admin/Odoo-Modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(fusion_accounting): move security groups to _core, add multi-company session rule

Browse Source 
Made-with: Cursor
This commit is contained in:
gsinghpal
2026-04-19 00:14:36 -04:00
parent 10140a6968
commit 7ac01991e5
13 changed files with 237 additions and 151 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
fusion_accounting_ai/controllers/chat_controller.py
View File

@@ -13,7 +13,7 @@ class FusionAccountingChatController(http.Controller):
"""S1-S3: Verify the current user owns the session."""
if session.user_id.id != request.env.user.id:
# Allow managers to access any session
if not request.env.user.has_group('fusion_accounting.group_fusion_accounting_manager'):
if not request.env.user.has_group('fusion_accounting_core.group_fusion_accounting_manager'):
return {'error': 'Access denied: you do not own this session'}
return None
@@ -55,7 +55,7 @@ class FusionAccountingChatController(http.Controller):
@http.route('/fusion_accounting/approve', type='jsonrpc', auth='user')
def approve_action(self, match_history_id, **kwargs):
if not request.env.user.has_group('fusion_accounting.group_fusion_accounting_manager'):
if not request.env.user.has_group('fusion_accounting_core.group_fusion_accounting_manager'):
return {'error': 'Insufficient permissions to approve actions'}
agent = request.env['fusion.accounting.agent']
result = agent.approve_action(int(match_history_id))
@@ -63,7 +63,7 @@ class FusionAccountingChatController(http.Controller):
@http.route('/fusion_accounting/reject', type='jsonrpc', auth='user')
def reject_action(self, match_history_id, reason='', **kwargs):
if not request.env.user.has_group('fusion_accounting.group_fusion_accounting_manager'):
if not request.env.user.has_group('fusion_accounting_core.group_fusion_accounting_manager'):
return {'error': 'Insufficient permissions to reject actions'}
agent = request.env['fusion.accounting.agent']
result = agent.reject_action(int(match_history_id), reason)
@@ -103,7 +103,7 @@ class FusionAccountingChatController(http.Controller):
@http.route('/fusion_accounting/approve_all', type='jsonrpc', auth='user')
def approve_all(self, match_history_ids, **kwargs):
if not request.env.user.has_group('fusion_accounting.group_fusion_accounting_manager'):
if not request.env.user.has_group('fusion_accounting_core.group_fusion_accounting_manager'):
return {'error': 'Insufficient permissions to approve actions'}
agent = request.env['fusion.accounting.agent']
results = []
@@ -119,7 +119,7 @@ class FusionAccountingChatController(http.Controller):
@http.route('/fusion_accounting/reject_all', type='jsonrpc', auth='user')
def reject_all(self, match_history_ids, reason='', **kwargs):
if not request.env.user.has_group('fusion_accounting.group_fusion_accounting_manager'):
if not request.env.user.has_group('fusion_accounting_core.group_fusion_accounting_manager'):
return {'error': 'Insufficient permissions to reject actions'}
agent = request.env['fusion.accounting.agent']
results = []