1 = cls.env["res.partner"].create(
{"name": "Child 1", "parent_id": cls.partner.id}
)
cls.partner_child_2 = cls.env["res.partner"].create(
{"name": "Child 2", "parent_id": cls.partner.id, "type": "invoice"}
)
cls.partner2 = cls.env["res.partner"].create(
{"name": "Test partner 2", "user_id": cls.user.id}
)
cls.user2 = cls.env["res.users"].create(
{
"login": "sales_team_security2",
"name": "Test sales_team_security user 2",
"groups_id": [(4, cls.env.ref("sales_team.group_sale_salesman").id)],
}
)
cls.crm_team_member2 = cls.env["crm.team.member"].create(
{
"user_id": cls.user2.id,
"crm_team_id": cls.team.id,
}
)
cls.check_permission_subscribe = False
def _check_permission(self, salesman, team, expected):
vals = {"user_id": salesman.id if salesman else salesman}
# Check if the record has a team_id field
# This is needed for the test to work with different models
# such as sales_team_security_crm and sales_team_security_sale modules.
if "team_id" in self.record._fields:
vals["team_id"] = team.id if team else team
self.record.write(vals)
domain = [("id", "=", self.record.id)]
if (
self.check_permission_subscribe
): # Force unsubscription for not interfering with real test
self.record.message_subscribe(partner_ids=self.user.partner_id.ids)
else:
self.record.message_unsubscribe(partner_ids=self.user.partner_id.ids)
obj = self.env[self.record._name].with_user(self.user)
self.assertEqual(bool(obj.search(domain)), expected)
@mute_logger("odoo.models.unlink")
def _check_whole_permission_set(self, extra_checks=True):
is_res_partner = self.record._name == "res.partner"
self._check_permission(False, False, True)
self._check_permission(self.user, False, True)
self._check_permission(self.user2, False, False)
self._check_permission(False, self.team, True)
self._check_permission(self.user, self.team, True)
self._check_permission(self.user, self.team2, True)
self._check_permission(self.user2, self.team2, False)
self._check_permission(self.user2, self.team, False)
# Add to group "Team manager"
self.user.groups_id = [
(4, self.env.ref("sales_team_security.group_sale_team_manager").id)
]
self._check_permission(False, False, True)
self._check_permission(self.user, False, True)
if not is_res_partner:
self._check_permission(self.user2, False, True)
self._check_permission(False, self.team, True)
self._check_permission(self.user, self.team, True)
if is_res_partner:
self.check_permission_subscribe = True
self._check_permission(self.user, self.team2, True)
self.check_permission_subscribe = False
else:
self._check_permission(self.user, self.team2, True)
self._check_permission(self.user2, self.team2, False)
if not is_res_partner:
self._check_permission(self.user2, self.team, True)
# Add to group "See all leads"
self.user.groups_id = [
(4, self.env.ref("sales_team.group_sale_salesman_all_leads").id)
]
self._check_permission(False, False, True)
self._check_permission(self.user, False, True)
self._check_permission(self.user2, False, True)
self._check_permission(False, self.team, True)
self._check_permission(False, self.team2, True)
self._check_permission(self.user, self.team, True)
self._check_permission(self.user, self.team2, True)
self._check_permission(self.user2, self.team2, True)
self._check_permission(self.user2, self.team, True)
# Regular internal user
if extra_checks and is_res_partner:
self.user.groups_id = [(6, 0, [self.env.ref("base.group_user").id])]
self._check_permission(False, False, True)
self._check_permission(self.user, False, True)
self._check_permission(self.user2, False, True)
self._check_permission(False, self.team, True)
self._check_permission(False, self.team2, True)
self._check_permission(self.user, self.team, True)
self._check_permission(self.user, self.team2, True)
self._check_permission(self.user2, self.team2, True)
self._check_permission(self.user2, self.team, True)

View File

@@ -0,0 +1,59 @@
# Copyright 2016-2020 Tecnativa - Pedro M. Baeza
# Copyright 2021 Tecnativa - Víctor Martínez
# License AGPL-3 - See http://www.gnu.org/licenses/agpl-3.0.html
from .common import TestCommon
class TestSalesTeamSecurity(TestCommon):
@classmethod
def setUpClass(cls):
super().setUpClass()
cls.user_partner = cls.user.partner_id
cls.user2_partner = cls.user2.partner_id
cls.record = cls.partner
def test_onchange_parent_id(self):
contact2 = self.env["res.partner"].create(
{"name": "Test contact", "parent_id": self.partner2.id}
)
self.assertEqual(contact2.user_id, self.user)
def test_change_user_id_partner(self):
self.partner.write({"user_id": self.user.id})
self.assertIn(self.user_partner, self.partner.message_partner_ids)
self.assertNotIn(self.user_partner, self.partner_child_1.message_partner_ids)
self.assertIn(self.user_partner, self.partner_child_2.message_partner_ids)
# Change salesman
self.partner.write({"user_id": self.user2.id})
self.assertNotIn(self.user_partner, self.partner.message_partner_ids)
self.assertIn(self.user2_partner, self.partner.message_partner_ids)
self.assertNotIn(self.user_partner, self.partner_child_2.message_partner_ids)
self.assertIn(self.user2_partner, self.partner_child_2.message_partner_ids)
def test_change_user_id_partner_child_1(self):
self.partner_child_1.write({"user_id": self.user.id})
self.assertIn(self.user_partner, self.partner.message_partner_ids)
self.assertIn(self.user_partner, self.partner_child_2.message_partner_ids)
# Change salesman
self.partner_child_1.write({"user_id": self.user2.id})
self.assertNotIn(self.user_partner, self.partner.message_partner_ids)
self.assertIn(self.user2_partner, self.partner.message_partner_ids)
self.assertNotIn(self.user_partner, self.partner_child_2.message_partner_ids)
self.assertIn(self.user2_partner, self.partner_child_2.message_partner_ids)
def test_partner_permissions(self):
self._check_whole_permission_set()
def test_partner_permissions_subscription(self):
self.check_permission_subscribe = True
self._check_permission(self.user2, False, True)
def test_partner_permissions_own_partner(self):
self.user.partner_id.write({"user_id": self.user2.id})
domain = [("id", "in", self.user.partner_id.ids)]
Partner = self.env["res.partner"].with_user(self.user)
# Make sure the acces is not due to the subscription
self.partner.message_unsubscribe(partner_ids=self.user.partner_id.ids)
self.assertEqual(bool(Partner.search(domain)), True)