openerp-india team mailing list archive
-
openerp-india team
-
Mailing list archive
-
Message #18698
Re: [Bug 1084570] [NEW] [trunk] Access rules are not reloading when you update a module.
Nhomar:
The new behavior is a big improvement to the framework!
A typical deployment scenario is to start with the default security rules
and update them based on the exact needs of the customer. Thus, rules
records will be updated reflecting the desired customer security policy.
In the case you update any OpenERP module (for any reason), the modified
security rules SHOULD NOT be modified. If they are changed, as in previous
version you are introducing a sever security violation. If you are lucky
you will notice soon, if not, the change will pass unnoticed to the
customer, but a change in the security rules was introduced silently.
In no case is a regression or bug
Best regards
2012/11/29 Nhomar Hernandez (Vauxoo) <nhomar@xxxxxxxxx>
> Public bug reported:
>
> Hello.
>
> things declared in security folder in past version is updated, in trunk,
> it is not happening.
>
> Why it is necesary:
>
> In views the core doesn't accept groups not created by code, if i am not
> able to reload res_group.xml of my module and ist respective
> ir.mode.access.csv it is not possible have a security module
> implementation by implementation.
>
> If this is a design decisition, it should be cool if somebody can
> explain us what is the workaround wiuth this bug, if not this is a
> regression.
>
> Sol:
>
> opt1: 1.- Make configurable as always, probably i need to block update
> permisions.
> opt2: 2.- revert the change in this way it can works as before.
>
> How do i reproduce.
>
> 1.- Create a module with a group/
> 2.- Create an acl on ir.model.access file/
> 3.- Install the modules.
> 4.- In graphical interace delete the acl/
> 5./ Start your server with -u all -d dbname parameters.
>
> What do i got:
>
> acl is not reloaded.
>
> What do i spect:
>
> acl is reloaded.
>
> Regards.
>
> ** Affects: openobject-server
> Importance: Undecided
> Status: New
>
> --
> You received this bug notification because you are subscribed to OpenERP
> Server.
> https://bugs.launchpad.net/bugs/1084570
>
> Title:
> [trunk] Access rules are not reloading when you update a module.
>
> Status in OpenERP Server:
> New
>
> Bug description:
> Hello.
>
> things declared in security folder in past version is updated, in
> trunk, it is not happening.
>
> Why it is necesary:
>
> In views the core doesn't accept groups not created by code, if i am
> not able to reload res_group.xml of my module and ist respective
> ir.mode.access.csv it is not possible have a security module
> implementation by implementation.
>
> If this is a design decisition, it should be cool if somebody can
> explain us what is the workaround wiuth this bug, if not this is a
> regression.
>
> Sol:
>
> opt1: 1.- Make configurable as always, probably i need to block update
> permisions.
> opt2: 2.- revert the change in this way it can works as before.
>
> How do i reproduce.
>
> 1.- Create a module with a group/
> 2.- Create an acl on ir.model.access file/
> 3.- Install the modules.
> 4.- In graphical interace delete the acl/
> 5./ Start your server with -u all -d dbname parameters.
>
> What do i got:
>
> acl is not reloaded.
>
> What do i spect:
>
> acl is reloaded.
>
> Regards.
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/openobject-server/+bug/1084570/+subscriptions
>
--
Gustavo Adrian Marino
Mobile: +54 911 5498 2515
Email: gamarino@xxxxxxxxx
Skype: gustavo.adrian.marino
--
You received this bug notification because you are a member of OpenERP
Indian Team, which is subscribed to OpenERP Server.
https://bugs.launchpad.net/bugs/1084570
Title:
[trunk] Access rules are not reloading when you update a module.
Status in OpenERP Server:
New
Bug description:
Hello.
things declared in security folder in past version is updated, in
trunk, it is not happening.
Why it is necesary:
In views the core doesn't accept groups not created by code, if i am
not able to reload res_group.xml of my module and ist respective
ir.mode.access.csv it is not possible have a security module
implementation by implementation.
If this is a design decisition, it should be cool if somebody can
explain us what is the workaround wiuth this bug, if not this is a
regression.
Sol:
opt1: 1.- Make configurable as always, probably i need to block update permisions.
opt2: 2.- revert the change in this way it can works as before.
How do i reproduce.
1.- Create a module with a group/
2.- Create an acl on ir.model.access file/
3.- Install the modules.
4.- In graphical interace delete the acl/
5./ Start your server with -u all -d dbname parameters.
What do i got:
acl is not reloaded.
What do i spect:
acl is reloaded.
Regards.
To manage notifications about this bug go to:
https://bugs.launchpad.net/openobject-server/+bug/1084570/+subscriptions
References