From 28c9cec393e1b8f430c28d096a0a393abffc1079 Mon Sep 17 00:00:00 2001 From: Holger Brunn Date: Mon, 19 Feb 2024 15:59:06 +0100 Subject: [PATCH] [FIX] base_user_role_company: actually only allow roles with companies when this role is set for all currently active companies --- base_user_role_company/models/ir_http.py | 3 +-- base_user_role_company/models/user.py | 15 +++++++------ .../tests/test_role_per_company.py | 22 +++++++++++++++++-- 3 files changed, 29 insertions(+), 11 deletions(-) diff --git a/base_user_role_company/models/ir_http.py b/base_user_role_company/models/ir_http.py index 65a6b3b91..47bbf673c 100644 --- a/base_user_role_company/models/ir_http.py +++ b/base_user_role_company/models/ir_http.py @@ -18,6 +18,5 @@ def session_info(self): if self.env.user.role_line_ids: cids_str = request.httprequest.cookies.get("cids", str(self.env.company.id)) cids = [int(cid) for cid in cids_str.split(",")] - # The first element of cids is the currently selected company - self.env.user.set_groups_from_roles(company_id=cids[0]) + self.env.user.with_context(allowed_company_ids=cids).set_groups_from_roles() return result diff --git a/base_user_role_company/models/user.py b/base_user_role_company/models/user.py index 1a2f6296b..8551c8e3e 100644 --- a/base_user_role_company/models/user.py +++ b/base_user_role_company/models/user.py @@ -24,12 +24,13 @@ def _get_enabled_roles(self): # Enable only the Roles corresponing to the currently selected company if self.role_line_ids: res = res.filtered( - lambda x: not x.company_id or x.company_id == self.env.company + lambda x: not x.company_id + or all( + cid + in res.filtered(lambda y: y.role_id == x.role_id).mapped( + "company_id.id" + ) + for cid in self.env.companies.ids + ) ) return res - - def set_groups_from_roles(self, force=False, company_id=False): - # When using the Company Switcher widget, the self.env.company is not yet set - if company_id: - self = self.with_company(company_id) - return super().set_groups_from_roles(force=force) diff --git a/base_user_role_company/tests/test_role_per_company.py b/base_user_role_company/tests/test_role_per_company.py index 9b1ac1fcc..1aa36fd30 100644 --- a/base_user_role_company/tests/test_role_per_company.py +++ b/base_user_role_company/tests/test_role_per_company.py @@ -45,14 +45,32 @@ def setUp(self): def test_110_company_1(self): "Company 1 selected: Roles A, B and C are enabled" - self.test_user.set_groups_from_roles(company_id=self.company1.id) + self.test_user.with_context( + allowed_company_ids=self.company1.ids + ).set_groups_from_roles() expected = self.groupA | self.groupB | self.groupC found = self.test_user.groups_id.filtered(lambda x: x in expected) self.assertEqual(expected, found) def test_120_company_2(self): "Company 2 selected: Roles A and C are enabled" - self.test_user.set_groups_from_roles(company_id=self.company2.id) + self.test_user.with_context( + allowed_company_ids=self.company2.ids + ).set_groups_from_roles() + enabled = self.test_user.groups_id + expected = self.groupA | self.groupC + found = enabled.filtered(lambda x: x in expected) + self.assertEqual(expected, found) + + not_expected = self.groupB + found = enabled.filtered(lambda x: x in not_expected) + self.assertFalse(found) + + def test_130_company_1_and_2(self): + "Company 1+2 selected: Roles A and C are enabled" + self.test_user.with_context( + allowed_company_ids=(self.company1 + self.company2).ids + ).set_groups_from_roles() enabled = self.test_user.groups_id expected = self.groupA | self.groupC found = enabled.filtered(lambda x: x in expected)