openerp-community team mailing list archive

Thread
Date

Re: lp:~openerp-community/openobject-addons/lpistone_6.0_lp784499 into lp:openobject-addons/6.0

To: Leonardo Pistone - Domsense <leonardo.pistone@xxxxxxxxxxxx>
From: Leonardo Pistone - Domsense <leonardo.pistone@xxxxxxxxxxxx>
Date: Fri, 20 May 2011 11:11:31 -0000
In-reply-to: <20110518102612.18375.86228.launchpad@loganberry.canonical.com>
Reply-to: mp+61377@xxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

Olivier, Fabien,

I agree with you both.

In general, there are many situations where there are sql queries that break with access rules and/or company_ids. Many of these can be converted to the ORM way and do the right thing transparently, with the exception of the ones that would be too slow (that is not the case here).

Still, that bug is a bit different: we are talking about the account_id of a decoration invoice line. The account_id doesn't make sense, and in fact isn't shown to the user, and is there just because that field is required in the invoice line. So our query should get the account_id that is least likely to be restricted/changed in the future. That's probably why the original code looks for the root account. 

Example: in a multi-company setup, a user could have access to all accounts, but still it is nicer to choose his own company's account instead of a random one.

So: I'm for Olivier's ORM way + [('company_id'),('='),(current_company)]

Thanks!
-- 
https://code.launchpad.net/~openerp-community/openobject-addons/lpistone_6.0_lp784499/+merge/61377
Your team OpenERP Community is subscribed to branch lp:~openerp-community/openobject-addons/lpistone_6.0_lp784499.

References

[Merge] lp:~openerp-community/openobject-addons/lpistone_6.0_lp784499 into lp:openobject-addons/6.0
From: Leonardo Pistone - Domsense, 2011-05-18