[18.0] [MIG] base_duplicate_security_group#1288
Open
jorgevalmalanetkia wants to merge 12 commits into
Open
Conversation
When the web_responsive module is installed, the tests fail when looking for "Settings" in the menu, because you have to access the menu first to get that option. Adding the extra step to display the menu is the right option so that the tests don't fail whether the web_responsive module is installed or not. TT42816
OCA-git-bot
added
mod:base_duplicate_security_group
jorgevalmalanetkia
force-pushed
the
18.0-mig-base_duplicate_security_group
branch
18 times, most recently
from
05d6598 to
baad0ae
Compare
mariancuadranetkia
approved these changes
May 4, 2026
mariancuadranetkia
left a comment
mariancuadranetkia
left a comment
There was a problem hiding this comment.
LGTM, functional review.
Thanks!
CristianoMafraJunior
suggested changes
May 4, 2026
| "name": "Restrict records duplicating", | ||
| "summary": "Adds a security group to restrict which users can copy records", | ||
| "version": "15.0.1.0.1", | ||
| "version": "18.0.1.0.1", |
Member
There was a problem hiding this comment.
"version": "18.0.1.0.0",
- Updated manifest version to 18.0.1.0.1
- Migrated JavaScript to OWL 2.x framework
- Updated FormView.include() to patch(FormController.prototype)
- Updated imports: web.FormView → @web/views/form/form_controller
- Updated imports: web.session → @web/core/user
- Migrated tour.register() to registry.category('web_tour.tours')
- Updated tour steps to function: steps: () => [...]
- Added explicit 'run' property in tour steps
Breaking changes applied:
- OWL 1.x → OWL 2.x lifecycle patterns
- Session service → User service
- Tour API modernization
jorgevalmalanetkia
force-pushed
the
18.0-mig-base_duplicate_security_group
branch
from
baad0ae to
1c47cae
Compare
Member
|
How does a new feature change the commit name from ADD to IMP? |
…st view The security group restriction was only applied to the form view duplicate button, leaving a security gap: users without the "Duplicate" permission could still duplicate records by selecting them in list view and using the "Duplicate" action. This patch extends the protection to list view by patching ListController to disable the duplicate action for users without permission. Tours and HttpCase tests verify both allowed and forbidden scenarios. The refactoring extracts the permission check into a common disableDuplicate() function to ensure consistency across both form and list views.
jorgevalmalanetkia
force-pushed
the
18.0-mig-base_duplicate_security_group
branch
from
1c47cae to
9144d81
Compare
Author
|
@CristianoMafraJunior can you review again? Thanks in advance |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
ListControllerin addition toFormController, providing comprehensive duplicate control across both view types