odoo-addon-dms 17.0.1.2.0__py3-none-any.whl → 18.0.1.0.0.2__py3-none-any.whl

odoo/addons/dms/i18n/pt_BR.po

@@ -2299,204 +2299,3 @@ msgstr "exe,msi"
 #: model_terms:ir.ui.view,arch_db:dms.view_dms_directory_form
 msgid "mail.catchall.domain"
 msgstr ""
-
-#~ msgid ""
-#~ "<i class=\"fa fa-archive\"/>\n"
-#~ "                                                Archive"
-#~ msgstr ""
-#~ "<i class=\"fa fa-archive\"/>\n"
-#~ "                                                Arquivar"
-
-#~ msgid ""
-#~ "<i class=\"fa fa-archive\"/>\n"
-#~ "                                                Unarchive"
-#~ msgstr ""
-#~ "<i class=\"fa fa-archive\"/>\n"
-#~ "                                                Desarquivar"
-
-#~ msgid ""
-#~ "<i class=\"fa fa-download\"/>\n"
-#~ "                                                Download"
-#~ msgstr ""
-#~ "<i class=\"fa fa-download\"/>\n"
-#~ "                                                Baixar"
-
-#~ msgid ""
-#~ "<i class=\"fa fa-external-link\"/>\n"
-#~ "                                                Open"
-#~ msgstr ""
-#~ "<i class=\"fa fa-external-link\"/>\n"
-#~ "                                                Abrir"
-
-#~ msgid ""
-#~ "<i class=\"fa fa-external-link\"/>\n"
-#~ "                                        Open"
-#~ msgstr ""
-#~ "<i class=\"fa fa-external-link\"/>\n"
-#~ "                                        Abrir"
-
-#~ msgid ""
-#~ "<i class=\"fa fa-file-o\"/>\n"
-#~ "                                                Files"
-#~ msgstr ""
-#~ "<i class=\"fa fa-external-link\"/>\n"
-#~ "                                        Abrir"
-
-#~ msgid ""
-#~ "<i class=\"fa fa-folder-o\"/>\n"
-#~ "                                                Directories"
-#~ msgstr ""
-#~ "<i class=\"fa fa-folder-o\"/>\n"
-#~ "                                                Diretórios"
-
-#~ msgid ""
-#~ "<i class=\"fa fa-lock\"/>\n"
-#~ "                                                Lock"
-#~ msgstr ""
-#~ "<i class=\"fa fa-lock\"/>\n"
-#~ "                                                Bloquear"
-
-#~ msgid ""
-#~ "<i class=\"fa fa-pencil-square-o\"/>\n"
-#~ "                                                Edit"
-#~ msgstr ""
-#~ "<i class=\"fa fa-pencil-square-o\"/>\n"
-#~ "                                                Editar"
-
-#~ msgid ""
-#~ "<i class=\"fa fa-pencil-square-o\"/>\n"
-#~ "                                        Edit"
-#~ msgstr ""
-#~ "<i class=\"fa fa-pencil-square-o\"/>\n"
-#~ "                                        Editar"
-
-#~ msgid ""
-#~ "<i class=\"fa fa-trash-o\"/>\n"
-#~ "                                                Delete"
-#~ msgstr ""
-#~ "<i class=\"fa fa-trash-o\"/>\n"
-#~ "                                                Excluir"
-
-#~ msgid ""
-#~ "<i class=\"fa fa-trash-o\"/>\n"
-#~ "                                        Delete"
-#~ msgstr ""
-#~ "<i class=\"fa fa-trash-o\"/>\n"
-#~ "                                                Excluir"
-
-#~ msgid ""
-#~ "<i class=\"fa fa-unlock-alt\"/>\n"
-#~ "                                                Unlock"
-#~ msgstr ""
-#~ "<i class=\"fa fa-unlock-alt\"/>\n"
-#~ "                                                Destravar"
-
-#~ msgid ""
-#~ "<span class=\"o_form_label\">\n"
-#~ "                                        Storages\n"
-#~ "                                    </span>"
-#~ msgstr ""
-#~ "<span class=\"o_form_label\">\n"
-#~ "                                        Armazenamentos\n"
