26fe41e7d4
Portal users have read access to fp.portal.job but NOT to fp.job. The new job-card macro traverses job.x_fc_job_id -> fp.job to surface part info, sale_order, ship-to address — that raised AccessError for real customers (admins were fine due to inherited groups). Adding .sudo() to the three Job queries in home(), portal_my_jobs(), and the certifications panel mirror lookup. Domain still filters to the customer's commercial partner tree, so sudo doesn't widen visibility — it just lets the template walk past the portal-job boundary to the privileged backend models. Same pattern is already used in the same file for sale.order, account.move, and stock.picking queries. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>