Allow bypassing rule during first creation

Hi, currently I have three model - model A with a one2one relationship to model B, and model B has a one2many relationship to model C. When I click on a button in model A, a wizard of model B will be automatically populated with all the fields and model C records as well.

There’s a rule on model C which restricts user Dave from seeing/editing user Tom’s record. However all the records would need to be created by user Dave. Upon creation, user Dave can only view/edit its own records and user Tom can only view/edit its own records as well.

May I know how can I achieve this? I tried adding a default boolean to allow user A to create record, but am unable to set it to False upon creation. Example codes I’ve tried:

def create(cls, vlist):
    records = super(Class, cls).create(vlist)
    for record in records:
        record.first_time_check = False
    Class.save(records) #this line will prompt bypass rule error

    update_query = "UPDATE class SET first_time_check = %s"
    cursor.execute(update_query, (False,)) 
        #this won't prompt bypass rule error but won't work as well. 
        #the records returned is still True.
    return records

Is there a method like def post_create that will only run after the create method so that I can update the field? I tried on_change but I am unable to trigger it after creating the records

Thanks

Hello,

You can in general bypass some access rights by setting the _check_access flag to False in the context before writing your records, or forcing the Transaction’s user to “root”:

# Disable access rights control, however access rule will still be enforced IIRC
with Transaction().set_context(_check_access=False):

# OR

# Use "root" user
with Transaction().set_user(0):

# Then, in the context manager block:

    cls.write(cls.browse([x.id for x in records]),
        {'first_time_check': False})

Ahhh finally. I tried this earlier on but instead of

with Transaction().set_user(0):
    cls.write(cls.browse([x.id for x in records]),
        {'first_time_check': False})

I wrote this which would still prompt the bypassing error

with Transaction().set_user(0):
    for record in records:
        record.first_time_check = False
    cls.save(records)

Thanks for the help.

Yes, this is because the records are bound to the context they were instantiated with.

So you have to “re-browse” to use the new context.

This is a general rule, it is not specific to this particular use case.

Ohh okay understood. And turns out I didn’t even need the first_time_check. By using the root user to create the records, I’m able to bypass the rules as well.

Probably because the records aren’t created yet so it’s not bound to the context, whereas previously I created the records then tried to modify the same records.

@classmethod
def create(cls, vlist):
    with Transaction().set_user(0):
        records = super(Class, cls).create(vlist)
    return records

Doing that is the same as giving perm_create access and/or rules. But at least you will not lost the information about who created the record.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.