Contributors mailing list archives
Re: Define permissions in website (frontend)by
Camptocamp SA, Simone Orsi
> It would be nice to have a generic module allowing adding a domain to a website page
You can already do this:
1. add a computed field which defines the access level on the page (based on user/group/whatever)
2. add a record rule to protect records based on that field
Watch out: the controller will still find the record and render the page -> you won't get a NotFound nor AccessError immediately.
AccessError will come only if in the template you read the object found.
FTR I still have an old WIP to address this properly here https://github.com/OCA/website-cms/pull/41/files#diff-f7a2db61f359ef873a2d857505c67630R10
On Sun, Sep 27, 2020 at 8:12 AM <email@example.com> wrote:
Thanks for your help Ruben, Simone and Remi.I ended up adding the condition in the controller.(It would be nice to have a generic module allowing adding a domain to a website page)Best.--Yves Goldberg------- Original message -----From: "Rémi CAZENAVE - Le Filament" <firstname.lastname@example.org>To: Contributors <email@example.com>Subject: Re: Define permissions in website (frontend)Date: Thursday, September 24, 2020 10:01Hello Yves,You can also enable authentication for specific URI in proxy configuration, depending on your target architecture it might be easier to deploy than overriding Odoo controllers but it will not be configurable by end users.Best regards,Rémi CAZENAVE - SCOP Le Filament
De : Simone Orsi <firstname.lastname@example.org>Envoyé : 24 septembre 2020 08:42:05 GMT+02:00À : Contributors <email@example.com>Objet : Re: Define permissions in website (frontend)Hello,if the goal is to simply block login, you could override the login/authenticate method and raise a proper error.If you want to block access to a specific route only, override it and raise proper exception when condition is not matched.Bests,On Wed, Sep 23, 2020 at 5:07 PM Yves Goldberg <firstname.lastname@example.org> wrote:Hello,How would I grant access to a website but only for a res_partner fulfilling a condition?user case is publishing a list that is only accessible to partners who have "condition = True".Another option would be to have a public page protected by a single password. Maybe in a popup?Is there a module that could help? any pointer?I was thinking to get in the controller, the user's id from the session and then conditionally return the required data but maybe there is an easier way?Thank you--Yves Goldbergodoo| Official Partner - OCA delegateOpen Source ERP, CRM & CMST +972 (3) 720 8818
M +972 (55) 966 1405T +32 (2) 588 2500----Simone OrsiFull stack Python web developer, Odoo specialist, Odoo Community Board Member, Freelance in love with open source._______________________________________________
Full stack Python web developer, Odoo specialist, Odoo Community Board Member, Freelance in love with open source.