Skip to content

Comments

[18.0] [MIG] pos_product_cost_security#2120

Open
parvezqureshi wants to merge 10 commits intoOCA:18.0from
parvezqureshi:18_mig_pos_product_cost_security
Open

[18.0] [MIG] pos_product_cost_security#2120
parvezqureshi wants to merge 10 commits intoOCA:18.0from
parvezqureshi:18_mig_pos_product_cost_security

Conversation

@parvezqureshi
Copy link

@parvezqureshi parvezqureshi commented Oct 31, 2025

No description provided.

chienandalu and others added 9 commits October 31, 2025 11:51
@chienandalu @parvezqureshi
pos_product_cost_security: glue module
7726deb 
Glue module between Point of Sale and Product Cost Security
@parvezqureshi
flag **pos_override_cost_security** on _loadMissingProducts
84b2eb8
@mymage @parvezqureshi
Added translation using Weblate (Italian)
07afe53
@chienandalu @parvezqureshi
pos_product_cost_security: multi-company issues
fa7b395 
In a multicompany environment, doing a sudo() to override the security
in the PoS data loading could bring us more data than needed. Therefore
we just use the sudo to retrieve the cost and then join the data
altogether retrived with the user's permissions.

TT48609
@chienandalu @parvezqureshi
pos_product_cost_security: Migration to 16.0
77b38c9 
TT49660
@weblate @parvezqureshi
Update translation files
4f899d7 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: product-attribute-16.0/product-attribute-16.0-pos_product_cost_security
Translate-URL: https://translation.odoo-community.org/projects/product-attribute-16-0/product-attribute-16-0-pos_product_cost_security/
@mymage @parvezqureshi
Translated using Weblate (Italian)
6ab25ef 
Currently translated at 100.0% (2 of 2 strings)

Translation: product-attribute-16.0/product-attribute-16.0-pos_product_cost_security
Translate-URL: https://translation.odoo-community.org/projects/product-attribute-16-0/product-attribute-16-0-pos_product_cost_security/it/
@bizzappdev @parvezqureshi
pos_product_cost_security: pre-commit auto fixes
e5875c3
@bizzappdev @parvezqureshi
pos_product_cost_security: Migration to 17.0
3cf0f40
cvinh
cvinh suggested changes Oct 31, 2025
View reviewed changes
Copy link

@cvinh cvinh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tested it in runboat and I have no products in the pos screen with admin account (not belonging to any product_cost group)

@parvezqureshi
Copy link
Author

parvezqureshi commented Oct 31, 2025

not belonging to

Without this module, we got permission errors.
This is a glue module to avoid permission errors when loading data in the Point of Sale if the user has no standard_price (cost) field permissions.

Screenshot_from_2025-10-31_12-43-43

For showing product, you want to add product_cost group.

image

@cvinh
Copy link

cvinh commented Oct 31, 2025

I'm sorry, I didn't know this module before, is it supposed to hide all products from a pos session and just hide error ... and only let people that have the right to see product cost to sell a product ? This is weird so I don't think so...
I know a guy who knows the answer... @pedrobaeza
#556

@pedrobaeza
Copy link
Member

pedrobaeza commented Oct 31, 2025

/ocabot migration pos_product_cost_security

This bridge module allows to bypass the problem, as the way things are loaded in PoS and the groups ORM handling in fields is a bit "tricky".

@OCA-git-bot OCA-git-bot added this to the 18.0 milestone Oct 31, 2025
@OCA-git-bot OCA-git-bot mentioned this pull request Oct 31, 2025
Open
69 tasks
@cvinh
Copy link

cvinh commented Oct 31, 2025
edited
Loading

/ocabot migration pos_product_cost_security

This bridge module allows to bypass the problem, as the way things are loaded in PoS and the groups ORM handling in fields is a bit "tricky".

Oh I see, then I understand better how pos_product_cost_security works. This is a sum up

  • in v16 : without pos_product_cost_security the point of sale does not open at all with access right error. If we install the module, the point of sale opens and the seller can use it even if he has no cost access rights...
  • in this PR : with or without the pos_product_cost_security, the point of sale opens but there are no products. if we search a product with "Search More" button, we have the access right error.

The expected behavior is that a user without the cost rights can use the point of sale

@parvezqureshi I think the PR from which you started does not work neither

@parvezqureshi parvezqureshi force-pushed the 18_mig_pos_product_cost_security branch from 392b966 to cd6d889 Compare November 10, 2025 06:37
cvinh
cvinh approved these changes Nov 13, 2025
View reviewed changes
Copy link

@cvinh cvinh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tested in runboat

@cvinh
Copy link

cvinh commented Jan 17, 2026

I added a fix to hide margin and cost fields in the backend https://github.com/parvezqureshi/product-attribute/pull/1/commits ... unless it's a core odoo's bug
@pedrobaeza we can open an issue at Odoo and wait... or merge this commit here... WDYT ?
@parvezqureshi please don't merge my PR before Pedro's answer

@pedrobaeza
Copy link
Member

pedrobaeza commented Jan 18, 2026

The patch seems correct.

@cvinh
Copy link

cvinh commented Jan 24, 2026
edited
Loading

There is an issue with my patch parvezqureshi#1 (comment)
The pos session fails to load... access denied on cost field

@cvinh
Copy link

cvinh commented Feb 6, 2026

I'm wondering how this module will work with OCA/pos#1483
@Tisho99 do you have the use case where some employees are not allowed to see costs ?

@Tisho99
Copy link

Tisho99 commented Feb 6, 2026

Hello @cvinh,

I don’t have that specific use case. I’ve been testing OCA/pos#1483 using a POS user with minimum permissions, and I haven’t been able to reproduce the issue.

I assume this might be because I don’t have the product_cost_security module installed in my database.

In any case, both modules are available in version 17, and I don't think any problems have ever been found with them.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@cvinh cvinh cvinh approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

18.0

Development

Successfully merging this pull request may close these issues.

9 participants

@parvezqureshi @cvinh @pedrobaeza @Tisho99 @OCA-git-bot @chienandalu @mymage @weblate @bizzappdev