access rules are ignored by create()
Bug #539012 reported by
Maximilian Gaß
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Odoo Addons (MOVED TO GITHUB) | Status tracked in Trunk | |||||
5.0 |
Invalid
|
Undecided
|
Unassigned | |||
Trunk |
Invalid
|
Wishlist
|
Unassigned |
Bug Description
Access rules are checked by all other ORM functions, but not by create(). I understand this might be more hairy, because the domain is currently just usable for SQL WHERE conditions and create() needs to check the row *before* inserting it, but this loophole should be closed nevertheless.
Changed in openobject-addons: | |
status: | Incomplete → In Progress |
status: | In Progress → Incomplete |
To post a comment you must log in.
Just a thought: maybe it could be worked around by first inserting the row, then testing if the row respects the access rules with a select/where, and throwing an exception if it doesn't?
Lionel