[16.0][ADD] addon shopinvader_api_address #1361
Conversation
AnizR
force-pushed
the
acsone/16.0-api-address
branch
6 times, most recently
from
116320d
to
c48067e
Compare
AnizR
changed the title
| <!-- allow authenticated partner to snailmail_letter where it is used--> | ||
| <record id="shopinvader_address_snailmail_letter_rule" model="ir.rule"> | ||
| <field name="name">Shopinvader Address Endpoint rule: snailmail_letter</field> | ||
| <field name="model_id" ref="snailmail.model_snailmail_letter" /> |
There was a problem hiding this comment.
To investigate. If this rule stays then shopinvader_api_address must depend on snailmail, which would be... not good.
There was a problem hiding this comment.
Indeed, I will remove it.
I added this because a check is done in snailmail in write of res.partner : https://github.com/odoo/odoo/blob/a4e3662351420b9b87eac386d6bd7b4f075d9fa9/addons/snailmail/models/res_partner.py#LL20C9-L20C9
The problem is that the access to the model snailmail_letter is given to only base.group_user and base.group_system. In our case, we don't want to give any of those group to the endpoint's user (too much rights).
(IMO, an issue can (and will) be created on Odoo regarding the fact that the check should be done in sudo() + I think that the fact that every user can read every snailmail_letter is also an issue.. )
To tackle this problem, I think that the best option is to call in sudo mode our functions that does a write on res.partner in our services (in the module shopinvader_api_address).
|
This is the v2 address service, ready for final review. @sebastienbeau @thibaultrey @hparfr
A few notes:
|
sbidoul
changed the title
AnizR
force-pushed
the
acsone/16.0-api-address
branch
from
f477d19
to
14d25da
Compare
author Zina Rasoamanana <[email protected]> 1686047094 +0200 committer Zina Rasoamanana <[email protected]> 1688136067 +0200 [ADD] addon shopinvader_schema_address: init wip: add addres_billing/shipping get/create update shipping address work on tests + use country/state_id + work on address schemas rename address service extract service logic from model extract shopinvader_address some improvements + sudo on service write add vat on billing address split create/update shipping address check before update/delete shipping address readme shopinvader_schema_address shopinvader_api_address readme shopinvader_address: readme [FIX] shopinvader_api_address_*: Uses new helper class to run tests with fastapi and extendable
AnizR
force-pushed
the
acsone/16.0-api-address
branch
from
14d25da
to
0bef327
Compare
|
I cleaned up my commits history @xavier-bouquiaux @marielejeune, you may need to rebase your branches |
|
Main changes concern the following modification: Pydantic v2 now makes a distinction between nullable fields and required fields.
See here for more details |
|
/ocabot merge nobump |
|
This PR has the |
1 similar comment
|
This PR has the |
|
On my way to merge this fine PR! |
|
Congratulations, your PR was merged at b9da4d8. Thanks a lot for contributing to shopinvader. ❤️ |
Depends on OCA/rest-framework#348 for tests.
Addon to manipulate shipping/billing addresses linked to authenticated_partner
The authenticated_partner is a shipping and a billing address. Thus, there will always be at least one billing and shipping address when there is an authenticated_partner (given the fact that the address is complete/has enough information to be a shipping/billing address)will be done in front of shopinvaderThe billing address is unique and is the authenticated_partner. Therefore, it is impossible to delete it
The shipping addresses have no restriction
search : in getoverkill