From 3a2eb7fb5e4b10274f37244f6316738b02e7f393 Mon Sep 17 00:00:00 2001
From: benjamin <benjamin@le-filament.com>
Date: Mon, 3 Oct 2022 14:56:07 +0200
Subject: [PATCH] [add] _set_ro_table function for views

---
 models/__init__.py |  1 +
 models/models.py   | 32 ++++++++++++++++++++++++++++++++
 2 files changed, 33 insertions(+)
 create mode 100644 models/models.py

diff --git a/models/__init__.py b/models/__init__.py
index dc57c89..0dc1e74 100644
--- a/models/__init__.py
+++ b/models/__init__.py
@@ -1,6 +1,7 @@
 # © 2019 Le Filament (<http://www.le-filament.com>)
 # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
 
+from . import models
 from . import res_company
 from . import res_partner
 from . import scop_month
diff --git a/models/models.py b/models/models.py
new file mode 100644
index 0000000..fbe64fb
--- /dev/null
+++ b/models/models.py
@@ -0,0 +1,32 @@
+# © 2022 Le Filament (<http://www.le-filament.com>)
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+
+import logging
+from psycopg2.extensions import AsIs
+
+from odoo import models
+
+_logger = logging.getLogger(__name__)
+
+
+class BaseModelExtend(models.AbstractModel):
+    _inherit = "base"
+
+    def _set_ro_table(self):
+        """
+        Affecte les droits de lecture seule à la table du modèle pour un utilisateur donné
+        """
+        user_name = self.env["ir.config_parameter"].sudo().get_param("read.only.db.user")
+        if user_name:
+            self.env.cr.execute("SELECT 1 FROM pg_roles WHERE rolname=%s", (user_name,))
+            user_exists = self.env.cr.fetchall()
+            if user_exists:
+                self.env.cr.execute(
+                    "GRANT SELECT ON %s TO %s", (AsIs(self._table), AsIs(user_name),))
+                _logger.info(
+                    "Read access to %s on %s granted" % (user_name, self._table,)
+                )
+            else:
+                _logger.warning("Database user %s does not exists" % user_name)
+        else:
+            _logger.info("Read Only database user is not set")
-- 
GitLab