Pre-deploy fixes for Phase 1 permissions overhaul branch (catches by
final-reviewer subagent + main session).
CRITICAL FIXES:
C1: groups_id -> group_ids (Odoo 19 field rename). Affected ~30 sites
across 4 model files, 1 view, 7 test files. Documented project
gotcha (feedback_odoo19_groups_id_renamed.md) that the implementer
subagents missed because they don't see user memory.
C2: action_fp_resolve_plating_landing server action now calls
env['ir.actions.act_window'].sudo()._fp_resolve_landing_for_current_user()
instead of the old inline priority chain. Phase E's role-based
dispatch was previously dead code.
C3: New migrations/19.0.21.1.0/post-migrate.py triggers
_fp_post_init_role_migration(env) on -u. post_init_hook only fires
on INSTALL in Odoo 19, not UPGRADE -- so Phase H's preview creation
wouldn't have auto-fired on entech without this script. Module
version bumped to 19.0.21.1.0 to match the migration directory.
C4: Team kanban template rewritten for Odoo 19 (<t t-name='card'> with
semantic <aside>/<main>) instead of legacy <t t-name='kanban-box'>.
Previous template threw 'Missing card template' at render.
IMPORTANT FIXES:
I1: SO state=sent Confirm button (id='action_confirm') now also gated
to group_fp_sales_manager. Previously only the state=draft button
was gated; Sales Reps could send-and-confirm via the secondary path.
I2: Designated Officials picker domain uses all_group_ids (transitive)
instead of group_ids (explicit only). Owner users now correctly
appear as eligible CGP DO candidates via the implied_ids chain.
I3: test_menu_visibility.py compliance hub xmlid corrected to
fusion_plating.menu_fp_compliance_hub (was
fusion_plating_compliance.menu_fp_compliance_hub which doesn't exist
-- the hub menu is defined in core's fp_menu.xml). Tests were
silently skipTest-ing.
I4: _inverse_plating_role chatter audit reads old role from DB via SQL
(bypasses cache) so 'old -> new' displays actual values, and
short-circuits no-op writes.
I5: _FP_ROLE_MAPPING_RULES reordered: cgp_designated_official fires
BEFORE admin/uid_1_or_2 so admin+DO users keep the capability_delta
marker that triggers res.company.x_fc_cgp_designated_official_id
auto-set during migration.
I6: _cron_purge_expired_migrations skips groups with active users
instead of unlink-ing unconditionally. Defense against rollback
safety being bypassed by manual role assignments post-migration.
CLAUDE.md updated with 3 new durable rules (13b kanban card template,
13c group_ids vs all_group_ids, 13d post_init_hook only on install).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
104 lines
4.5 KiB
Python
104 lines
4.5 KiB
Python
import json
|
|
from odoo.tests.common import TransactionCase, tagged
|
|
from odoo.exceptions import UserError
|
|
|
|
|
|
@tagged('-at_install', 'post_install', 'fp_perms')
|
|
class TestMigrationWorkflow(TransactionCase):
|
|
|
|
def setUp(self):
|
|
super().setUp()
|
|
Users = self.env['res.users'].with_context(no_reset_password=True)
|
|
self.owner = Users.create({
|
|
'login': 'mig_owner', 'name': 'Mig Owner',
|
|
'email': 'mig_owner@example.com',
|
|
'group_ids': [(6, 0, [self.env.ref('fusion_plating.group_fp_owner').id])],
|
|
})
|
|
|
|
def test_only_owner_can_approve(self):
|
|
non_owner = self.env['res.users'].with_context(no_reset_password=True).create({
|
|
'login': 'mig_nonowner', 'name': 'Non Owner',
|
|
'email': 'mig_nonowner@example.com',
|
|
'group_ids': [(6, 0, [self.env.ref('fusion_plating.group_fp_manager').id])],