-#~ "                                    </span>"
-
-#~ msgid ""
-#~ "<span class=\"o_form_label\">File\n"
-#~ "                                        Extensions\n"
-#~ "                                    </span>"
-#~ msgstr ""
-#~ "<span class=\"o_form_label\">File\n"
-#~ "                                        Extensões\n"
-#~ "                                    </span>"
-
-#~ msgid "<span class=\"o_form_label\">File Size</span>"
-#~ msgstr "<span class=\"o_form_label\">Tamanho do arquivo</span>"
-
-#, python-format
-#~ msgid "A file with the same name already exists"
-#~ msgstr "Já existe um arquivo com o mesmo nome"
-
-#, python-format
-#~ msgid "A file with the same name already exists."
-#~ msgstr "Já existe um arquivo com o mesmo nome."
-
-#~ msgid "Alias domain"
-#~ msgstr "Domínio alternativo"
-
-#~ msgid ""
-#~ "Define the maximum upload size of a\n"
-#~ "                                        file in MB"
-#~ msgstr ""
-#~ "Defina o tamanho máximo de carregamento de um\n"
-#~ "                                         arquivo em MB"
-
-#~ msgid "Dropdown menu"
-#~ msgstr "Menu Suspenso"
-
-#~ msgid ""
-#~ "Indicate if directories and files access work only with related model "
-#~ "access (for example, if some directories are related with any sale, only "
-#~ "users with read access to these sale can acess)"
-#~ msgstr ""
-#~ "Indica se o acesso a diretórios e arquivos funciona apenas com acesso de "
-#~ "modelo relacionado (por exemplo, se alguns diretórios estiverem "
-#~ "relacionados a alguma venda, apenas usuários com acesso de leitura a "
-#~ "essas vendas poderão acessar)"
-
-#, python-format
-#~ msgid "It is not possible to change parent to other storage."
-#~ msgstr "Não é possível alterar o pai para outro armazenamento."
-
-#~ msgid "Last Modified on"
-#~ msgstr "Última Modificação em"
-
-#, python-format
-#~ msgid "Loading"
-#~ msgstr "Carregando"
-
-#~ msgid "Main Attachment"
-#~ msgstr "Anexo Principal"
-
-#~ msgid "Only admin user"
-#~ msgstr "Somente usuário administrador"
-
-#~ msgid "Operations"
-#~ msgstr "Operações"
-
-#~ msgid "Owner"
-#~ msgstr "Proprietário"
-
-#~ msgid "The configuration is done!"
-#~ msgstr "A configuração está feita!"
-
-#~ msgid ""
-#~ "The owner of records created upon receiving emails on this alias. If this "
-#~ "field is not set the system will attempt to find the right owner based on "
-#~ "the sender (From) address, or will use the Administrator account if no "
-#~ "system user is found for that address."
-#~ msgstr ""
-#~ "O proprietário dos registros criados ao receber e-mails neste alias. Se "
-#~ "este campo não estiver definido, o sistema tentará encontrar o "
-#~ "proprietário correto com base no endereço do remetente (De) ou usará a "
-#~ "conta de Administrador se nenhum usuário do sistema for encontrado para "
-#~ "esse endereço."
-
-#~ msgid ""
-#~ "The save type is used to determine how a file is saved by the\n"
-#~ "        system. If you change this setting, you can migrate existing "
-#~ "files\n"
-#~ "        manually by triggering the action."
-#~ msgstr ""
-#~ "O tipo de salvamento é usado para determinar como um arquivo é salvo "
-#~ "pelo\n"
-#~ "         sistema. Se você alterar essa configuração, poderá migrar os "
-#~ "arquivos existentes\n"
-#~ "         manualmente acionando a ação."
-
-#, python-format
-#~ msgid "Viewer"
-#~ msgstr "Visualizador"
-
-#, python-format
-#~ msgid "Error has not been raised"
-#~ msgstr "O erro não foi levantado"

