admin/Odoo-Modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c34dfce6c36caec85f526226ed0baf7358f39ee0
Odoo-Modules/fusion_plating/fusion_plating_certificates/security/fp_cert_security.xml
gsinghpal 84ed406c8e feat(plating-quality): split Manager vs Quality Manager permissions 
Phase C of permissions overhaul (spec Section 2.C).

Manager keeps reactive Quality (NCR/Hold/Check/Cert/RMA — already gated
via Phase B sweep). QM gains exclusive write/create/unlink on strategic
Quality records:

- fusion.plating.capa: Manager → read-only (1,0,0,0); QM → full
- fusion.plating.audit: same split (if model present)
- fp.approved.vendor.list: same split (if model present)
- fusion.plating.customer.spec: same split
- Doc Control models: same split

Plus FAIR/Nadcap cert restriction via two new ir.rule records on
fp.certificate:
- Manager: write/create/unlink on certs where cert_type NOT in
  ('fair', 'nadcap')
- QM: write/create/unlink on all certs (overrides via OR within group)
- Read access unchanged for both (perm_read=False on the rules)

Tests in fusion_plating/tests/test_quality_split.py verify each side
of the split. Models that may not exist on all DBs (audit, AVL) use
skipTest gracefully.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-24 01:23:32 -04:00

27 lines
1.3 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?>
<odoo>
<data noupdate="0">
<record id="rule_fp_certificate_fair_nadcap_qm_only" model="ir.rule">
<field name="name">FP Certificate: FAIR/Nadcap edit restricted to Quality Manager</field>
<field name="model_id" ref="model_fp_certificate"/>
<field name="domain_force">[('cert_type', 'not in', ('fair', 'nadcap'))]</field>
<field name="groups" eval="[(4, ref('fusion_plating.group_fp_manager'))]"/>
<field name="perm_read" eval="False"/>
<field name="perm_write" eval="True"/>
<field name="perm_create" eval="True"/>
<field name="perm_unlink" eval="True"/>
</record>
<record id="rule_fp_certificate_all_qm" model="ir.rule">
<field name="name">FP Certificate: QM has full access to all certs</field>
<field name="model_id" ref="model_fp_certificate"/>
<field name="domain_force">[(1, '=', 1)]</field>
<field name="groups" eval="[(4, ref('fusion_plating.group_fp_quality_manager'))]"/>
<field name="perm_read" eval="False"/>
<field name="perm_write" eval="True"/>
<field name="perm_create" eval="True"/>
<field name="perm_unlink" eval="True"/>
</record>
</data>
</odoo>
Reference in New Issue View Git Blame Copy Permalink