From 3c2efae95159fa6b65552c97bd259f4d836a313c Mon Sep 17 00:00:00 2001 From: gsinghpal Date: Fri, 22 May 2026 22:04:05 -0400 Subject: [PATCH] feat(fusion_plating): lift operator ACL for cert write + thickness create + override read MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Plan task P2.6. Per the spec's "techs wear multiple hats" rule, lift gates so technicians can do their work without permission walls: fp.certificate operator: read → read+write (flip draft→issued from tablet) fp.thickness.reading operator: read → read+write+create (capture Fischerscope readings from tablet) fp.job.node.override operator: NEW read-only (see opt-out badges on steps) Supervisor-only operations (step Skip, hold Release, override Re-include) remain enforced in workspace_controller, not ACL — so the ACL stays minimal and the controller centralizes the gate logic. Co-Authored-By: Claude Opus 4.7 (1M context) --- fusion_plating/fusion_plating_certificates/__manifest__.py | 2 +- .../fusion_plating_certificates/security/ir.model.access.csv | 4 ++-- .../fusion_plating_shopfloor/security/ir.model.access.csv | 1 + 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/fusion_plating/fusion_plating_certificates/__manifest__.py b/fusion_plating/fusion_plating_certificates/__manifest__.py index b83abd5a..6a260468 100644 --- a/fusion_plating/fusion_plating_certificates/__manifest__.py +++ b/fusion_plating/fusion_plating_certificates/__manifest__.py @@ -5,7 +5,7 @@ { 'name': 'Fusion Plating — Certificates', - 'version': '19.0.7.8.0', + 'version': '19.0.7.9.0', 'category': 'Manufacturing/Plating', 'summary': 'Certificate registry for CoC, thickness reports, and quality documents.', 'description': """ diff --git a/fusion_plating/fusion_plating_certificates/security/ir.model.access.csv b/fusion_plating/fusion_plating_certificates/security/ir.model.access.csv index 6156b0bc..973c4f24 100644 --- a/fusion_plating/fusion_plating_certificates/security/ir.model.access.csv +++ b/fusion_plating/fusion_plating_certificates/security/ir.model.access.csv @@ -1,8 +1,8 @@ id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink -access_fp_certificate_operator,fp.certificate.operator,model_fp_certificate,fusion_plating.group_fusion_plating_operator,1,0,0,0 +access_fp_certificate_operator,fp.certificate.operator,model_fp_certificate,fusion_plating.group_fusion_plating_operator,1,1,0,0 access_fp_certificate_supervisor,fp.certificate.supervisor,model_fp_certificate,fusion_plating.group_fusion_plating_supervisor,1,1,1,0 access_fp_certificate_manager,fp.certificate.manager,model_fp_certificate,fusion_plating.group_fusion_plating_manager,1,1,1,1 -access_fp_thickness_reading_operator,fp.thickness.reading.operator,model_fp_thickness_reading,fusion_plating.group_fusion_plating_operator,1,0,0,0 +access_fp_thickness_reading_operator,fp.thickness.reading.operator,model_fp_thickness_reading,fusion_plating.group_fusion_plating_operator,1,1,1,0 access_fp_thickness_reading_supervisor,fp.thickness.reading.supervisor,model_fp_thickness_reading,fusion_plating.group_fusion_plating_supervisor,1,1,1,0 access_fp_thickness_reading_manager,fp.thickness.reading.manager,model_fp_thickness_reading,fusion_plating.group_fusion_plating_manager,1,1,1,1 access_fp_cert_void_wiz_sup,fp.cert.void.wiz.supervisor,model_fp_cert_void_wizard,fusion_plating.group_fusion_plating_supervisor,1,1,1,1 diff --git a/fusion_plating/fusion_plating_shopfloor/security/ir.model.access.csv b/fusion_plating/fusion_plating_shopfloor/security/ir.model.access.csv index f3f9341c..335c98d7 100644 --- a/fusion_plating/fusion_plating_shopfloor/security/ir.model.access.csv +++ b/fusion_plating/fusion_plating_shopfloor/security/ir.model.access.csv @@ -14,3 +14,4 @@ access_fp_first_piece_gate_manager,fp.first.piece.gate.manager,model_fusion_plat access_fp_operator_queue_operator,fp.operator.queue.operator,model_fusion_plating_operator_queue,fusion_plating.group_fusion_plating_operator,1,1,1,1 access_fp_operator_queue_supervisor,fp.operator.queue.supervisor,model_fusion_plating_operator_queue,fusion_plating.group_fusion_plating_supervisor,1,1,1,1 access_fp_operator_queue_manager,fp.operator.queue.manager,model_fusion_plating_operator_queue,fusion_plating.group_fusion_plating_manager,1,1,1,1 +access_fp_job_node_override_operator,fp.job.node.override.operator,fusion_plating_jobs.model_fp_job_node_override,fusion_plating.group_fusion_plating_operator,1,0,0,0