admin/Odoo-Modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(plating-sec): sweep all ACL CSVs to new role group xmlids

Browse Source 
Phase B of permissions overhaul. Mechanical text replacement across
11 ir.model.access.csv files:
  - group_fusion_plating_operator    -> fusion_plating.group_fp_technician
  - group_fusion_plating_supervisor  -> fusion_plating.group_fp_shop_manager_v2
  - group_fusion_plating_manager     -> fusion_plating.group_fp_manager
  - group_fusion_plating_admin       -> fusion_plating.group_fp_owner
  - group_fp_estimator (configurator)-> fusion_plating.group_fp_sales_rep
  - group_fp_accounting              -> fusion_plating.group_fp_manager
  - group_fp_receiving               -> fusion_plating.group_fp_shop_manager_v2
  - group_fp_shop_manager (legacy)   -> fusion_plating.group_fp_manager
  - group_fusion_plating_cgp_officer -> fusion_plating.group_fp_quality_manager
  - group_fusion_plating_cgp_designated_official -> fusion_plating.group_fp_owner

Backward-compat: old group xmlids still resolve (Phase A's implied_ids
chains keep old ACLs working for users still holding old groups).
This sweep ensures future-state correctness: when old groups are deleted
after the 30-day rollback window, ACLs continue resolving via the new
group xmlids.

Also adds fusion_plating/tests/test_acl_migration.py with sample-based
per-role access checks. The 2 CAPA tests are expected to fail until
Phase C implements the Manager/QM quality split.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
gsinghpal
2026-05-24 01:14:02 -04:00
parent bdf676e05a
commit 8eb2c2de95
26 changed files with 421 additions and 364 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
fusion_plating/fusion_plating_cgp/security/ir.model.access.csv
View File

@@ -1,19 +1,19 @@
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
access_fp_cgp_registration_manager,fp.cgp.registration.manager,model_fusion_plating_cgp_registration,fusion_plating.group_fusion_plating_manager,1,0,0,0
access_fp_cgp_registration_officer,fp.cgp.registration.officer,model_fusion_plating_cgp_registration,group_fusion_plating_cgp_officer,1,1,1,1
access_fp_cgp_ai_manager,fp.cgp.ai.manager,model_fusion_plating_cgp_authorized_individual,fusion_plating.group_fusion_plating_manager,1,0,0,0
access_fp_cgp_ai_officer,fp.cgp.ai.officer,model_fusion_plating_cgp_authorized_individual,group_fusion_plating_cgp_officer,1,1,1,1
access_fp_cgp_psa_officer,fp.cgp.psa.officer,model_fusion_plating_cgp_psa,group_fusion_plating_cgp_officer,1,1,1,1
access_fp_cgp_visitor_supervisor,fp.cgp.visitor.supervisor,model_fusion_plating_cgp_visitor,fusion_plating.group_fusion_plating_supervisor,1,0,0,0
access_fp_cgp_visitor_manager,fp.cgp.visitor.manager,model_fusion_plating_cgp_visitor,fusion_plating.group_fusion_plating_manager,1,0,0,0
access_fp_cgp_visitor_officer,fp.cgp.visitor.officer,model_fusion_plating_cgp_visitor,group_fusion_plating_cgp_officer,1,1,1,1
access_fp_cgp_controlled_good_supervisor,fp.cgp.good.supervisor,model_fusion_plating_cgp_controlled_good,fusion_plating.group_fusion_plating_supervisor,1,0,0,0
access_fp_cgp_controlled_good_manager,fp.cgp.good.manager,model_fusion_plating_cgp_controlled_good,fusion_plating.group_fusion_plating_manager,1,0,0,0
access_fp_cgp_controlled_good_officer,fp.cgp.good.officer,model_fusion_plating_cgp_controlled_good,group_fusion_plating_cgp_officer,1,1,1,1
