Odoo-Modules

admin/Odoo-Modules

Fork 0

Commit Graph

Author	SHA1	Message	Date
gsinghpal	de3ec7d97a	feat(plating-sec): SO confirm gate + fix _administrator typo + Python sweep Phase G of permissions overhaul. G2: sale.order.action_confirm now requires group_fp_sales_manager (spec Section 2.B). Sales Reps can save drafts but cannot move SOs to 'sale' state. UserError raised with clear message if attempted. G3: Fixed audit-finding-11 typo bug in 2 files. The original code checked has_group('fusion_plating.group_fusion_plating_administrator'), an xmlid that has NEVER existed - so the gate always returned False and only the Manager-side check actually fired. Fixed both: - fusion_plating_invoicing/models/res_partner.py:34 - fusion_plating_configurator/wizard/fp_direct_order_wizard.py:467 Both now check has_group('fusion_plating.group_fp_manager') which transitively includes Owner via implied_ids. G4: Swept all Python has_group() calls to reference new group xmlids. Backward-compat keeps old refs working today (Phase A's implied_ids), but the sweep ensures correctness after the 30-day rollback window deletes old groups. Replacements: group_fusion_plating_operator -> group_fp_technician group_fusion_plating_supervisor -> group_fp_shop_manager_v2 group_fusion_plating_manager -> group_fp_manager group_fusion_plating_admin -> group_fp_owner group_fusion_plating_cgp_officer -> group_fp_quality_manager group_fusion_plating_cgp_designated_official -> group_fp_owner group_fp_estimator -> group_fp_sales_rep group_fp_accounting -> group_fp_manager group_fp_receiving -> group_fp_shop_manager_v2 group_fp_shop_manager (legacy) -> group_fp_manager G1: test_sales_manager_gate.py covers the new confirm gate (SR blocked, SMg allowed, Manager allowed via diamond implication). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-24 02:11:35 -04:00
gsinghpal	71376228cb	feat(jobs): Phase 6 lean — scan controller + process-tree JSON endpoint Phase 6 originally scoped the full operator UI rewrite (Plant Overview, Tablet, Manager Dashboard, Process Tree). Tailscale SSH to entech is currently unavailable, so live in-browser verification of OWL/JS components isn't possible. Shipping a lean Phase 6 with the data-layer pieces: 1. /fp/job/<id> scan controller — when a user scans a fp.job sticker, lands them on the fp.job form (or the process tree action once that's wired). Mirrors fusion_plating_reports' /fp/wo/ pattern. 2. /fp/jobs/process_tree JSON endpoint — returns the recipe tree serialized with each node tagged by its fp.job.step state, ready for an OWL component to render. The component itself is deferred (see README.md). The bigger UI deferrals (kanban, tablet, manager dashboard) are documented in README.md. They get their own focused project after cutover — the data layer is complete, so they can land incrementally without touching fp.job/fp.job.step. Tests verify controller imports + serialization shape (no HTTP because TransactionCase doesn't easily simulate request context). Manifest 19.0.1.8.0 → 19.0.1.9.0. Part of: native job model migration (spec 2026-04-25) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-25 00:08:50 -04:00

Author

SHA1

Message

Date

gsinghpal

de3ec7d97a

feat(plating-sec): SO confirm gate + fix _administrator typo + Python sweep

Phase G of permissions overhaul.

G2: sale.order.action_confirm now requires group_fp_sales_manager
(spec Section 2.B). Sales Reps can save drafts but cannot move SOs
to 'sale' state. UserError raised with clear message if attempted.

G3: Fixed audit-finding-11 typo bug in 2 files. The original code
checked has_group('fusion_plating.group_fusion_plating_administrator'),
an xmlid that has NEVER existed - so the gate always returned False
and only the Manager-side check actually fired. Fixed both:
  - fusion_plating_invoicing/models/res_partner.py:34
  - fusion_plating_configurator/wizard/fp_direct_order_wizard.py:467
Both now check has_group('fusion_plating.group_fp_manager') which
transitively includes Owner via implied_ids.

G4: Swept all Python has_group() calls to reference new group xmlids.
Backward-compat keeps old refs working today (Phase A's implied_ids),
but the sweep ensures correctness after the 30-day rollback window
deletes old groups. Replacements:
  group_fusion_plating_operator    -> group_fp_technician
  group_fusion_plating_supervisor  -> group_fp_shop_manager_v2
  group_fusion_plating_manager     -> group_fp_manager
  group_fusion_plating_admin       -> group_fp_owner
  group_fusion_plating_cgp_officer -> group_fp_quality_manager
  group_fusion_plating_cgp_designated_official -> group_fp_owner
  group_fp_estimator               -> group_fp_sales_rep
  group_fp_accounting              -> group_fp_manager
  group_fp_receiving               -> group_fp_shop_manager_v2
  group_fp_shop_manager (legacy)   -> group_fp_manager

G1: test_sales_manager_gate.py covers the new confirm gate (SR
blocked, SMg allowed, Manager allowed via diamond implication).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-24 02:11:35 -04:00

gsinghpal

71376228cb

feat(jobs): Phase 6 lean — scan controller + process-tree JSON endpoint

Phase 6 originally scoped the full operator UI rewrite (Plant
Overview, Tablet, Manager Dashboard, Process Tree). Tailscale SSH
to entech is currently unavailable, so live in-browser
verification of OWL/JS components isn't possible. Shipping a lean
Phase 6 with the data-layer pieces:

1. /fp/job/<id> scan controller — when a user scans a fp.job
   sticker, lands them on the fp.job form (or the process tree
   action once that's wired). Mirrors fusion_plating_reports' /fp/wo/
   pattern.

2. /fp/jobs/process_tree JSON endpoint — returns the recipe tree
   serialized with each node tagged by its fp.job.step state,
   ready for an OWL component to render. The component itself is
   deferred (see README.md).

The bigger UI deferrals (kanban, tablet, manager dashboard) are
documented in README.md. They get their own focused project after
cutover — the data layer is complete, so they can land
incrementally without touching fp.job/fp.job.step.

Tests verify controller imports + serialization shape (no HTTP
because TransactionCase doesn't easily simulate request context).

Manifest 19.0.1.8.0 → 19.0.1.9.0.

Part of: native job model migration (spec 2026-04-25)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-25 00:08:50 -04:00

2 Commits