Issue 4986

Domain validation should skip ir.rule
Remove company record rules (issue 4080)
Nosy list
ced, pokoli
Assigned to

Created on 2015-09-22.16:36:50 by pokoli, last changed 50 months ago by pokoli.


Author: [hidden] (pokoli) Tryton committer Tryton translator
Date: 2018-08-23.17:46:09
This has been solved on issue7555
Author: [hidden] (ced) Tryton committer Tryton translator
Date: 2015-09-23.10:57:49
No it is not a bug.
First, in recent version validate doesn't validate untouched fields.
Second, you have a design issue if you let user work on records that can be linked to "ruled" records.
I think your problem comes from an wrong usage of rule which should only be used for access right and not for programming purpose (like it is now for multi-company).

So I repeat for me, the solution is to get _check_access disabled for validation and to have rule disabled by _check_access (instead of root) but the last is only possible once issue4080 is fixed. And I will not accept any other hack to solve this locale issue, we must fix the conceptual failure of multi-company to get a correct access right management (apply only on CRUD from RPC).
Author: [hidden] (pokoli) Tryton committer Tryton translator
Date: 2015-09-23.09:23:10
Its a bug with the following scenario: 

1. Creates a record using another user, which is allowed to read the record.
2. Modify the related record without touhcing the field because it is not visible to the other user. 
3. The _validate method validates the domain and raises and incorrect error message.
Author: [hidden] (ced) Tryton committer Tryton translator
Date: 2015-09-22.17:43:04
Not a bug as the user can not set the value of a field using a record he can not read. But anyway, I think the _check_access should be reviewed to really only apply on the first RPC methods.
Author: [hidden] (pokoli) Tryton committer Tryton translator
Date: 2015-09-22.17:21:48
We have a record rule that prevents the user to access some records, and this rule is applied on domain_validation, so if the user is not allowed to access this record, the domain validation error is raised despite the domain being correct.
Author: [hidden] (ced) Tryton committer Tryton translator
Date: 2015-09-22.16:56:02
I don't understand the sentence, it seems it is missing a comma somewhere.
Author: [hidden] (pokoli) Tryton committer Tryton translator
Date: 2015-09-22.16:36:49
If there is a rule that prevents the current user to read some values of a model domain validation errors are raised on domains that depend on other field (i.e: ('some_field', '=', Eval('record_field)) but the domain is correct. 

This is due to the search on [1]. 

The attached review fixes it. 

Found on version 3.4, but I expect that all the supported series are affected. 

Date User Action Args
2018-08-23 17:46:09pokolisetstatus: testing -> closed
messages: + msg43049
2018-08-21 18:50:54cedsetsuperseder: + Remove company record rules
2015-09-23 10:57:50cedsetpriority: bug -> feature
messages: + msg22481
2015-09-23 09:23:12pokolisetpriority: feature -> bug
messages: + msg22480
2015-09-22 17:43:05cedsetpriority: bug -> feature
messages: + msg22463
2015-09-22 17:21:49pokolisetmessages: + msg22462
2015-09-22 16:56:03cedsetnosy: + ced
messages: + msg22461
2015-09-22 16:36:50pokolicreate

Showing 10 items. Show all history (warning: this could be VERY long)