openerp-community team mailing list archive

[Martin Collins <martin@xxxxxxxxxxxxx>]

On 2014-03-15 22:06, jeff.wang wrote:
> 
> Yes, CSV is noupdate="0", this make me really fantastic surprises during
> implement the security access control.

Yeah, and they say ERP is boring ;-/

> each time you upgrade a module, all access come from CSV __REPLACE__ the
> ones you set up in your database, this make the security setting in
> openerp can not been used by non-developer, how do you solve it in your
> project?

Not sure 'solve' is the word I would use but here's how I do it:
Always run with -P (partial import) which won't load a file it has
already loaded.
Make sure all my unsafe CSV files are commented out in __openerp__.py
before every update (in case the -P gets forgotten or status.pickle gets
lost).
If I want to update a whole CSV file I hack it out of the status.pickle
file (delete the existing records first).
If I want to add some new lines from a CSV file I copy them into a
separate file and import that through the user interface.

Martin