From 4769a164ca78025c2a23c96d600005e6ed5bf5b8 Mon Sep 17 00:00:00 2001
From: jordan <jordan@le-filament.com>
Date: Tue, 14 Dec 2021 16:03:55 +0100
Subject: [PATCH] [update] security rules for cotisation

---
 security/ir.model.access.csv | 10 ++++-----
 security/security_rules.xml  | 40 ++++++++++++++++++++++++++++++++++++
 views/account_invoice.xml    |  1 +
 views/scop_bordereau_cg.xml  |  1 +
 views/scop_cotisation_cg.xml |  1 +
 5 files changed, 48 insertions(+), 5 deletions(-)

diff --git a/security/ir.model.access.csv b/security/ir.model.access.csv
index c818bf4..658ea35 100755
--- a/security/ir.model.access.csv
+++ b/security/ir.model.access.csv
@@ -1,11 +1,11 @@
 id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
-access_scop_cotisation_simulation,access_scop_cotisation_simulation,model_scop_cotisation_cg_simulation,account.group_account_manager,1,1,1,1
+access_scop_cotisation_simulation,access_scop_cotisation_simulation,model_scop_cotisation_cg_simulation,cgscop_cotisation_cg.group_cotisation_cg_administrative,1,1,1,1
 admin_access_scop_cotisation_simulation,admin_access_scop_cotisation_simulation,model_scop_cotisation_cg_simulation,cgscop_partner.group_cg_administrator,1,1,1,1
-access_scop_cotisation_cg,access_scop_cotisation_cg,model_scop_cotisation_cg,account.group_account_manager,1,1,1,0
+access_scop_cotisation_cg,access_scop_cotisation_cg,model_scop_cotisation_cg,cgscop_cotisation_cg.group_cotisation_cg_administrative,1,1,1,0
 admin_access_scop_cotisation_cg,admin_access_scop_cotisation_cg,model_scop_cotisation_cg,cgscop_partner.group_cg_administrator,1,1,1,1
-access_scop_bordereau,access_scop_bordereau,model_scop_bordereau,account.group_account_manager,1,1,1,1
+access_scop_bordereau,access_scop_bordereau,model_scop_bordereau,cgscop_cotisation_cg.group_cotisation_cg_administrative,1,1,1,1
 admin_access_scop_bordereau,admin_access_scop_bordereau,model_scop_bordereau,cgscop_partner.group_cg_administrator,1,1,1,1
-access_scop_bordereau_version,access_scop_bordereau_version,model_scop_bordereau_version,account.group_account_manager,1,1,1,1
+access_scop_bordereau_version,access_scop_bordereau_version,model_scop_bordereau_version,cgscop_cotisation_cg.group_cotisation_cg_administrative,1,1,1,1
 admin_access_scop_bordereau_version,admin_access_scop_bordereau_version,model_scop_bordereau_version,cgscop_partner.group_cg_administrator,1,1,1,1
-access_scop_bordereau_refund_wizard_quarter,access_scop_bordereau_refund_wizard_quarter,model_scop_bordereau_refund_wizard_quarter,account.group_account_manager,1,1,1,1
+access_scop_bordereau_refund_wizard_quarter,access_scop_bordereau_refund_wizard_quarter,model_scop_bordereau_refund_wizard_quarter,cgscop_cotisation_cg.group_cotisation_cg_administrative,1,1,1,1
 admin_access_scop_bordereau_refund_wizard_quarter,admin_access_scop_bordereau_refund_wizard_quarter,model_scop_bordereau_refund_wizard_quarter,cgscop_partner.group_cg_administrator,1,1,1,1
diff --git a/security/security_rules.xml b/security/security_rules.xml
index ebb8d7e..a4f7a2f 100644
--- a/security/security_rules.xml
+++ b/security/security_rules.xml
@@ -5,6 +5,23 @@
 <odoo>
     <data noupdate="0">
 
