feat(plating-views): Layer 3 — field/button gates per role

Phase D Task D5 of permissions overhaul. Adds explicit groups= to form-level elements so non-matching roles don't even SEE the buttons they can't use: - SO Confirm button → group_fp_sales_manager (Sales Rep sees the SO in draft but no Confirm button — matches model-level gate from Phase G) - SO pricing fields (price_unit/subtotal/total/untaxed/tax) → group_fp_sales_rep (Technician/Shop Manager don't see pricing if they navigate to an SO) - Partner Account Hold tab → group_fp_manager (was the fold-in group_fp_accounting; the audit-finding-11 _administrator typo lives in res_partner.py and is Phase G's fix) - CAPA Close + all state-transition buttons → group_fp_quality_manager; edit fields use readonly="not user_has_groups(...)" so Manager retains read+comment per spec section 2.C - Audit Start/Findings/Close buttons → group_fp_quality_manager - AVL Approve/Suspend/Reinstate/Remove → group_fp_quality_manager (model uses Suspend+Remove instead of spec's literal 'Disqualify'; both surfaces gated, semantics match) - Customer Spec edit fields → readonly for non-QM (Manager keeps read access per spec; only inputs lock) - FAIR Approve/Reject buttons → group_fp_quality_manager (Submit- for-Review and Reset stay open to whoever created the FAIR) - Certificate Issue button — Strategy B chosen: single button hidden when cert_type=nadcap_cert AND user is not QM. Cleaner than splitting into two buttons; no separate action_sign exists on fp.certificate (Issue is the sign+publish action). FAIR lives in its own model; fp.certificate only has nadcap_cert as a special type. The ir.rule from Phase C enforces model-level writes independently. - CGP form buttons (7 view files: ai, controlled_good, psa, receipt_shipment, registration, security_incident, visitor) → group_fp_quality_manager on every action button Defense in depth: ir.rules and ACLs (from Phases B + C) already restrict model access. These view gates are the UI layer that matches. Concerns: - Spec line 192 names 'sale.order view — x_fc_account_hold_override' but no such field exists in the codebase. Closest practical match was the partner-side Account Hold management tab, which already had a group= attribute. Re-gated there; no SO-side field to gate. - AVL model has no action_disqualify per spec; uses suspend+remove. Both gated to QM. - fp.certificate has no action_sign (only action_issue). FAIR's approve/reject covers the FAIR side; nadcap-cert Issue covers the cert side via Strategy B. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-24 01:45:39 -04:00
parent 9e5c23f37d
commit 269f9984ef
20 changed files with 222 additions and 74 deletions
--- a/fusion_plating/fusion_plating_configurator/manifest.py
+++ b/fusion_plating/fusion_plating_configurator/manifest.py
@@ -5,7 +5,7 @@

 {
    'name': 'Fusion Plating — Configurator',
-    'version': '19.0.21.8.2',
+    'version': '19.0.21.8.3',
    'category': 'Manufacturing/Plating',
    'summary': 'Quotation configurator with part catalog, coating configs, and formula-based pricing engine.',
    'description': """
--- a/fusion_plating/fusion_plating_configurator/views/sale_order_views.xml
+++ b/fusion_plating/fusion_plating_configurator/views/sale_order_views.xml
@@ -13,9 +13,13 @@
        <field name="inherit_id" ref="sale.view_order_form"/>
        <field name="arch" type="xml">
            <!-- Header buttons: make draft Confirm the primary CTA, demote/rename
-                 Send to "Send Email" (red), and reorder so Confirm sits first. -->
+                 Send to "Send Email" (red), and reorder so Confirm sits first.
+                 Phase D5 — gate Confirm button to Sales Manager + higher; matches
+                 the model-level gate from Phase G so Sales Rep sees the SO in
+                 draft but no Confirm button. -->
            <xpath expr="//header/button[@name='action_confirm' and not(@id)]" position="attributes">
                <attribute name="class">btn-primary</attribute>
+                <attribute name="groups">fusion_plating.group_fp_sales_manager</attribute>
            </xpath>
            <xpath expr="//header/button[@id='quotation_send_primary']" position="attributes">
                <attribute name="string">Send Email</attribute>
@@ -359,6 +363,25 @@
                <field name="x_fc_quote_id" optional="hide"/>
                <field name="x_fc_rush_order" optional="hide"/>
            </xpath>
+
+            <!-- Phase D5 — gate pricing columns/totals to Sales Rep + higher
+                 (defense in depth — Technician/Shop Manager don't see pricing
+                 even if they navigate to an SO). -->
+            <xpath expr="//field[@name='order_line']/list/field[@name='price_unit']" position="attributes">
+                <attribute name="groups">fusion_plating.group_fp_sales_rep</attribute>
+            </xpath>
+            <xpath expr="//field[@name='order_line']/list/field[@name='price_subtotal']" position="attributes">
+                <attribute name="groups">fusion_plating.group_fp_sales_rep</attribute>
+            </xpath>
+            <xpath expr="//field[@name='amount_total']" position="attributes">
+                <attribute name="groups">fusion_plating.group_fp_sales_rep</attribute>
+            </xpath>
+            <xpath expr="//field[@name='amount_untaxed']" position="attributes">
+                <attribute name="groups">fusion_plating.group_fp_sales_rep</attribute>
+            </xpath>
+            <xpath expr="//field[@name='amount_tax']" position="attributes">
+                <attribute name="groups">fusion_plating.group_fp_sales_rep</attribute>
+            </xpath>
        </field>
    </record>