admin/Odoo-Modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

folder rename

Browse Source
This commit is contained in:
gsinghpal
2026-04-16 20:53:53 -04:00
parent 3f3ddcbab4
commit 7c7ef06057
634 changed files with 0 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

85
fusion_plating/fusion_plating_cgp/security/fp_cgp_security.xml Normal file
View File

@@ -0,0 +1,85 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
Copyright 2026 Nexa Systems Inc.
License OPL-1 (Odoo Proprietary License v1.0)
Part of the Fusion Plating product family.
-->
<odoo>
<!-- ================================================================== -->
<!-- NEW RESTRICTED GROUPS -->
<!-- -->
<!-- CGP data is sensitive. Not every plating manager should see -->
<!-- Personnel Security Assessments or security incidents, so two new -->
<!-- groups sit above the core Fusion Plating privilege. Admin must -->
<!-- grant them explicitly; no users are assigned by default. -->
<!-- ================================================================== -->
<!-- CGP OFFICER: day-to-day CGP compliance operator -->
<record id="group_fusion_plating_cgp_officer" model="res.groups">
<field name="name">CGP Officer</field>
<field name="sequence">50</field>
<field name="privilege_id"
ref="fusion_plating.res_groups_privilege_fusion_plating"/>
<field name="implied_ids"
eval="[(4, ref('fusion_plating.group_fusion_plating_manager'))]"/>
</record>
<!-- CGP DESIGNATED OFFICIAL: legally accountable per PSPC registration -->
<record id="group_fusion_plating_cgp_designated_official" model="res.groups">
<field name="name">CGP Designated Official</field>
<field name="sequence">60</field>
<field name="privilege_id"
ref="fusion_plating.res_groups_privilege_fusion_plating"/>
<field name="implied_ids"
eval="[(4, ref('group_fusion_plating_cgp_officer'))]"/>
</record>
<!-- ================================================================== -->
<!-- RECORD RULES -->
<!-- -->
<!-- Defense-in-depth on top of ir.model.access.csv. PSA and Security -->
<!-- Incident records should never be visible outside the CGP Officer -->
<!-- group even if someone accidentally widens ACL. We bind a -->
<!-- permissive-for-officer rule and rely on the default-deny that -->
<!-- Odoo applies to models that have no unrestricted global rule and -->
<!-- no access lines for other groups. -->
<!-- ================================================================== -->
<!-- PSA: only visible to CGP Officer (and implied groups above) -->
<record id="fp_cgp_psa_officer_rule" model="ir.rule">
<field name="name">Fusion Plating: CGP PSA — CGP Officer full access</field>
<field name="model_id" ref="model_fusion_plating_cgp_psa"/>
<field name="groups"
eval="[(4, ref('group_fusion_plating_cgp_officer'))]"/>
<field name="domain_force">[(1, '=', 1)]</field>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="True"/>
<field name="perm_create" eval="True"/>
<field name="perm_unlink" eval="True"/>
</record>
<!-- Security Incident: only visible to CGP Officer -->
<record id="fp_cgp_incident_officer_rule" model="ir.rule">
<field name="name">Fusion Plating: CGP Security Incident — CGP Officer full access</field>
<field name="model_id" ref="model_fusion_plating_cgp_security_incident"/>
<field name="groups"
eval="[(4, ref('group_fusion_plating_cgp_officer'))]"/>
<field name="domain_force">[(1, '=', 1)]</field>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="True"/>
<field name="perm_create" eval="True"/>
<field name="perm_unlink" eval="True"/>
</record>
<!-- ================================================================== -->
<!-- Multi-company isolation on CGP Registration -->
<!-- ================================================================== -->
<record id="fp_cgp_registration_company_rule" model="ir.rule">
<field name="name">Fusion Plating: CGP Registration — multi-company</field>
<field name="model_id" ref="model_fusion_plating_cgp_registration"/>
<field name="global" eval="True"/>
<field name="domain_force">['|', ('company_id', '=', False), ('company_id', 'in', company_ids)]</field>
</record>
</odoo>

19
fusion_plating/fusion_plating_cgp/security/ir.model.access.csv Normal file
View File

