odoo 怎樣實現的欄位許可權管控原理
阿新 • • 發佈:2020-10-05
從檢視結構來管控:
- 以stock.picking 的tree 檢視為例,如果將name欄位設定群組管控
<?xml version="1.0"?> <tree decoration-info="state == 'draft'" decoration-muted="state == 'cancel'" decoration-danger="state not in ('cancel', 'done') and scheduled_date < current_date" string="Picking list"> <field name="name" groups="stock.group_stock_manager" /> <field name="location_dest_id" groups="stock.group_stock_multi_locations"/> <field name="partner_id"/> <field name="date" invisible="1"/> <field name="scheduled_date"/> <field name="origin"/> <field name="group_id" invisible="1"/> <field name="backorder_id"/> <field name="state"/> <field name="priority" invisible="1"/> <field name="picking_type_id" invisible="1"/> </tree>
- 伺服器返回的欄位結構將發生變更,根據使用者登入所擁有的群組:
{ "list": { "model": "stock.picking", "name": "stock.picking.tree", "toolbar": { "relate": [], "print": [ { "model": "stock.picking", "groups_id": [], "attachment": false, "report_type": "qweb-pdf", "type": "ir.actions.report", "binding_model_id": [ 220, "Transfer" ], "create_uid": [ 1, "OdooBot" ], "paperformat_id": false, "jasper_report": false, "create_date": "2020-03-05 14:07:45", "binding_type": "report", "attachment_use": false, "__last_update": "2020-06-21 13:06:37", "help": false, "name": "Picking Operations", "display_name": "Picking Operations", "report_name": "stock.report_picking", "jasper_output": "pdf", "string": "Picking Operations", "id": 169, "xml_id": "stock.action_report_picking", "report_file": "stock.report_picking_operations", "write_uid": [ 1, "OdooBot" ], "write_date": "2020-06-21 13:06:37", "model_id": [ 220, "Transfer" ], "print_report_name": "'Picking Operations - %s - %s' % (object.partner_id.name or '', object.name)", "multi": false, "jasper_file_ids": [] }, { "model": "stock.picking", "groups_id": [], "attachment": false, "report_type": "qweb-pdf", "type": "ir.actions.report", "binding_model_id": [ 220, "Transfer" ], "create_uid": [ 1, "OdooBot" ], "paperformat_id": false, "jasper_report": false, "create_date": "2020-03-05 14:07:45", "binding_type": "report", "attachment_use": false, "__last_update": "2020-06-21 13:06:37", "help": false, "name": "Delivery Slip", "display_name": "Delivery Slip", "report_name": "stock.report_deliveryslip", "jasper_output": "pdf", "string": "Delivery Slip", "id": 170, "xml_id": "stock.action_report_delivery", "report_file": "stock.report_deliveryslip", "write_uid": [ 1, "OdooBot" ], "write_date": "2020-06-21 13:06:37", "model_id": [ 220, "Transfer" ], "print_report_name": "'Delivery Slip - %s - %s' % (object.partner_id.name or '', object.name)", "multi": false, "jasper_file_ids": [] }, { "model": "stock.picking", "groups_id": [], "attachment": false, "report_type": "qweb-pdf", "type": "ir.actions.report", "binding_model_id": [ 220, "Transfer" ], "create_uid": [ 1, "OdooBot" ], "paperformat_id": false, "jasper_report": false, "create_date": "2020-05-30 08:01:33", "binding_type": "report", "attachment_use": false, "__last_update": "2020-06-21 13:09:01", "help": false, "name": "Delivery Slip", "display_name": "Delivery Slip", "report_name": "bi_professional_reports_templates.report_deliveryslip", "jasper_output": "pdf", "string": "Delivery Slip", "id": 662, "xml_id": "bi_professional_reports_templates.action_report_delivery_custom", "report_file": "bi_professional_reports_templates.report_deliveryslip", "write_uid": [ 1, "OdooBot" ], "write_date": "2020-06-21 13:09:01", "model_id": [ 220, "Transfer" ], "print_report_name": false, "multi": false, "jasper_file_ids": [] } ], "action": [ { "groups_id": [], "limit": 0, "xml_id": "stock_picking_batch.stock_picking_to_batch_action_stock_picking", "views": [ [ false, "form" ] ], "auto_search": true, "type": "ir.actions.act_window", "filter": false, "context": "{}", "binding_model_id": [ 220, "Transfer" ], "create_uid": [ 1, "OdooBot" ], "view_mode": "form", "view_type": "form", "domain": "[]", "create_date": "2020-04-29 10:53:30", "binding_type": "action", "display_name": "Add to Batch", "view_id": false, "help": false, "name": "Add to Batch", "res_id": 0, "usage": false, "string": "Add to Batch", "view_ids": [], "id": 565, "res_model": "stock.picking.to.batch", "src_model": "stock.picking", "write_uid": [ 1, "OdooBot" ], "write_date": "2020-06-21 13:07:37", "search_view_id": false, "__last_update": "2020-06-21 