access_fp_cgp_receipt_supervisor,fp.cgp.receipt.supervisor,model_fusion_plating_cgp_receipt_shipment,fusion_plating.group_fusion_plating_supervisor,1,0,0,0
access_fp_cgp_receipt_manager,fp.cgp.receipt.manager,model_fusion_plating_cgp_receipt_shipment,fusion_plating.group_fusion_plating_manager,1,0,0,0
access_fp_cgp_receipt_officer,fp.cgp.receipt.officer,model_fusion_plating_cgp_receipt_shipment,group_fusion_plating_cgp_officer,1,1,1,1
access_fp_cgp_incident_officer,fp.cgp.incident.officer,model_fusion_plating_cgp_security_incident,group_fusion_plating_cgp_officer,1,1,1,1
access_fp_cgp_access_log_supervisor,fp.cgp.access.log.supervisor,model_fusion_plating_cgp_access_log,fusion_plating.group_fusion_plating_supervisor,1,0,0,0
access_fp_cgp_access_log_manager,fp.cgp.access.log.manager,model_fusion_plating_cgp_access_log,fusion_plating.group_fusion_plating_manager,1,0,0,0
access_fp_cgp_access_log_officer,fp.cgp.access.log.officer,model_fusion_plating_cgp_access_log,group_fusion_plating_cgp_officer,1,1,1,1
access_fp_cgp_registration_manager,fp.cgp.registration.manager,model_fusion_plating_cgp_registration,fusion_plating.group_fp_manager,1,0,0,0
access_fp_cgp_registration_officer,fp.cgp.registration.officer,model_fusion_plating_cgp_registration,fusion_plating.group_fp_quality_manager,1,1,1,1
access_fp_cgp_ai_manager,fp.cgp.ai.manager,model_fusion_plating_cgp_authorized_individual,fusion_plating.group_fp_manager,1,0,0,0
access_fp_cgp_ai_officer,fp.cgp.ai.officer,model_fusion_plating_cgp_authorized_individual,fusion_plating.group_fp_quality_manager,1,1,1,1
access_fp_cgp_psa_officer,fp.cgp.psa.officer,model_fusion_plating_cgp_psa,fusion_plating.group_fp_quality_manager,1,1,1,1
access_fp_cgp_visitor_supervisor,fp.cgp.visitor.supervisor,model_fusion_plating_cgp_visitor,fusion_plating.group_fp_shop_manager_v2,1,0,0,0
access_fp_cgp_visitor_manager,fp.cgp.visitor.manager,model_fusion_plating_cgp_visitor,fusion_plating.group_fp_manager,1,0,0,0
access_fp_cgp_visitor_officer,fp.cgp.visitor.officer,model_fusion_plating_cgp_visitor,fusion_plating.group_fp_quality_manager,1,1,1,1
access_fp_cgp_controlled_good_supervisor,fp.cgp.good.supervisor,model_fusion_plating_cgp_controlled_good,fusion_plating.group_fp_shop_manager_v2,1,0,0,0
access_fp_cgp_controlled_good_manager,fp.cgp.good.manager,model_fusion_plating_cgp_controlled_good,fusion_plating.group_fp_manager,1,0,0,0
access_fp_cgp_controlled_good_officer,fp.cgp.good.officer,model_fusion_plating_cgp_controlled_good,fusion_plating.group_fp_quality_manager,1,1,1,1
access_fp_cgp_receipt_supervisor,fp.cgp.receipt.supervisor,model_fusion_plating_cgp_receipt_shipment,fusion_plating.group_fp_shop_manager_v2,1,0,0,0
access_fp_cgp_receipt_manager,fp.cgp.receipt.manager,model_fusion_plating_cgp_receipt_shipment,fusion_plating.group_fp_manager,1,0,0,0
access_fp_cgp_receipt_officer,fp.cgp.receipt.officer,model_fusion_plating_cgp_receipt_shipment,fusion_plating.group_fp_quality_manager,1,1,1,1
access_fp_cgp_incident_officer,fp.cgp.incident.officer,model_fusion_plating_cgp_security_incident,fusion_plating.group_fp_quality_manager,1,1,1,1
access_fp_cgp_access_log_supervisor,fp.cgp.access.log.supervisor,model_fusion_plating_cgp_access_log,fusion_plating.group_fp_shop_manager_v2,1,0,0,0
access_fp_cgp_access_log_manager,fp.cgp.access.log.manager,model_fusion_plating_cgp_access_log,fusion_plating.group_fp_manager,1,0,0,0