odoo/addons/dms/models/access_groups.py

@@ -14,7 +14,7 @@ class DmsAccessGroups(models.Model):
     _parent_name = "parent_group_id"
 
     name = fields.Char(string="Group Name", required=True, translate=True)
-    parent_path = fields.Char(index="btree", unaccent=False)
+    parent_path = fields.Char(index="btree")
 
     # Permissions written directly on this group
     perm_create = fields.Boolean(string="Create Access")
@@ -122,9 +122,9 @@ class DmsAccessGroups(models.Model):
         for one in self:
             one.update(
                 {
-                    "perm_inclusive_%s" % perm: (
-                        one["perm_%s" % perm]
-                        or one.parent_group_id["perm_inclusive_%s" % perm]
+                    f"perm_inclusive_{perm}": (
+                        one[f"perm_{perm}"]
+                        or one.parent_group_id[f"perm_inclusive_{perm}"]
                     )
                     for perm in ("create", "unlink", "write")
                 }
@@ -155,10 +155,11 @@ class DmsAccessGroups(models.Model):
             )
             record.update({"users": users, "count_users": len(users)})
 
-    def copy(self, default=None):
-        default = dict(default or {})
-        default["name"] = _("%s (copy)") % self.name
-        return super().copy(default=default)
+    def copy_data(self, default=None):
+        vals_list = super().copy_data(default)
+        for group, vals in zip(self, vals_list, strict=False):
+            vals["name"] = _("%s (copy)") % group.name
+        return vals_list
 
     @api.constrains("parent_path")
     def _check_parent_recursiveness(self):

odoo/addons/dms/models/directory.py

@@ -17,8 +17,6 @@ from odoo.exceptions import UserError, ValidationError
 from odoo.osv.expression import AND, OR
 from odoo.tools import consteq, human_size
 
-from odoo.addons.http_routing.models.ir_http import slugify
-
 from ..tools.file import check_name, unique_name
 
 _logger = logging.getLogger(__name__)
@@ -46,7 +44,7 @@ class DmsDirectory(models.Model):
     _parent_name = "parent_id"
     _directory_field = _parent_name
 
-    parent_path = fields.Char(index="btree", unaccent=False)
+    parent_path = fields.Char(index="btree")
     is_root_directory = fields.Boolean(
         default=False,
         help="""Indicates if the directory is a root directory.
@@ -216,7 +214,7 @@ class DmsDirectory(models.Model):
         """Special rules for directories."""
         self_filter = [
             ("storage_id_inherit_access_from_parent_record", "=", False),
-            ("id", "inselect", self._get_access_groups_query(operation)),
+            ("id", "in", self._get_access_groups_query(operation)),
         ]
         # Upstream only filters by parent directory
         result = super()._get_domain_by_access_groups(operation)
@@ -237,7 +235,7 @@ class DmsDirectory(models.Model):
     def _compute_access_url(self):
         res = super()._compute_access_url()
         for item in self:
-            item.access_url = "/my/dms/directory/%s" % (item.id)
+            item.access_url = f"/my/dms/directory/{item.id}"
         return res
 
     def check_access_token(self, access_token=False):
@@ -278,7 +276,7 @@ class DmsDirectory(models.Model):
                     and consteq(current_directory.access_token, access_token)
                 )
                 or not access_token
-                and current_directory.check_access_rights("read")
+                and current_directory.check_access("read")
             ):
                 return directories
             current_directory = current_directory.parent_id
@@ -389,9 +387,8 @@ class DmsDirectory(models.Model):
     def _compute_complete_name(self):
         for category in self:
             if category.parent_id:
-                category.complete_name = "{} / {}".format(
-                    category.parent_id.complete_name,
-                    category.name,
+                category.complete_name = (
+                    f"{category.parent_id.complete_name} / {category.name}"
                 )
             else:
                 category.complete_name = category.name
@@ -530,7 +527,7 @@ class DmsDirectory(models.Model):
     # Constrains
     @api.constrains("parent_id")
     def _check_directory_recursion(self):
-        if not self._check_recursion():
+        if self._has_cycle():
             raise ValidationError(_("Error! You cannot create recursive directories."))
         return True
 
@@ -594,18 +591,18 @@ class DmsDirectory(models.Model):
         not_starred_records.write({"user_star_ids": [(4, self.env.uid)]})
         starred_records.write({"user_star_ids": [(3, self.env.uid)]})
 
-    def copy(self, default=None):
-        self.ensure_one()
-        default = dict(default or [])
-        if "parent_id" in default:
-            parent_directory = self.browse(default.get("parent_id"))
-            names = parent_directory.sudo().child_directory_ids.mapped("name")
-        elif self.is_root_directory:
-            names = self.sudo().storage_id.root_directory_ids.mapped("name")
-        else:
-            names = self.sudo().parent_id.child_directory_ids.mapped("name")
-        default.update({"name": unique_name(self.name, names)})
-        return super().copy(default)
+    def copy_data(self, default=None):
+        vals_list = super().copy_data(default)
+        for directory, vals in zip(self, vals_list, strict=False):
+            if vals.get("parent_id"):
+                parent_directory = self.browse(vals.get("parent_id"))
+                names = parent_directory.sudo().child_directory_ids.mapped("name")
+            elif directory.is_root_directory:
+                names = self.sudo().storage_id.root_directory_ids.mapped("name")
+            else:
+                names = self.sudo().parent_id.child_directory_ids.mapped("name")
+            vals["name"] = unique_name(directory.name, names)
+        return vals_list
 
