feat(registry): per-action opt-out for registry admin-only CRUD restriction#299
feat(registry): per-action opt-out for registry admin-only CRUD restriction#299gonzalesedwin1123 wants to merge 2 commits into
Conversation
|
Warning Gemini encountered an error creating the review. You can try again by commenting |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## 19.0 #299 +/- ##
==========================================
+ Coverage 71.58% 71.68% +0.10%
==========================================
Files 418 423 +5
Lines 26747 26895 +148
==========================================
+ Hits 19146 19281 +135
- Misses 7601 7614 +13
Flags with carried forward coverage won't be shown. Click here to find out more.
🚀 New features to boost your workflow:
|
|
Test and verification results: Python suite (Docker, isolated):
Manual UI verification — executed against a local
Screenshots confirm the same non-admin session sees no New button on the plain partner list and the New button on the bypass action. READMEs were regenerated by applying CI's printed diff verbatim (local generator output is not byte-identical to CI's). |
Expert Review SummaryThree parallel reviews were run on this PR: repo code-reviewer (principles/compliance), an Odoo 19 web-internals deep-dive (verified against the framework source in the Findings → resolution
Noted for follow-up (not this PR)
Verified facts from the deep-dive
Re-verification after amendmentsHeadless-Chrome checks re-run against a live stack on the amended code — all four pass: non-admin plain action New hidden; non-admin bypass action New visible; bypass create form editable with Save; admin unaffected. |
…iction Honor bypass_registry_admin_only_crud in an action's context so that action's res.partner views are exempt from the registry restriction while other partner views keep it. The flag follows Odoo's standard context propagation (relational dialogs and button-opened actions from the exempt view inherit it), and exempt form views also disable useSendBeaconToSaveUrgently: authoring actions typically carry default_* keys that make a new record dirty before the user types, so the blur-triggered beacon save would raise validation errors on every tab refocus. Downstreams that need a dedicated non-admin role to author one registry list can set the flag on that action instead of counter-patching the controllers. The flag is a UI affordance, not a security boundary: server-side ACLs and record rules remain the real enforcement, as documented in the docstring and DESCRIPTION.md.
a397da0 to
de23a45
Compare
Closes #298
What
Honor a
bypass_registry_admin_only_crud: Trueflag in an action's context so that action'sres.partnerviews are exempt from theregistry_admin_only_crudrestriction, while other partner views keep it. The change is inspp_starter_sp_mis/static/src/js/registry_restriction.js.Usage:
Semantics (documented in the docstring and DESCRIPTION.md):
useSendBeaconToSaveUrgently: authoring actions typically carrydefault_*context keys that make a new record dirty before the user types, and the blur-triggered urgent save would otherwise raise validation errors on every tab refocus.Why
Downstream implementations sometimes need one dedicated
res.partneraction where a non-admin role can author records while all other partner views stay restricted. Without a supported opt-out they have to counter-patchListController/FormControlleragainst Odoo web internals; this gives them a supported seam (the flag name matches what downstream workarounds already use, so they can delete their patches directly — the beacon-save opt-out included).How
In both controller patches the bypass is checked alongside the existing
REGISTRY_MODELSguard: the synchronous_registryRestrictedcache check ANDs in the bypass, and the post-super.setup()early return also returns when the flag is set — soonWillStart, the DOM enforcement,modelParamsreadonly forcing, and the action-menu filtering are all skipped for the exempt views. ThemodelParamsgetter additionally setsuseSendBeaconToSaveUrgently = falseon the bypass path.Versioning / docs
spp_starter_sp_mis: 19.0.2.0.0 → 19.0.2.1.0 + HISTORY fragment; opt-out documented in DESCRIPTION.mdREADME.rst/index.htmlregenerated by applying CI's printed diffs verbatim (local generator output is not byte-identical to CI's)Testing
The change is JS-only and the repo has no executable JS test infrastructure (no Chrome in the Docker image, no tour runner), so coverage is manual, authorized by the maintainer:
./spp t spp_starter_sp_mis: 1 passed, 0 failed, 0 errorspre-commithooks on changed files: all passed (eslint, prettier, semgrep, OpenSPP checks)--demo misstack: non-admin Registry Officer sees no New button on a plain partner action; New button + genuinely editable create form on the bypass-context action; admin unaffected — details in the PR comments