access_fp_cgp_access_log_officer,fp.cgp.access.log.officer,model_fusion_plating_cgp_access_log,fusion_plating.group_fp_quality_manager,1,1,1,1
1 id name model_id:id group_id:id perm_read perm_write perm_create perm_unlink
2 access_fp_cgp_registration_manager fp.cgp.registration.manager model_fusion_plating_cgp_registration fusion_plating.group_fusion_plating_manager fusion_plating.group_fp_manager 1 0 0 0
3 access_fp_cgp_registration_officer fp.cgp.registration.officer model_fusion_plating_cgp_registration group_fusion_plating_cgp_officer fusion_plating.group_fp_quality_manager 1 1 1 1
4 access_fp_cgp_ai_manager fp.cgp.ai.manager model_fusion_plating_cgp_authorized_individual fusion_plating.group_fusion_plating_manager fusion_plating.group_fp_manager 1 0 0 0
5 access_fp_cgp_ai_officer fp.cgp.ai.officer model_fusion_plating_cgp_authorized_individual group_fusion_plating_cgp_officer fusion_plating.group_fp_quality_manager 1 1 1 1
6 access_fp_cgp_psa_officer fp.cgp.psa.officer model_fusion_plating_cgp_psa group_fusion_plating_cgp_officer fusion_plating.group_fp_quality_manager 1 1 1 1
7 access_fp_cgp_visitor_supervisor fp.cgp.visitor.supervisor model_fusion_plating_cgp_visitor fusion_plating.group_fusion_plating_supervisor fusion_plating.group_fp_shop_manager_v2 1 0 0 0
8 access_fp_cgp_visitor_manager fp.cgp.visitor.manager model_fusion_plating_cgp_visitor fusion_plating.group_fusion_plating_manager fusion_plating.group_fp_manager 1 0 0 0
9 access_fp_cgp_visitor_officer fp.cgp.visitor.officer model_fusion_plating_cgp_visitor group_fusion_plating_cgp_officer fusion_plating.group_fp_quality_manager 1 1 1 1
10 access_fp_cgp_controlled_good_supervisor fp.cgp.good.supervisor model_fusion_plating_cgp_controlled_good fusion_plating.group_fusion_plating_supervisor fusion_plating.group_fp_shop_manager_v2 1 0 0 0
11 access_fp_cgp_controlled_good_manager fp.cgp.good.manager model_fusion_plating_cgp_controlled_good fusion_plating.group_fusion_plating_manager fusion_plating.group_fp_manager 1 0 0 0
12 access_fp_cgp_controlled_good_officer fp.cgp.good.officer model_fusion_plating_cgp_controlled_good group_fusion_plating_cgp_officer fusion_plating.group_fp_quality_manager 1 1 1 1
13 access_fp_cgp_receipt_supervisor fp.cgp.receipt.supervisor model_fusion_plating_cgp_receipt_shipment fusion_plating.group_fusion_plating_supervisor fusion_plating.group_fp_shop_manager_v2 1 0 0 0
14 access_fp_cgp_receipt_manager fp.cgp.receipt.manager model_fusion_plating_cgp_receipt_shipment fusion_plating.group_fusion_plating_manager fusion_plating.group_fp_manager 1 0 0 0
15 access_fp_cgp_receipt_officer fp.cgp.receipt.officer model_fusion_plating_cgp_receipt_shipment group_fusion_plating_cgp_officer fusion_plating.group_fp_quality_manager 1 1 1 1
16 access_fp_cgp_incident_officer fp.cgp.incident.officer model_fusion_plating_cgp_security_incident group_fusion_plating_cgp_officer fusion_plating.group_fp_quality_manager 1 1 1 1
17 access_fp_cgp_access_log_supervisor fp.cgp.access.log.supervisor model_fusion_plating_cgp_access_log fusion_plating.group_fusion_plating_supervisor fusion_plating.group_fp_shop_manager_v2 1 0 0 0
18 access_fp_cgp_access_log_manager fp.cgp.access.log.manager model_fusion_plating_cgp_access_log fusion_plating.group_fusion_plating_manager fusion_plating.group_fp_manager 1 0 0 0
19 access_fp_cgp_access_log_officer fp.cgp.access.log.officer model_fusion_plating_cgp_access_log group_fusion_plating_cgp_officer fusion_plating.group_fp_quality_manager 1 1 1 1