@@ -0,0 +1,19 @@
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
access_fp_cgp_registration_manager,fp.cgp.registration.manager,model_fusion_plating_cgp_registration,fusion_plating.group_fusion_plating_manager,1,0,0,0
access_fp_cgp_registration_officer,fp.cgp.registration.officer,model_fusion_plating_cgp_registration,group_fusion_plating_cgp_officer,1,1,1,1
access_fp_cgp_ai_manager,fp.cgp.ai.manager,model_fusion_plating_cgp_authorized_individual,fusion_plating.group_fusion_plating_manager,1,0,0,0
access_fp_cgp_ai_officer,fp.cgp.ai.officer,model_fusion_plating_cgp_authorized_individual,group_fusion_plating_cgp_officer,1,1,1,1
access_fp_cgp_psa_officer,fp.cgp.psa.officer,model_fusion_plating_cgp_psa,group_fusion_plating_cgp_officer,1,1,1,1
access_fp_cgp_visitor_supervisor,fp.cgp.visitor.supervisor,model_fusion_plating_cgp_visitor,fusion_plating.group_fusion_plating_supervisor,1,0,0,0
access_fp_cgp_visitor_manager,fp.cgp.visitor.manager,model_fusion_plating_cgp_visitor,fusion_plating.group_fusion_plating_manager,1,0,0,0
access_fp_cgp_visitor_officer,fp.cgp.visitor.officer,model_fusion_plating_cgp_visitor,group_fusion_plating_cgp_officer,1,1,1,1
access_fp_cgp_controlled_good_supervisor,fp.cgp.good.supervisor,model_fusion_plating_cgp_controlled_good,fusion_plating.group_fusion_plating_supervisor,1,0,0,0
access_fp_cgp_controlled_good_manager,fp.cgp.good.manager,model_fusion_plating_cgp_controlled_good,fusion_plating.group_fusion_plating_manager,1,0,0,0
access_fp_cgp_controlled_good_officer,fp.cgp.good.officer,model_fusion_plating_cgp_controlled_good,group_fusion_plating_cgp_officer,1,1,1,1
access_fp_cgp_receipt_supervisor,fp.cgp.receipt.supervisor,model_fusion_plating_cgp_receipt_shipment,fusion_plating.group_fusion_plating_supervisor,1,0,0,0
access_fp_cgp_receipt_manager,fp.cgp.receipt.manager,model_fusion_plating_cgp_receipt_shipment,fusion_plating.group_fusion_plating_manager,1,0,0,0
access_fp_cgp_receipt_officer,fp.cgp.receipt.officer,model_fusion_plating_cgp_receipt_shipment,group_fusion_plating_cgp_officer,1,1,1,1
access_fp_cgp_incident_officer,fp.cgp.incident.officer,model_fusion_plating_cgp_security_incident,group_fusion_plating_cgp_officer,1,1,1,1
access_fp_cgp_access_log_supervisor,fp.cgp.access.log.supervisor,model_fusion_plating_cgp_access_log,fusion_plating.group_fusion_plating_supervisor,1,0,0,0
access_fp_cgp_access_log_manager,fp.cgp.access.log.manager,model_fusion_plating_cgp_access_log,fusion_plating.group_fusion_plating_manager,1,0,0,0
access_fp_cgp_access_log_officer,fp.cgp.access.log.officer,model_fusion_plating_cgp_access_log,group_fusion_plating_cgp_officer,1,1,1,1
1 id name model_id:id group_id:id perm_read perm_write perm_create perm_unlink
2 access_fp_cgp_registration_manager fp.cgp.registration.manager model_fusion_plating_cgp_registration fusion_plating.group_fusion_plating_manager 1 0 0 0
3 access_fp_cgp_registration_officer fp.cgp.registration.officer model_fusion_plating_cgp_registration group_fusion_plating_cgp_officer 1 1 1 1
4 access_fp_cgp_ai_manager fp.cgp.ai.manager model_fusion_plating_cgp_authorized_individual fusion_plating.group_fusion_plating_manager 1 0 0 0
5 access_fp_cgp_ai_officer fp.cgp.ai.officer model_fusion_plating_cgp_authorized_individual group_fusion_plating_cgp_officer 1 1 1 1
6 access_fp_cgp_psa_officer fp.cgp.psa.officer model_fusion_plating_cgp_psa group_fusion_plating_cgp_officer 1 1 1 1
7 access_fp_cgp_visitor_supervisor fp.cgp.visitor.supervisor model_fusion_plating_cgp_visitor fusion_plating.group_fusion_plating_supervisor 1 0 0 0
8 access_fp_cgp_visitor_manager fp.cgp.visitor.manager model_fusion_plating_cgp_visitor fusion_plating.group_fusion_plating_manager 1 0 0 0
9 access_fp_cgp_visitor_officer fp.cgp.visitor.officer model_fusion_plating_cgp_visitor group_fusion_plating_cgp_officer 1 1 1 1
10 access_fp_cgp_controlled_good_supervisor fp.cgp.good.supervisor model_fusion_plating_cgp_controlled_good fusion_plating.group_fusion_plating_supervisor 1 0 0 0
11 access_fp_cgp_controlled_good_manager fp.cgp.good.manager model_fusion_plating_cgp_controlled_good fusion_plating.group_fusion_plating_manager 1 0 0 0
12 access_fp_cgp_controlled_good_officer fp.cgp.good.officer model_fusion_plating_cgp_controlled_good group_fusion_plating_cgp_officer 1 1 1 1
13 access_fp_cgp_receipt_supervisor fp.cgp.receipt.supervisor model_fusion_plating_cgp_receipt_shipment fusion_plating.group_fusion_plating_supervisor 1 0 0 0
14 access_fp_cgp_receipt_manager fp.cgp.receipt.manager model_fusion_plating_cgp_receipt_shipment fusion_plating.group_fusion_plating_manager 1 0 0 0
15 access_fp_cgp_receipt_officer fp.cgp.receipt.officer model_fusion_plating_cgp_receipt_shipment group_fusion_plating_cgp_officer 1 1 1 1
16 access_fp_cgp_incident_officer fp.cgp.incident.officer model_fusion_plating_cgp_security_incident group_fusion_plating_cgp_officer 1 1 1 1
17 access_fp_cgp_access_log_supervisor fp.cgp.access.log.supervisor model_fusion_plating_cgp_access_log fusion_plating.group_fusion_plating_supervisor 1 0 0 0
18 access_fp_cgp_access_log_manager fp.cgp.access.log.manager model_fusion_plating_cgp_access_log fusion_plating.group_fusion_plating_manager 1 0 0 0
19 access_fp_cgp_access_log_officer fp.cgp.access.log.officer model_fusion_plating_cgp_access_log group_fusion_plating_cgp_officer 1 1 1 1