Comment 78 for bug 1073087

We are having problems with the security in OpenERP.

I have a user "roger" that have configured the same rights as admin user.

The admin user can confirm sales order in the sales module.
The user "roger" can not confirm sales order. we got a message indicating the document location has no read access.

if i delete the access rule corresponding to the location object, then it works.

Here is the logged error

context
File "/usr/lib/pymodules/python2.7/openerp/addons/stock/stock.py", line 239, $
if location.chained_location_type == 'customer':
  File "/usr/lib/pymodules/python2.7/openerp/osv/orm.py", line 484, in __getatt$
    return self[name]
  File "/usr/lib/pymodules/python2.7/openerp/osv/orm.py", line 399, in __getite$
    field_values = self._table.read(self._cr, self._uid, ids, field_names, cont$
  File "/usr/lib/pymodules/python2.7/openerp/osv/orm.py", line 3604, in read
    result = self._read_flat(cr, user, select, fields, context, load)
  File "/usr/lib/pymodules/python2.7/openerp/osv/orm.py", line 3659, in _read_f$
self._check_record_rules_result_count(cr, user, sub_ids, result_ids, 'read'$
File "/usr/lib/pymodules/python2.7/openerp/osv/orm.py", line 3862, in _check_$
(self._description, operation))
except_orm: (u'Access Denied', u'The requested operation cannot be completed du$
2013-05-21 15:56:06,684 1149 ERROR doger openerp.netsvc: Access Denied
The requested
--