     def _alias_get_creation_values(self):
         values = super()._alias_get_creation_values()
@@ -628,7 +625,8 @@ class DmsDirectory(models.Model):
             parent_directory._process_message(msg_dict)
             return parent_directory
         names = parent_directory.child_directory_ids.mapped("name")
-        subject = slugify(msg_dict.get("subject", _("Alias-Mail-Extraction")))
+        slug = self.env["ir.http"]._slug
+        subject = slug(msg_dict.get("subject", _("Alias-Mail-Extraction")))
         defaults = dict(
             {"name": unique_name(subject, names, escape_suffix=True)}, **custom_values
         )

odoo/addons/dms/models/dms_category.py

@@ -40,7 +40,7 @@ class DMSCategory(models.Model):
         comodel_name="dms.category",
         inverse_name="parent_id",
     )
-    parent_path = fields.Char(index="btree", unaccent=False)
+    parent_path = fields.Char(index="btree")
     tag_ids = fields.One2many(
         string="Tags", comodel_name="dms.tag", inverse_name="category_id"
     )
@@ -99,6 +99,6 @@ class DMSCategory(models.Model):
 
     @api.constrains("parent_id")
     def _check_category_recursion(self):
-        if not self._check_recursion():
+        if self._has_cycle():
             raise ValidationError(_("Error! You cannot create recursive categories."))
         return True

odoo/addons/dms/models/dms_file.py

@@ -150,14 +150,14 @@ class DMSFile(models.Model):
             ):
                 one.image_1920 = one.content
 
-    def check_access_rule(self, operation):
-        self.mapped("directory_id").check_access_rule(operation)
-        return super().check_access_rule(operation)
+    def check_access(self, operation):
+        self.mapped("directory_id").check_access(operation)
+        return super().check_access(operation)
 
     def _compute_access_url(self):
         res = super()._compute_access_url()
         for item in self:
-            item.access_url = "/my/dms/file/%s/download" % (item.id)
+            item.access_url = f"/my/dms/file/{item.id}/download"
         return res
 
     def check_access_token(self, access_token=False):
@@ -240,7 +240,7 @@ class DMSFile(models.Model):
         return [extension.strip() for extension in extensions.split(",")]
 
     def _get_icon_placeholder_name(self):
-        return self.extension and "file_%s.svg" % self.extension or ""
+        return self.extension and f"file_{self.extension}.svg" or ""
 
     # Actions
     def action_migrate(self, should_logging=True):
@@ -581,17 +581,16 @@ class DMSFile(models.Model):
             del res_vals["content"]
         return res_vals
 
-    def copy(self, default=None):
-        self.ensure_one()
-        default = dict(default or [])
-        names = self.sudo().directory_id.file_ids.mapped("name")
-        if "directory_id" in default:
-            directory = self.env["dms.directory"].browse(
-                default.get("directory_id", False)
-            )
-            names = directory.sudo().file_ids.mapped("name")
-        default.update({"name": file.unique_name(self.name, names, self.extension)})
-        return super().copy(default)
+    def copy_data(self, default=None):
+        vals_list = super().copy_data(default)
+        for dms_file, vals in zip(self, vals_list, strict=False):
+            if vals.get("directory_id"):
+                directory = self.env["dms.directory"].browse(vals.get("directory_id"))
+                names = directory.sudo().file_ids.mapped("name")
+            else:
+                names = dms_file.sudo().directory_id.file_ids.mapped("name")
+            vals["name"] = file.unique_name(dms_file.name, names, dms_file.extension)
+        return vals_list
 
     @api.model_create_multi
     def create(self, vals_list):

odoo/addons/dms/models/dms_security_mixin.py

@@ -1,5 +1,5 @@
 # Copyright 2020 Creu Blanca
-# Copyright 2021 Tecnativa - Víctor Martínez
+# Copyright 2021-2025 Tecnativa - Víctor Martínez
 # Copyright 2024 Subteno - Timothée Vannier (https://www.subteno.com).
 # License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl).
 
