From 3a2eb7fb5e4b10274f37244f6316738b02e7f393 Mon Sep 17 00:00:00 2001 From: benjamin <benjamin@le-filament.com> Date: Mon, 3 Oct 2022 14:56:07 +0200 Subject: [PATCH] [add] _set_ro_table function for views --- models/__init__.py | 1 + models/models.py | 32 ++++++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) create mode 100644 models/models.py diff --git a/models/__init__.py b/models/__init__.py index dc57c89..0dc1e74 100644 --- a/models/__init__.py +++ b/models/__init__.py @@ -1,6 +1,7 @@ # © 2019 Le Filament (<http://www.le-filament.com>) # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html). +from . import models from . import res_company from . import res_partner from . import scop_month diff --git a/models/models.py b/models/models.py new file mode 100644 index 0000000..fbe64fb --- /dev/null +++ b/models/models.py @@ -0,0 +1,32 @@ +# © 2022 Le Filament (<http://www.le-filament.com>) +# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html). + +import logging +from psycopg2.extensions import AsIs + +from odoo import models + +_logger = logging.getLogger(__name__) + + +class BaseModelExtend(models.AbstractModel): + _inherit = "base" + + def _set_ro_table(self): + """ + Affecte les droits de lecture seule à la table du modèle pour un utilisateur donné + """ + user_name = self.env["ir.config_parameter"].sudo().get_param("read.only.db.user") + if user_name: + self.env.cr.execute("SELECT 1 FROM pg_roles WHERE rolname=%s", (user_name,)) + user_exists = self.env.cr.fetchall() + if user_exists: + self.env.cr.execute( + "GRANT SELECT ON %s TO %s", (AsIs(self._table), AsIs(user_name),)) + _logger.info( + "Read access to %s on %s granted" % (user_name, self._table,) + ) + else: + _logger.warning("Database user %s does not exists" % user_name) + else: + _logger.info("Read Only database user is not set") -- GitLab