+        <!-- Categories & Groups -->
+
+        <!-- Add Cotisations group category -->
+         <record model="ir.module.category" id="cgscop_cotisation_cg_module_category">
+            <field name="name">Cotisation</field>
+        </record>
+
+        <!-- Add cotisations groups -->
+        <record id="group_cotisation_cg_administrative" model="res.groups">
+            <field name="name">Gestionnaire des cotisations</field>
+            <field name="category_id" ref="cgscop_cotisation_cg_module_category"/>
+            <field name="implied_ids" eval="[(6, 0, [ref('account.group_account_manager')])]"/>
+        </record>
+
+        <!-- Rules -->
+
+        <!-- Cotiz only for own company -->
         <record id="cg_cotisation_cg_rule" model="ir.rule">
             <field name="name">Cotisations consultables que pour sa société</field>
             <field name="model_id" ref="cgscop_cotisation_cg.model_scop_cotisation_cg"/>
@@ -15,6 +32,7 @@
             <field name="perm_unlink" eval="True"/>
         </record>
 
+        <!-- Bordereaux only for own company -->
         <record id="cg_cotisation_cg_rule" model="ir.rule">
             <field name="name">Bordereaux consultables que pour sa société</field>
             <field name="model_id" ref="cgscop_cotisation_cg.model_scop_bordereau"/>
@@ -25,5 +43,27 @@
             <field name="perm_unlink" eval="True"/>
         </record>
 
+        <!-- Service Admin grant all access -->
+        <record id="scop_cotisation_cg_admin" model="ir.rule">
+            <field name="name">Cotisations - Modification  - Service Administratif</field>
+            <field name="model_id" ref="cgscop_cotisation_cg.model_scop_cotisation_cg"/>
+            <field name="domain_force">[(1,'=',1)]</field>
+            <field name="groups" eval="[(6, 0, [ref('group_cotisation_cg_administrative')])]"/>
+            <field name="perm_read" eval="True"/>
+            <field name="perm_write" eval="True"/>
+            <field name="perm_create" eval="True"/>
+            <field name="perm_unlink" eval="True"/>
+        </record>
+        <record id="scop_bordereau_admin" model="ir.rule">
+            <field name="name">Bordereaux - Modification  - Service Administratif</field>
+            <field name="model_id" ref="cgscop_cotisation_cg.model_scop_bordereau"/>
+            <field name="domain_force">[(1,'=',1)]</field>
+            <field name="groups" eval="[(6, 0, [ref('group_cotisation_cg_administrative')])]"/>
+            <field name="perm_read" eval="True"/>
+            <field name="perm_write" eval="True"/>
+            <field name="perm_create" eval="True"/>
+            <field name="perm_unlink" eval="True"/>
+        </record>
+
     </data>
 </odoo>
\ No newline at end of file
diff --git a/views/account_invoice.xml b/views/account_invoice.xml
index 4152cb0..59350d0 100644
--- a/views/account_invoice.xml
+++ b/views/account_invoice.xml
@@ -95,6 +95,7 @@
         <menuitem id="menu_scop_cotisation_cg_appel_cotisation"
                   name="Appels de cotisations"
                   parent="cgscop_cotisation.menu_scop_cotisation"
+                  groups="cgscop_cotisation_cg.group_cotisation_cg_administrative"
                   action="action_scop_cg_appel_cotisation"
                   sequence="20"/>
 
diff --git a/views/scop_bordereau_cg.xml b/views/scop_bordereau_cg.xml
index 6494508..e7685d1 100644
--- a/views/scop_bordereau_cg.xml
+++ b/views/scop_bordereau_cg.xml
@@ -237,6 +237,7 @@
         <menuitem name="Bordereaux"
                   id="scop_bordereau_menu"
                   parent="cgscop_cotisation.menu_scop_cotisation"
+                  groups="cgscop_cotisation_cg.group_cotisation_cg_administrative"
                   action="scop_bordereau_act_window"
                   sequence="30"/>
 
diff --git a/views/scop_cotisation_cg.xml b/views/scop_cotisation_cg.xml
index acb085b..58b288d 100644
--- a/views/scop_cotisation_cg.xml
+++ b/views/scop_cotisation_cg.xml
@@ -159,6 +159,7 @@
         <!-- MENUS -->
         <menuitem id="menu_scop_cotisation_cg_calcul"
                   parent="cgscop_cotisation.menu_scop_cotisation"
+                  groups="cgscop_cotisation_cg.group_cotisation_cg_administrative"
                   action="action_scop_cotisation_cg"
                   sequence="10"/>
     </data>
-- 
GitLab