[FIX]stock: override search and read method in order to check access because for multi company a child user was also able to see the incoming shipment of parent company where it should not

bzr revid: ado@tinyerp.com-20130405111649-tzf9r2xrii8ktxdj
2013-04-05 16:46:49 +05:30 · 2013-04-05 16:46:49 +05:30 · ebbc6deb52
parent d1d394dbbd bab6cd035a
commit ebbc6deb52
1 changed files with 12 additions and 0 deletions
--- a/addons/stock/stock.py
+++ b/addons/stock/stock.py
@ -2949,6 +2949,12 @@ class stock_picking_in(osv.osv):
    _inherit = "stock.picking"
    _table = "stock_picking"
    _description = "Incoming Shipments"
+    
+    def search(self, cr, user, args, offset=0, limit=None, order=None, context=None, count=False):
+        return self.pool.get('stock.picking').search(cr, user, args, offset, limit, order, context, count)
+    
+    def read(self, cr, uid, ids, fields=None, context=None, load='_classic_read'):
+        return self.pool.get('stock.picking').read(cr, uid, ids, fields=fields, context=context, load=load)

    def check_access_rights(self, cr, uid, operation, raise_exception=True):
        #override in order to redirect the check of acces rights on the stock.picking object
@ -2994,6 +3000,12 @@ class stock_picking_out(osv.osv):
    _inherit = "stock.picking"
    _table = "stock_picking"
    _description = "Delivery Orders"
+    
+    def search(self, cr, user, args, offset=0, limit=None, order=None, context=None, count=False):
+        return self.pool.get('stock.picking').search(cr, user, args, offset, limit, order, context, count)
+
+    def read(self, cr, uid, ids, fields=None, context=None, load='_classic_read'):
+        return self.pool.get('stock.picking').read(cr, uid, ids, fields=fields, context=context, load=load)

    def check_access_rights(self, cr, uid, operation, raise_exception=True):
        #override in order to redirect the check of acces rights on the stock.picking object