update

2026-03-16 08:14:56 -04:00
parent fdca9518ab
commit e56974d46f
196 changed files with 19739 additions and 3471 deletions
--- a/fusion_clock_ai/security/security.xml
+++ b/fusion_clock_ai/security/security.xml
@@ -0,0 +1,88 @@
+<?xml version="1.0" encoding="utf-8"?>
+<odoo>
+
+    <!-- ================================================================
+         Record Rules - AI Conversation
+         ================================================================ -->
+    <record id="rule_ai_conversation_user" model="ir.rule">
+        <field name="name">AI Conversation: User sees own</field>
+        <field name="model_id" ref="model_fusion_clock_ai_conversation"/>
+        <field name="domain_force">[('user_id', '=', user.id)]</field>
+        <field name="groups" eval="[(4, ref('fusion_clock.group_fusion_clock_user'))]"/>
+        <field name="perm_read" eval="True"/>
+        <field name="perm_write" eval="True"/>
+        <field name="perm_create" eval="True"/>
+        <field name="perm_unlink" eval="True"/>
+    </record>
+
+    <record id="rule_ai_conversation_manager" model="ir.rule">
+        <field name="name">AI Conversation: Manager sees all</field>
+        <field name="model_id" ref="model_fusion_clock_ai_conversation"/>
+        <field name="domain_force">[(1, '=', 1)]</field>
+        <field name="groups" eval="[(4, ref('fusion_clock.group_fusion_clock_manager'))]"/>
+    </record>
+
+    <record id="rule_ai_conversation_portal" model="ir.rule">
+        <field name="name">AI Conversation: Portal user sees own</field>
+        <field name="model_id" ref="model_fusion_clock_ai_conversation"/>
+        <field name="domain_force">[('user_id', '=', user.id)]</field>
+        <field name="groups" eval="[(4, ref('base.group_portal'))]"/>
+        <field name="perm_read" eval="True"/>
+        <field name="perm_write" eval="False"/>
+        <field name="perm_create" eval="True"/>
+        <field name="perm_unlink" eval="False"/>
+    </record>
+
+    <!-- ================================================================
+         Record Rules - AI Message
+         ================================================================ -->
+    <record id="rule_ai_message_user" model="ir.rule">
+        <field name="name">AI Message: User sees own conversation messages</field>
+        <field name="model_id" ref="model_fusion_clock_ai_message"/>
+        <field name="domain_force">[('conversation_id.user_id', '=', user.id)]</field>
+        <field name="groups" eval="[(4, ref('fusion_clock.group_fusion_clock_user'))]"/>
+        <field name="perm_read" eval="True"/>
+        <field name="perm_write" eval="True"/>
+        <field name="perm_create" eval="True"/>
+        <field name="perm_unlink" eval="False"/>
+    </record>
+
+    <record id="rule_ai_message_manager" model="ir.rule">
+        <field name="name">AI Message: Manager sees all</field>
+        <field name="model_id" ref="model_fusion_clock_ai_message"/>
+        <field name="domain_force">[(1, '=', 1)]</field>
+        <field name="groups" eval="[(4, ref('fusion_clock.group_fusion_clock_manager'))]"/>
+    </record>
+
+    <record id="rule_ai_message_portal" model="ir.rule">
+        <field name="name">AI Message: Portal user sees own conversation messages</field>
+        <field name="model_id" ref="model_fusion_clock_ai_message"/>
+        <field name="domain_force">[('conversation_id.user_id', '=', user.id)]</field>
+        <field name="groups" eval="[(4, ref('base.group_portal'))]"/>
+        <field name="perm_read" eval="True"/>
+        <field name="perm_write" eval="False"/>
+        <field name="perm_create" eval="True"/>
+        <field name="perm_unlink" eval="False"/>
+    </record>
+
+    <!-- ================================================================
+         Record Rules - AI Usage (Manager only)
+         ================================================================ -->
+    <record id="rule_ai_usage_manager" model="ir.rule">
+        <field name="name">AI Usage: Manager full access</field>
+        <field name="model_id" ref="model_fusion_clock_ai_usage"/>
+        <field name="domain_force">[(1, '=', 1)]</field>
+        <field name="groups" eval="[(4, ref('fusion_clock.group_fusion_clock_manager'))]"/>
+    </record>
+
+    <!-- ================================================================
+         Record Rules - AI Prompt (Manager only)
+         ================================================================ -->
+    <record id="rule_ai_prompt_manager" model="ir.rule">
+        <field name="name">AI Prompt: Manager full access</field>
+        <field name="model_id" ref="model_fusion_clock_ai_prompt"/>
+        <field name="domain_force">[(1, '=', 1)]</field>
+        <field name="groups" eval="[(4, ref('fusion_clock.group_fusion_clock_manager'))]"/>
+    </record>
+
+</odoo>