13:07:37", "search_view": "{'model': 'stock.picking.to.batch', 'name': 'default', 'arch': '<search string=\"Batch Picking Lines\"><field name=\"id\" modifiers=\"{"readonly": true}\"/></search>', 'type': 'search', 'fields': {'id': {'change_default': False, 'depends': (), 'store': True, 'company_dependent': False, 'sortable': True, 'type': 'integer', 'views': {}, 'required': False, 'readonly': True, 'string': 'ID', 'manual': False, 'searchable': True}}, 'field_parent': False}", "multi": true, "target": "new" } ] }, "arch": "<tree decoration-info=\"state == 'draft'\" decoration-muted=\"state == 'cancel'\" decoration-danger=\"state not in ('cancel', 'done') and scheduled_date < current_date\" string=\"Picking list\">\n <field name=\"name\" invisible=\"1\" modifiers=\"{"column_invisible": true, "invisible": true, "readonly": [["state", "in", ["cancel", "done"]]]}\"/>\n <field name=\"location_dest_id\" can_create=\"false\" can_write=\"false\" modifiers=\"{"required": true, "readonly": [["state", "not in", ["draft"]]]}\"/>\n <field name=\"partner_id\" on_change=\"1\" can_create=\"true\" can_write=\"true\" modifiers=\"{"readonly": [["state", "in", ["cancel", "done"]]]}\"/>\n <field name=\"date\" invisible=\"1\" modifiers=\"{"column_invisible": true, "readonly": [["state", "in", ["cancel", "done"]]]}\"/>\n <field name=\"scheduled_date\" modifiers=\"{}\"/>\n <field name=\"origin\" modifiers=\"{"readonly": [["state", "in", ["cancel", "done"]]]}\"/>\n <field name=\"group_id\" invisible=\"1\" can_create=\"true\" can_write=\"true\" modifiers=\"{"column_invisible": true, "readonly": true}\"/>\n <field name=\"backorder_id\" can_create=\"true\" can_write=\"true\" modifiers=\"{"readonly": [["state", "in", ["cancel", "done"]]]}\"/>\n <field name=\"state\" modifiers=\"{"readonly": true}\"/>\n <field name=\"priority\" invisible=\"1\" modifiers=\"{"column_invisible": true, "readonly": [["state", "in", ["cancel", "done"]]]}\"/>\n <field name=\"picking_type_id\" invisible=\"1\" on_change=\"1\" can_create=\"false\" can_write=\"false\" modifiers=\"{"column_invisible": true, "required": true, "readonly": [["state", "not in", ["draft"]]]}\"/>\n <field name=\"batch_id\" can_create=\"true\" can_write=\"true\" modifiers=\"{"readonly": [["state", "in", ["cancel", "done"]]]}\"/>\n \n </tree>", "base_model": "stock.picking", "type": "tree", "view_id": 688, "field_parent": false, "fields": { "batch_id": { "change_default": false, "depends": [], "type": "many2one", "help": "Batch associated to this picking", "sortable": true, "company_dependent": false, "searchable": true, "context": {}, "store": true, "views": {}, "required": false, "states": { "cancel": [ [ "readonly", true ] ], "done": [ [ "readonly", true ] ] }, "domain": [], "string": "Batch Picking", "manual": false, "readonly": false, "relation": "stock.picking.batch" }, "picking_type_id": { "change_default": false, "depends": [], "store": true, "states": { "draft": [ [ "readonly", false ] ] }, "company_dependent": false, "sortable": true, "type": "many2one", "context": {}, "views": {}, "required": true, "readonly": true, "domain": [], "string": "Operation Type", "manual": false, "searchable": true, "relation": "stock.picking.type" }, "priority": { "change_default": false, "depends": [ "move_lines.priority" ], "store": true, "states": { "cancel": [ [ "readonly", true ] ], "done": [ [ "readonly", true ] ] }, "company_dependent": false, "sortable": true, "type": "selection", "help": "Priority for this picking. Setting manually a value here would set it as priority for all the moves", "views": {}, "selection": [ [ "0", "Not urgent" ], [ "1", "Normal" ], [ "2", "Urgent" ], [ "3", "Very Urgent" ] ], "readonly": false, "string": "Priority", "manual": false, "searchable": true, "required": false }, "backorder_id": { "change_default": false, "depends": [], "type": "many2one", "help": "If this shipment was split, then this field links to the shipment which contains the already processed part.", "sortable": true, "company_dependent": false, "searchable": true, "context": {}, "store": true, "views": {}, "required": false, "states": { "cancel": [ [ "readonly", true ] ], "done": [ [ "readonly", true ] ] }, "domain": [], "string": "Back Order