diff --git a/bin/addons/base/ir/ir.xml b/bin/addons/base/ir/ir.xml
index 049b229ae87..b23e870e417 100644
--- a/bin/addons/base/ir/ir.xml
+++ b/bin/addons/base/ir/ir.xml
@@ -639,6 +639,7 @@
+
diff --git a/bin/addons/base/ir/ir_model.py b/bin/addons/base/ir/ir_model.py
index 02f7b6ca21c..ad08ec81f0a 100644
--- a/bin/addons/base/ir/ir_model.py
+++ b/bin/addons/base/ir/ir_model.py
@@ -84,9 +84,10 @@ class ir_model_access(osv.osv):
'perm_read': fields.boolean('Read Access'),
'perm_write': fields.boolean('Write Access'),
'perm_create': fields.boolean('Create Access'),
+ 'perm_unlink': fields.boolean('Delete Permission'),
}
def check(self, cr, uid, model_name, mode='read'):
- assert mode in ['read','write','create'], 'Invalid access mode for security'
+ assert mode in ['read','write','create','unlink'], 'Invalid access mode for security'
# fetch the list of rules for this "permission type" on this model
cr.execute('select group_id, perm_'+mode+' from ir_model_access a left join ir_model m on (a.model_id=m.id) where m.model=%s', (model_name,))
diff --git a/bin/osv/orm.py b/bin/osv/orm.py
index 17f9fc2c285..d33e8766f7a 100644
--- a/bin/osv/orm.py
+++ b/bin/osv/orm.py
@@ -779,9 +779,7 @@ class orm(object):
return res
def unlink(self, cr, uid, ids, context={}):
-#CHECKME: wouldn't it be better to check for the write access instead of create?
-#or alternatively, create a new 'delete' permission
- self.pool.get('ir.model.access').check(cr, uid, self._name, 'create')
+ self.pool.get('ir.model.access').check(cr, uid, self._name, 'unlink')
if not len(ids):
return True
wf_service = netsvc.LocalService("workflow")