[FIX] product_cost_security: Allow fieldless write() to succeed.#2335
Open
bobslee wants to merge 1 commit into
Open
[FIX] product_cost_security: Allow fieldless write() to succeed.#2335bobslee wants to merge 1 commit into
bobslee wants to merge 1 commit into
Conversation
Contributor
|
Hi @rafaelbn, @yajo, @sergio-teruel, |
Contributor
|
Please review #2254 |
Member
|
Why would you call |
check_field_access_rights raises an AccessError whenever a non
cost-editor touches a cost field. However, when fields is empty
(e.g. an empty vals dict reaches write), the base ORM expands it to
*every* accessible field, which includes the protected cost fields,
and the mixin then wrongly denies the write.
This happens, for instance, when l10n_eu_product_adr pops every value
out of the write vals (is_dangerous/adr_goods_id are delegated to the
to the variants) and delegates an empty dict to super().write({}).
A field-less, non-superuser write/create targets no cost field, so we
bypass the cost-edit restriction and rely on the standard ORM checks.
The return value is irrelevant here: write ignores it.
dfc3533 to
cb0d2b0
Compare
Author
This happens, for instance, when |
Member
|
However, isn't this opening a problem? You're telling upstream they can write some fields, when they can't. |
Member
|
Shouldn't it be |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
check_field_access_rights raises an AccessError whenever a non cost-editor touches a cost field. However, when fields is empty (e.g. an empty vals dict reaches write), the base ORM expands it to every accessible field, which includes the protected cost fields, and the mixin then wrongly denies the write.
This happens, for instance, when l10n_eu_product_adr pops every value out of the write vals (is_dangerous/adr_goods_id are delegated to the to the variants) and delegates an empty dict to super().write({}).
A field-less, non-superuser write/create targets no cost field, so we bypass the cost-edit restriction and rely on the standard ORM checks. The return value is irrelevant here: write ignores it.