openerp-india team mailing list archive

Thread
Date
Re: [Bug 1084570] [NEW] [trunk] Access rules are not reloading when you update a module.

To: openerp-india@xxxxxxxxxxxxxxxxxxx
From: Gustavo Adrian Marino <gamarino@xxxxxxxxx>
Date: Thu, 29 Nov 2012 17:52:01 -0000
Reply-to: Bug 1084570 <1084570@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
Nhomar:
The new behavior is a big improvement to the framework!

A typical deployment scenario is to start with the default security rules
and update them based on the exact needs of the customer. Thus, rules
records will be updated reflecting the desired customer security policy.

In the case you update any OpenERP module (for any reason), the modified
security rules SHOULD NOT be modified. If they are changed, as in previous
version you are introducing a sever security violation. If you are lucky
you will notice soon, if not,  the change will pass unnoticed to the
customer, but a change in the security rules was introduced silently.

In no case is a regression or bug
Best regards


2012/11/29 Nhomar Hernandez (Vauxoo) <nhomar@xxxxxxxxx>

> Public bug reported:
>
> Hello.
>
> things declared in security folder in past version is updated, in trunk,
> it is not happening.
>
> Why it is necesary:
>
> In views the core doesn't accept groups not created by code, if i am not
> able to reload res_group.xml of my module and ist respective
> ir.mode.access.csv it is not possible have a security module
> implementation by implementation.
>
> If this is a design decisition, it should be cool if somebody can
> explain us what is the workaround wiuth this bug, if not this is a
> regression.
>
> Sol:
>
> opt1: 1.- Make configurable as always, probably i need to block update
> permisions.
> opt2: 2.- revert the change in this way it can works as before.
>
> How do i reproduce.
>
> 1.- Create a module with a group/
> 2.- Create an acl on ir.model.access file/
> 3.- Install the modules.
> 4.- In graphical interace delete the acl/
> 5./ Start your server with -u all -d dbname parameters.
>
> What do i got:
>
> acl is not reloaded.
>
> What do i spect:
>
> acl is reloaded.
>
> Regards.
>
> ** Affects: openobject-server
>      Importance: Undecided
>          Status: New
>
> --
> You received this bug notification because you are subscribed to OpenERP
> Server.
> https://bugs.launchpad.net/bugs/1084570
>
> Title:
>   [trunk] Access rules are not reloading when you update a module.
>
> Status in OpenERP Server:
>   New
>
> Bug description:
>   Hello.
>
>   things declared in security folder in past version is updated, in
>   trunk, it is not happening.
>
>   Why it is necesary:
>
>   In views the core doesn't accept groups not created by code, if i am
>   not able to reload res_group.xml of my module and ist respective
>   ir.mode.access.csv it is not possible have a security module
>   implementation by implementation.
>
>   If this is a design decisition, it should be cool if somebody can
>   explain us what is the workaround wiuth this bug, if not this is a
>   regression.
>
>   Sol:
>
>   opt1: 1.- Make configurable as always, probably i need to block update
> permisions.
>   opt2: 2.- revert the change in this way it can works as before.
>
>   How do i reproduce.
>
>   1.- Create a module with a group/
>   2.- Create an acl on ir.model.access file/
>   3.- Install the modules.
>   4.- In graphical interace delete the acl/
>   5./ Start your server with -u all -d dbname parameters.
>
>   What do i got:
>
>   acl is not reloaded.
>
>   What do i spect:
>
>   acl is reloaded.
>
>   Regards.
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/openobject-server/+bug/1084570/+subscriptions
>


--

Gustavo Adrian Marino

Mobile: +54 911 5498 2515

Email: gamarino@xxxxxxxxx

Skype: gustavo.adrian.marino

-- 
You received this bug notification because you are a member of OpenERP
Indian Team, which is subscribed to OpenERP Server.
https://bugs.launchpad.net/bugs/1084570

Title:
  [trunk] Access rules are not reloading when you update a module.

Status in OpenERP Server:
  New

Bug description:
  Hello.

  things declared in security folder in past version is updated, in
  trunk, it is not happening.

  Why it is necesary:

  In views the core doesn't accept groups not created by code, if i am
  not able to reload res_group.xml of my module and ist respective
  ir.mode.access.csv it is not possible have a security module
  implementation by implementation.

  If this is a design decisition, it should be cool if somebody can
  explain us what is the workaround wiuth this bug, if not this is a
  regression.

  Sol:

  opt1: 1.- Make configurable as always, probably i need to block update permisions.
  opt2: 2.- revert the change in this way it can works as before.

  How do i reproduce.

  1.- Create a module with a group/
  2.- Create an acl on ir.model.access file/
  3.- Install the modules.
  4.- In graphical interace delete the acl/
  5./ Start your server with -u all -d dbname parameters.

  What do i got:

  acl is not reloaded.

  What do i spect:

  acl is reloaded.

  Regards.

To manage notifications about this bug go to:
https://bugs.launchpad.net/openobject-server/+bug/1084570/+subscriptions
References

[Bug 1084570] [NEW] [trunk] Access rules are not reloading when you update a module.
From: Nhomar Hernandez (Vauxoo), 2012-11-29