of", "manual": false, "readonly": false, "relation": "stock.picking" }, "origin": { "change_default": false, "depends": [], "store": true, "company_dependent": false, "translate": false, "sortable": true, "type": "char", "trim": true, "help": "Reference of the document", "views": {}, "readonly": false, "states": { "cancel": [ [ "readonly", true ] ], "done": [ [ "readonly", true ] ] }, "string": "Source Document", "manual": false, "searchable": true, "required": false }, "name": { "change_default": false, "depends": [], "store": true, "company_dependent": false, "translate": false, "sortable": true, "type": "char", "trim": true, "views": {}, "required": false, "states": { "cancel": [ [ "readonly", true ] ], "done": [ [ "readonly", true ] ] }, "readonly": false, "string": "Reference", "manual": false, "searchable": true }, "scheduled_date": { "change_default": false, "depends": [ "move_lines.date_expected" ], "store": true, "company_dependent": false, "sortable": true, "type": "datetime", "help": "Scheduled time for the first part of the shipment to be processed. Setting manually a value here would set it as expected date for all the stock moves.", "views": {}, "readonly": false, "string": "Scheduled Date", "manual": false, "searchable": true, "required": false }, "partner_id": { "change_default": false, "depends": [], "store": true, "states": { "cancel": [ [ "readonly", true ] ], "done": [ [ "readonly", true ] ] }, "company_dependent": false, "sortable": true, "type": "many2one", "context": {}, "views": {}, "required": false, "readonly": false, "domain": [], "string": "Partner", "manual": false, "searchable": true, "relation": "res.partner" }, "date": { "change_default": false, "depends": [], "store": true, "company_dependent": false, "sortable": true, "type": "datetime", "help": "Creation Date, usually the time of the order", "views": {}, "readonly": false, "states": { "cancel": [ [ "readonly", true ] ], "done": [ [ "readonly", true ] ] }, "string": "Creation Date", "manual": false, "searchable": true, "required": false }, "group_id": { "change_default": false, "depends": [ "move_lines.group_id" ], "store": true, "related": [ "move_lines", "group_id" ], "company_dependent": false, "sortable": true, "type": "many2one", "searchable": true, "context": {}, "views": {}, "required": false, "domain": [], "string": "Procurement Group", "manual": false, "readonly": true, "relation": "procurement.group" }, "state": { "change_default": false, "depends": [ "move_type", "move_lines.state", "move_lines.picking_id" ], "store": true, "company_dependent": false, "sortable": true, "type": "selection", "help": " * Draft: not confirmed yet and will not be scheduled until confirmed.\n * Waiting Another Operation: waiting for another move to proceed before it becomes automatically available (e.g. in Make-To-Order flows).\n * Waiting: if it is not ready to be sent because the required products could not be reserved.\n * Ready: products are reserved and ready to be sent. If the shipping policy is 'As soon as possible' this happens as soon as anything is reserved.\n * Done: has been processed, can't be modified or cancelled anymore.\n * Cancelled: has been cancelled, can't be confirmed anymore.", "views": {}, "selection": [ [ "draft", "Draft" ], [ "waiting", "Waiting Another Operation" ], [ "confirmed", "Waiting" ], [ "assigned", "Ready" ], [ "done", "Done" ], [ "cancel", "Cancelled" ] ], "readonly": true, "string": "Status", "manual": false, "searchable": true, "required": false }, "location_dest_id": { "change_default": false, "depends": [], "store": true, "states": { "draft": [ [ "readonly", false ] ] }, "company_dependent": false, "sortable": true, "type": "many2one", "context": {}, "views": {}, "required": true, "readonly": true, "domain": [], "string": "Destination Location", "manual": false, "searchable": true, "relation": "stock.location" } } } }
- 從返回的結果中可以看到:當前登入使用者沒有
stock.group_stock_manager許可權,故欄位中的name將不會返回 - 但是資料的返回結果是不會變更的,即介面
search_read的結果不會發生改變,仍然有name欄位,只是沒有被js處理罷了.
{ "0": { "priority": false, "name": "My Co/IN/00001", "origin": false, "partner_id": false, "scheduled_date": "2020-05-13 03:14:38", "id": 36, "batch_id": false, "picking_type_id": [ 7, "My Company, Chicago: Receipts" ], "date": "2020-05-13 03:14:43", "backorder_id": false, "location_dest_id": [ 27, "My Co/Stock" ], "state": "done", "group_id": false } }