8eb2c2de95
Phase B of permissions overhaul. Mechanical text replacement across 11 ir.model.access.csv files: - group_fusion_plating_operator -> fusion_plating.group_fp_technician - group_fusion_plating_supervisor -> fusion_plating.group_fp_shop_manager_v2 - group_fusion_plating_manager -> fusion_plating.group_fp_manager - group_fusion_plating_admin -> fusion_plating.group_fp_owner - group_fp_estimator (configurator)-> fusion_plating.group_fp_sales_rep - group_fp_accounting -> fusion_plating.group_fp_manager - group_fp_receiving -> fusion_plating.group_fp_shop_manager_v2 - group_fp_shop_manager (legacy) -> fusion_plating.group_fp_manager - group_fusion_plating_cgp_officer -> fusion_plating.group_fp_quality_manager - group_fusion_plating_cgp_designated_official -> fusion_plating.group_fp_owner Backward-compat: old group xmlids still resolve (Phase A's implied_ids chains keep old ACLs working for users still holding old groups). This sweep ensures future-state correctness: when old groups are deleted after the 30-day rollback window, ACLs continue resolving via the new group xmlids. Also adds fusion_plating/tests/test_acl_migration.py with sample-based per-role access checks. The 2 CAPA tests are expected to fail until Phase C implements the Manager/QM quality split. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
20 lines
2.5 KiB
CSV
20 lines
2.5 KiB
CSV
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
|
|
access_fp_cgp_registration_manager,fp.cgp.registration.manager,model_fusion_plating_cgp_registration,fusion_plating.group_fp_manager,1,0,0,0
|
|
access_fp_cgp_registration_officer,fp.cgp.registration.officer,model_fusion_plating_cgp_registration,fusion_plating.group_fp_quality_manager,1,1,1,1
|
|
access_fp_cgp_ai_manager,fp.cgp.ai.manager,model_fusion_plating_cgp_authorized_individual,fusion_plating.group_fp_manager,1,0,0,0
|
|
access_fp_cgp_ai_officer,fp.cgp.ai.officer,model_fusion_plating_cgp_authorized_individual,fusion_plating.group_fp_quality_manager,1,1,1,1
|
|
access_fp_cgp_psa_officer,fp.cgp.psa.officer,model_fusion_plating_cgp_psa,fusion_plating.group_fp_quality_manager,1,1,1,1
|
|
access_fp_cgp_visitor_supervisor,fp.cgp.visitor.supervisor,model_fusion_plating_cgp_visitor,fusion_plating.group_fp_shop_manager_v2,1,0,0,0
|
|
access_fp_cgp_visitor_manager,fp.cgp.visitor.manager,model_fusion_plating_cgp_visitor,fusion_plating.group_fp_manager,1,0,0,0
|
|
access_fp_cgp_visitor_officer,fp.cgp.visitor.officer,model_fusion_plating_cgp_visitor,fusion_plating.group_fp_quality_manager,1,1,1,1
|
|
access_fp_cgp_controlled_good_supervisor,fp.cgp.good.supervisor,model_fusion_plating_cgp_controlled_good,fusion_plating.group_fp_shop_manager_v2,1,0,0,0
|
|
access_fp_cgp_controlled_good_manager,fp.cgp.good.manager,model_fusion_plating_cgp_controlled_good,fusion_plating.group_fp_manager,1,0,0,0
|
|
access_fp_cgp_controlled_good_officer,fp.cgp.good.officer,model_fusion_plating_cgp_controlled_good,fusion_plating.group_fp_quality_manager,1,1,1,1
|
|
access_fp_cgp_receipt_supervisor,fp.cgp.receipt.supervisor,model_fusion_plating_cgp_receipt_shipment,fusion_plating.group_fp_shop_manager_v2,1,0,0,0
|
|
access_fp_cgp_receipt_manager,fp.cgp.receipt.manager,model_fusion_plating_cgp_receipt_shipment,fusion_plating.group_fp_manager,1,0,0,0
|
|
access_fp_cgp_receipt_officer,fp.cgp.receipt.officer,model_fusion_plating_cgp_receipt_shipment,fusion_plating.group_fp_quality_manager,1,1,1,1
|
|
access_fp_cgp_incident_officer,fp.cgp.incident.officer,model_fusion_plating_cgp_security_incident,fusion_plating.group_fp_quality_manager,1,1,1,1
|
|
access_fp_cgp_access_log_supervisor,fp.cgp.access.log.supervisor,model_fusion_plating_cgp_access_log,fusion_plating.group_fp_shop_manager_v2,1,0,0,0
|
|
access_fp_cgp_access_log_manager,fp.cgp.access.log.manager,model_fusion_plating_cgp_access_log,fusion_plating.group_fp_manager,1,0,0,0
|
|
access_fp_cgp_access_log_officer,fp.cgp.access.log.officer,model_fusion_plating_cgp_access_log,fusion_plating.group_fp_quality_manager,1,1,1,1
|