[IMP] website: add a group_website_publisher to Display Editor Bar on Website and other editable option

bzr revid: chm@openerp.com-20131119103042-stdyd6r00e1zgli5

addons/website/data/website_data.xml

@@ -40,6 +40,11 @@
             <field name="users" eval="[(4, ref('public_user'))]"/>
         </record>
 
+        <record id="base.group_website_publisher" model="res.groups">
+            <field name="name">Display Editor Bar on Website</field>
+            <field name="users" eval="[(4, ref('base.user_root'))]"/>
+        </record>
+
         <record id="action_module_website" model="ir.actions.act_window">
             <field name="name">Website Apps</field>
             <field name="res_model">ir.module.module</field>

addons/website/models/website.py

@@ -136,11 +136,9 @@ class website(osv.osv):
 
         is_public_user = request.uid == self.get_public_user(cr, uid, context).id
 
-        try:
-            self.pool.get("ir.ui.view").check_access_rights(request.cr, request.uid, 'write')
-            editable = True
-        except:
-            editable = False
+        user = self.pool['res.users'].browse(cr, uid, uid, context=context)
+        website_publisher_id = self.pool.get('ir.model.data').get_object_reference(cr, uid, 'base', 'group_website_publisher')[1]
+        is_website_publisher = website_publisher_id in [g.id for g in user.groups_id]
 
         # Select current language
         if hasattr(request, 'route_lang'):
@@ -158,8 +156,7 @@ class website(osv.osv):
             'multilang': request.multilang,
             'is_public_user': is_public_user,
             'is_master_lang': is_master_lang,
-            'has_access_write': True,
-            'editable': editable,
+            'editable': is_website_publisher,
             'translatable': not is_public_user and not is_master_lang and request.multilang,
         })
 

addons/website/views/website_templates.xml

@@ -111,7 +111,7 @@
 
                         <t t-raw="head or ''"/>
                     </head>
-                    <body t-att-class="has_access_write and 'has_access_write' or ''">
+                    <body>
                         <div id="wrapwrap">
                             <header>
                                 <div class="navbar navbar-default navbar-static-top">
@@ -269,7 +269,7 @@
         </template>
 
         <template id="publish_management">
-            <div t-if="has_access_write" t-ignore="true" class="pull-right" t-att-style="style or ''">
+            <div t-if="editable" t-ignore="true" class="pull-right" t-att-style="style or ''">
                 <div t-attf-class="btn-group js_publish_management #{object.website_published and 'css_published' or 'css_unpublished'}" t-att-data-id="object.id" t-att-data-object="object._name" t-att-data-controller="publish_controller">
                     <button t-attf-class="btn btn-#{object.website_published and 'success' or 'danger'} js_publish_btn">
                         <span class="css_publish">Not Published</span>
@@ -290,7 +290,7 @@
         </template>
 
         <template id="publish_short">
-            <t t-if="has_access_write" t-ignore="true">
+            <t t-if="editable" t-ignore="true">
                 <div t-attf-class="btn-group pull-right js_publish_management #{object.website_published and 'css_published' or 'css_unpublished'}" t-att-data-id="object.id" t-att-data-object="object._name" t-att-data-controller="publish_controller">
                     <button t-attf-class="btn btn-sm btn-#{object.website_published and 'success' or 'danger'} js_publish_btn">
                         <span class="css_publish">Not Published</span>

addons/website_sale/controllers/main.py

@@ -342,7 +342,6 @@ class Ecommerce(http.Controller):
                 domain = [('id', 'in', ids or [0] )] + domain
 
         step = 20
-        print '**', domain
         product_count = len(product_obj.search(request.cr, request.uid, domain, context=request.context))
         pager = request.website.pager(url="/shop/", total=product_count, page=page, step=step, scope=7, url_args=post)
 
@@ -357,14 +356,7 @@ class Ecommerce(http.Controller):
             style_ids = style_obj.search(request.cr, request.uid, [(1, '=', 1)], context=request.context)
             styles = style_obj.browse(request.cr, request.uid, style_ids, context=request.context)
 
-        try:
-            product_obj.check_access_rights(request.cr, request.uid, 'write')
-            has_access_write = True
-        except:
-            has_access_write = False
-
         values = {
-            'has_access_write': has_access_write,
             'Ecommerce': self,
             'product_ids': product_ids,
             'product_ids_for_holes': fill_hole,
@@ -396,14 +388,7 @@ class Ecommerce(http.Controller):
 
         request.context['pricelist'] = self.get_pricelist()
 
-        try:
-            request.registry.get('product.template').check_access_rights(request.cr, request.uid, 'write')
-            has_access_write = True
-        except:
-            has_access_write = False
-
         values = {
-            'has_access_write': has_access_write,
             'Ecommerce': self,
             'category': category,
             'category_list': category_list,

addons/website_sale/views/website_sale.xml

@@ -124,7 +124,7 @@
 
                                 <div class="oe_product_cart" t-att-data-publish="product.website_published and 'on' or 'off'">
 
-                                  <div class="css_options" t-ignore="true" t-if="has_access_write">
+                                  <div class="css_options" t-ignore="true" t-if="is_website_publisher">
                                     <div t-attf-class="dropdown js_options" t-att-data-id="product.id">
                                       <a class="btn btn-default" t-att-id="'dopprod-%s' % product.id" role="button" data-toggle="dropdown">Options <span class="caret"></span></a>
                                       <ul class="dropdown-menu" role="menu" t-att-aria-labelledby="'dopprod-%s' % product.id">