allows admin see all directories created in the system

2025-02-16 07:08:13 +02:00 · 2025-02-16 07:08:13 +02:00 · 1b95c8fda8
parent 0b515a7197
commit 1b95c8fda8
1 changed files with 4 additions and 4 deletions
--- a/odex25_dms/dms/models/dms_security_mixin.py
+++ b/odex25_dms/dms/models/dms_security_mixin.py
@ -66,7 +66,7 @@ class DmsSecurityMixin(models.AbstractModel):
        ⚠ Not very performant; only display field on form views.
        """
        # Superuser unrestricted 🦸
-        if self.env.su:
+        if self.env.su or self.env.user.has_group('base.group_system'):
            self.update(
                {
                    "permission_create": True,
@ -94,7 +94,7 @@ class DmsSecurityMixin(models.AbstractModel):
    @api.model
    def _get_domain_by_inheritance(self, operation):
        """Get domain for inherited accessible records."""
-        if self.env.su:
+        if self.env.su or self.env.user.has_group('base.group_system'):
            return []
        inherited_access_field = "storage_id_inherit_access_from_parent_record"
        if self._name != "dms.directory":
@ -188,13 +188,13 @@ class DmsSecurityMixin(models.AbstractModel):
        _self = self
        # HACK ir.rule domain is always computed with sudo, so if this check is
        # true, we can assume safely that you're checking permissions
-        if self.env.su and value == self.env.uid:
+        if self.env.su or self.env.user.has_group('base.group_system') and value == self.env.uid:
            _self = self.sudo(False)
            value = bool(value)
        # Tricky one, to know if you want to search
        # positive or negative access
        positive = (operator not in NEGATIVE_TERM_OPERATORS) == bool(value)
-        if _self.env.su:
+        if _self.env.su or self.env.user.has_group('base.group_system'):
            # You're SUPERUSER_ID
            return TRUE_DOMAIN if positive else FALSE_DOMAIN
        # Obtain and combine domains