I am having problem using sudo in Odoo version 11. Checking doc, I think the same problem exists in version 12. Using sudo generate log with wrong(?) user. For e.g. I override confirm_sale to use sudo.
from odoo import api, fields, models
class SaleOrder(models.Model):
_inherit = 'sale.order'
def action_confirm(self):
return super(SaleOrder, self.sudo()).action_confirm()
Then let say when "Sale User" confirm sale order, log is shown as if "Administrator" approved sale order. Information is lost on who really confirmed sale order.
Question: So, my question is I want to use sudo but still record correctly who made changes.
Clarification/Use Case: Removing sudo and adding necessary permissions for user can solve the problem. But my very often use case is one group of users can only create/edit data and one or more groups can only confirm/approve data without edit permission. So, sudo is necessary.
You can use this OCA module https://apps.odoo.com/apps/modules/11.0/base_suspend_security/
Just install the module and use suspend_security() instead of sudo(), it will bypass access rights but keep the current user on log
Fixes: Currently I am using the below fixes for this problem.
Adding additional field to record who confirmed data.
In Odoo 13, this feature is added. From doc, "The superuser mode does not change the current user, and simply bypasses access rights checks." https://www.odoo.com/documentation/13.0/reference/orm.html#altering-the-environment
Related
I got an error on my Odoo like on the picture, I've checked the user already has access to the user group. It's very thankful if you can help me.
I need more information but whenever you parform the action you are doing a security record rule is trggered, you can try the hard mode, go to security record rules and disable one rule and try and re enable after.
I add this setting (see on the picture) on the user's group I want to give access and it's solved. Apparently it's because the user does not have access to Object ir.filters which most of my modules use this.
I'm a tester and my manager has add new team project to the TFS and add my user and a developer user for this team project, when I've tried to add any type of work items the list of "Assigned To" shows all the users correctly, except for the "bug work item" only, I can't assigned to any user and shows that it is not in the list of supported values.
how can I solve this problem?
First, make sure the work item that you're manipulating currently in a state that has a valid transition to New. Otherwise, you will not be able to save the changes.
If you have customized the bug work item type. According to sounds like a rule in the bug workflow or field.
If you run the [witadmin exportwitd] command and export the bug work item type, look for the Assigned To Field and look at the rules on the field. Also take a look at the section and look at the rules for the transitions.
Also take a look at this similar question on TFS2015 Bug/Task unable to assign it to someone else than the user that creates it, try the suggestion mentioned in the link:
needed to give the relevant global top-level permissions for everyone
to view stuff
Just run the below in order to grant the needed rights :
tfssecurity /a+ Server FrameworkGlobalSecurity GenericRead
> "[DefaultCollection]\Project Collection Valid Users" ALLOW
> /collection:http://tfsserver:8080/tfs/DefaultCollection
I'm working with Sitecore 8 Update 2.
I'm looking for a way to get some statistics on how many sitecore users are logged in ( over time, not just right now).
Mainly i would like to see if the actual amount of people working on the system is close to the maximum amount of users allowed by the license. Otherwise a company might be seriously overpaying.
Is there already an out of the box solution or a module available for this ?
If you visit this page:
<your-domain>/sitecore/client/Applications/LicenseOptions/KickUser
It will give you a list of all the currently logged in CMS users. That page is a SPEAK application and has a datasource called ActiveUsersDataSource. In the code, this datasource uses the DomainAccessGuard.Sessions property to get a list of all the sessions.
So if you just want a list, the KickUser page should be enough. If you want to run a report you can use the DomainAccessGuard.Sessions property as a start. You could use that to write a report with Sitecore Powershell Extensions pretty simply.
Log files usually contain audit information about login / logout. E.g.:
6140 13:57:33 INFO AUDIT (sitecore\djanjicek): Login
...
7512 14:02:57 INFO AUDIT (sitecore\djanjicek): Logout
With Sitecore Log Analyzer you should be able to filter your log files on the audit trails.
https://marketplace.sitecore.net/Modules/S/Sitecore_Log_Analyzer.aspx
If you need a web based solution then you could write an admin page that reads all log files and outputs the required lines in a timely fashion.
Also, you can try this:
var x = Membership.Providers["sql"].GetNumberOfUsersOnline();
where "sql" is you membership provider name defined in configuration.
We need to find the user who has installed msi using powershell.
I was trying to search via HKEY_USERS ,but it is providing sid of the user not the user name of who installed the msi.
Is there any way to find the Installed user ?
(If you have a sid, you can find out the user name, why not?)
But the best way, if the msi is yours, is to save that information during the setup in a registry value, or .ini file you can read out later.
There are two properties, "LogonUser", and "USERNAME", the latter is the user really installing.
If you have no influence on the msi itself, I am not sure, if it is so easy. Interpreting sids seems a good way then.
Nevertheless:
The standard way is to use the API routines MsiGetProductInfo() or MsiGetProductInfoEx(). You can google in MSDN. But I am not sure if they always contain information if these data were not registered during setup dialog. So maybe they are empty after a silent install if there was no registration dialog? I have never used them to find the user who has installed as software. Normally in own setups this is done with explicit dialogs or actions.
One of the way might be by using reg key but there is a function in the windows installer API called MsiEnumProductsEx
you have to specify User SID it querys and checks all installed product for all users
Hi I'm am trying to get the list of issues from a JIRA server using the SOAP API provided by JIRA.
I'm trying to filter the issues based on a custom field (and latter I will want to set that custom field).
If I get the list of issue it returns the custom fields for those issues along with them (I get customfieldId, key, values for each custom field) and I can get the custom field with getCustomFields methods provided by the API (to look for the ID of the field with a given name).
The issue I have is that if I login with an account that is not an admin (using the API) I can't call the getCustomFields method (it throws an exception saying I have to be an admin to do that).
My question is: Is there any other way to know which is the ID of the custom field I desire that can be done using a normal user account?
Also if you know how to set a custom field for an issue, it would also be very helpful :) (I would also like to be able to do it with a regular user account).
You have to be an admin to get a list of custom fields. Any 'normal' account can act on the custom fields via the API provided the user knows the customfield ID.
You can set the value of a custom field too, even with a 'normal' account. Again, the user needs the appropriate permissions to do this. Example provided here.
More here and here.
You can also use getFieldsForEdit(token, issueKey), which will return RemoteField[] for all fields available for edit on that issue (even if it has not yet been defined on the issue). It does not require admin permissions, but because it has the word "Edit" in the method, it does require that you have permission to edit the issue (which means, e.g., if the issue is status=Closed, it will raise an exception unless you allow editing closed issues. Unfortunately, I have yet to find a way to retrieve the RemoteField[] list (in order to map id to name), so getCustomFields() and getFieldsForEdit() appear to be the only options.
Have you tried getting a list of issues from the project, picking one, zeroing out the data, and using that as a template? That might work.
SOAP is being deprecated in favor of the REST API, which also has a better method to get this information