8eb2c2de95
Phase B of permissions overhaul. Mechanical text replacement across 11 ir.model.access.csv files: - group_fusion_plating_operator -> fusion_plating.group_fp_technician - group_fusion_plating_supervisor -> fusion_plating.group_fp_shop_manager_v2 - group_fusion_plating_manager -> fusion_plating.group_fp_manager - group_fusion_plating_admin -> fusion_plating.group_fp_owner - group_fp_estimator (configurator)-> fusion_plating.group_fp_sales_rep - group_fp_accounting -> fusion_plating.group_fp_manager - group_fp_receiving -> fusion_plating.group_fp_shop_manager_v2 - group_fp_shop_manager (legacy) -> fusion_plating.group_fp_manager - group_fusion_plating_cgp_officer -> fusion_plating.group_fp_quality_manager - group_fusion_plating_cgp_designated_official -> fusion_plating.group_fp_owner Backward-compat: old group xmlids still resolve (Phase A's implied_ids chains keep old ACLs working for users still holding old groups). This sweep ensures future-state correctness: when old groups are deleted after the 30-day rollback window, ACLs continue resolving via the new group xmlids. Also adds fusion_plating/tests/test_acl_migration.py with sample-based per-role access checks. The 2 CAPA tests are expected to fail until Phase C implements the Manager/QM quality split. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2.0 KiB
2.0 KiB
| 1 | id | name | model_id:id | group_id:id | perm_read | perm_write | perm_create | perm_unlink |
|---|---|---|---|---|---|---|---|---|
| 2 | access_fp_as9100_clause_operator | fp.as9100.clause.operator | model_fusion_plating_as9100_clause | fusion_plating.group_fp_technician | 1 | 0 | 0 | 0 |
| 3 | access_fp_as9100_clause_supervisor | fp.as9100.clause.supervisor | model_fusion_plating_as9100_clause | fusion_plating.group_fp_shop_manager_v2 | 1 | 0 | 0 | 0 |
| 4 | access_fp_as9100_clause_manager | fp.as9100.clause.manager | model_fusion_plating_as9100_clause | fusion_plating.group_fp_manager | 1 | 1 | 1 | 1 |
| 5 | access_fp_nadcap_audit_operator | fp.nadcap.audit.operator | model_fusion_plating_nadcap_audit | fusion_plating.group_fp_technician | 1 | 0 | 0 | 0 |
| 6 | access_fp_nadcap_audit_supervisor | fp.nadcap.audit.supervisor | model_fusion_plating_nadcap_audit | fusion_plating.group_fp_shop_manager_v2 | 1 | 1 | 1 | 0 |
| 7 | access_fp_nadcap_audit_manager | fp.nadcap.audit.manager | model_fusion_plating_nadcap_audit | fusion_plating.group_fp_manager | 1 | 1 | 1 | 1 |
| 8 | access_fp_counterfeit_operator | fp.counterfeit.operator | model_fusion_plating_counterfeit_prevention | fusion_plating.group_fp_technician | 1 | 0 | 0 | 0 |
| 9 | access_fp_counterfeit_supervisor | fp.counterfeit.supervisor | model_fusion_plating_counterfeit_prevention | fusion_plating.group_fp_shop_manager_v2 | 1 | 1 | 1 | 0 |
| 10 | access_fp_counterfeit_manager | fp.counterfeit.manager | model_fusion_plating_counterfeit_prevention | fusion_plating.group_fp_manager | 1 | 1 | 1 | 1 |
| 11 | access_fp_config_item_operator | fp.config.item.operator | model_fusion_plating_config_item | fusion_plating.group_fp_technician | 1 | 0 | 0 | 0 |
| 12 | access_fp_config_item_supervisor | fp.config.item.supervisor | model_fusion_plating_config_item | fusion_plating.group_fp_shop_manager_v2 | 1 | 1 | 1 | 0 |
| 13 | access_fp_config_item_manager | fp.config.item.manager | model_fusion_plating_config_item | fusion_plating.group_fp_manager | 1 | 1 | 1 | 1 |
| 14 | access_fp_risk_operator | fp.risk.operator | model_fusion_plating_risk | fusion_plating.group_fp_technician | 1 | 0 | 0 | 0 |
| 15 | access_fp_risk_supervisor | fp.risk.supervisor | model_fusion_plating_risk | fusion_plating.group_fp_shop_manager_v2 | 1 | 1 | 1 | 0 |
| 16 | access_fp_risk_manager | fp.risk.manager | model_fusion_plating_risk | fusion_plating.group_fp_manager | 1 | 1 | 1 | 1 |