|
|
})
|
|
preview = self.env['fp.migration.preview'].create({})
|
|
preview._fp_build_lines()
|
|
with self.assertRaises(UserError):
|
|
preview.with_user(non_owner).action_approve_and_run()
|
|
|
|
def test_approve_advances_state(self):
|
|
preview = self.env['fp.migration.preview'].create({})
|
|
preview._fp_build_lines()
|
|
preview.with_user(self.owner).action_approve_and_run()
|
|
self.assertEqual(preview.state, 'approved')
|
|
self.assertTrue(preview.approved_at)
|
|
self.assertEqual(preview.approved_by_id, self.owner)
|
|
|
|
def test_cancel_advances_state(self):
|
|
preview = self.env['fp.migration.preview'].create({})
|
|
preview.action_cancel()
|
|
self.assertEqual(preview.state, 'cancelled')
|
|
|
|
def test_cancel_blocked_after_approval(self):
|
|
preview = self.env['fp.migration.preview'].create({})
|
|
preview._fp_build_lines()
|
|
preview.with_user(self.owner).action_approve_and_run()
|
|
with self.assertRaises(UserError):
|
|
preview.action_cancel()
|
|
|
|
def test_rollback_restores_groups(self):
|
|
# Create a test user with an old Manager group
|
|
old_mgr = self.env.ref('fusion_plating.group_fusion_plating_manager')
|
|
u = self.env['res.users'].with_context(no_reset_password=True).create({
|
|
'login': 'mig_rb', 'name': 'RB',
|
|
'email': 'mig_rb@example.com',
|
|
'group_ids': [(6, 0, [old_mgr.id])],
|
|
})
|
|
before_ids = sorted(u.groups_id.ids)
|
|
preview = self.env['fp.migration.preview'].create({})
|
|
preview._fp_build_lines()
|
|
preview.with_user(self.owner).action_approve_and_run()
|
|
# Verify the migration changed things
|
|
u.invalidate_recordset()
|
|
# Now rollback
|
|
preview.with_user(self.owner).action_rollback()
|
|
u.invalidate_recordset()
|
|
self.assertEqual(sorted(u.groups_id.ids), before_ids,
|
|
'Rollback must restore original groups_id')
|
|
self.assertEqual(preview.state, 'rolled_back')
|
|
|
|
def test_estimator_warning_flagged(self):
|
|
est = self.env.ref('fusion_plating_configurator.group_fp_estimator', raise_if_not_found=False)
|
|
if not est:
|
|
self.skipTest('Estimator group not defined')
|
|
u = self.env['res.users'].with_context(no_reset_password=True).create({
|
|
'login': 'mig_est', 'name': 'Est',
|
|
'email': 'mig_est@example.com',
|
|
'group_ids': [(6, 0, [est.id])],
|
|
})
|
|
preview = self.env['fp.migration.preview'].create({})
|
|
preview._fp_build_lines()
|
|
line = preview.line_ids.filtered(lambda l: l.user_id == u)
|
|
self.assertTrue(line.warning,
|
|
'Estimator-only user should be flagged for capability loss')
|
|
self.assertEqual(line.proposed_role, 'sales_rep')
|
|
|
|
def test_admin_user_maps_to_owner(self):
|
|
# uid 2 always gets owner via the first mapping rule
|
|
preview = self.env['fp.migration.preview'].create({})
|
|
preview._fp_build_lines()
|
|
admin_line = preview.line_ids.filtered(lambda l: l.user_id.id == 2)
|
|
if admin_line:
|
|
self.assertEqual(admin_line.proposed_role, 'owner')
|
|
|
|
def test_rollback_blocked_after_30_days(self):
|
|
from datetime import timedelta
|
|
preview = self.env['fp.migration.preview'].create({})
|
|
preview._fp_build_lines()
|
|
preview.with_user(self.owner).action_approve_and_run()
|
|
# Backdate approved_at by 31 days
|
|
preview.approved_at = preview.approved_at - timedelta(days=31)
|
|
preview.invalidate_recordset(['rollback_deadline'])
|
|
with self.assertRaises(UserError):
|
|
preview.with_user(self.owner).action_rollback()
|