@@ -7,12 +7,14 @@
 from logging import getLogger
 
 from odoo import api, fields, models
+from odoo.exceptions import AccessError
 from odoo.osv.expression import (
     FALSE_DOMAIN,
     NEGATIVE_TERM_OPERATORS,
     OR,
     TRUE_DOMAIN,
 )
+from odoo.tools import SQL
 
 _logger = getLogger(__name__)
 
@@ -86,10 +88,10 @@ class DmsSecurityMixin(models.AbstractModel):
             )
             return
 
-        creatable = self._filter_access_rules("create")
-        readable = self._filter_access_rules("read")
-        unlinkable = self._filter_access_rules("unlink")
-        writeable = self._filter_access_rules("write")
+        creatable = self._filtered_access("create")
+        readable = self._filtered_access("read")
+        unlinkable = self._filtered_access("unlink")
+        writeable = self._filtered_access("write")
         for one in self:
             one.update(
                 {
@@ -135,7 +137,9 @@ class DmsSecurityMixin(models.AbstractModel):
                 )
                 continue
             # Check model access only once per batch
-            if not model.check_access_rights(operation, raise_exception=False):
+            try:
+                model.check_access(operation)
+            except AccessError:
                 continue
             domains.append([("res_model", "=", model._name), ("res_id", "=", False)])
             # Check record access in batch too
@@ -143,7 +147,7 @@ class DmsSecurityMixin(models.AbstractModel):
             # Apply exists to skip records that do not exist. (e.g. a res.partner
             # deleted by database).
             model_records = model.browse(res_ids).exists()
-            related_ok = model_records._filter_access_rules_python(operation)
+            related_ok = model_records._filtered_access(operation)
             if not related_ok:
                 continue
             domains.append(
@@ -161,7 +165,7 @@ class DmsSecurityMixin(models.AbstractModel):
             "unlink": "AND dag.perm_inclusive_unlink",
             "write": "AND dag.perm_inclusive_write",
         }[operation]
-        select = f"""
+        select = f"""(
             SELECT
                 dir_group_rel.aid
             FROM
@@ -172,22 +176,25 @@ class DmsSecurityMixin(models.AbstractModel):
                     ON users.gid = dag.id
             WHERE
                 users.uid = %s {operation_check}
-            """
-        return select, (self.env.uid,)
+            )"""
+        sql = SQL(
+            select,
+            self.env.uid,
+        )
+        return sql
 
     @api.model
     def _get_domain_by_access_groups(self, operation):
         """Get domain for records accessible applying DMS access groups."""
         result = [
             (
-                "%s.storage_id_inherit_access_from_parent_record"
-                % self._directory_field,
+                f"{self._directory_field}.storage_id_inherit_access_from_parent_record",
                 "=",
                 False,
             ),
             (
                 self._directory_field,
-                "inselect",
+                "in",
                 self._get_access_groups_query(operation),
             ),
         ]
@@ -215,7 +222,6 @@ class DmsSecurityMixin(models.AbstractModel):
                 _self._get_domain_by_inheritance(operation),
             ]
         )
-
         if not positive:
             result.insert(0, "!")
         return result
@@ -236,16 +242,37 @@ class DmsSecurityMixin(models.AbstractModel):
     def _search_permission_write(self, operator, value):
         return self._get_permission_domain(operator, value, "write")
 
-    def _filter_access_rules_python(self, operation):
+    def filtered_domain(self, domain):
+        """This method is needed to inhibit the behavior when called from the
+        _check_access() method with sudo() https://github.com/odoo/odoo/blob/fc737a147b9aefbd6ae5d111835ce3f4f7b4240a/odoo/models.py#L4465.
+        It would cause the error that multiple records are not accessed to be
+        displayed.
+        The _filtered_access() method is also overwritten to prevent this sudo()
+        specific behavior and to be able to access only the appropriate records.
+        """
+        if self.env.su:
+            return self
+        return super().filtered_domain(domain)
+
+    def _filtered_access_no_recursion(self, operation: str):
+        """This method is just the same as _filtered_access
+        but it can not be called withoud super due to
+        recursion error.
+        """
+        if self and not self.env.su and (result := self._check_access(operation)):
+            return self - result[0]
+        return self
+
+    def _filtered_access(self, operation):
         # Only kept to not break inheritance; see next comment
-        result = super()._filter_access_rules_python(operation)
+        result = super()._filtered_access(operation)
         # HACK Always fall back to applying rules by SQL.
-        # Upstream `_filter_access_rules_python()` doesn't use computed fields
+        # Upstream `_filtered_access()` doesn't use computed fields
         # search methods. Thus, it will take the `[('permission_{operation}',
         # '=', user.id)]` rule literally. Obviously that will always fail
         # because `self[f"permission_{operation}"]` will always be a `bool`,
         # while `user.id` will always be an `int`.
-        result |= self._filter_access_rules(operation)
+        result |= self._filtered_access_no_recursion(operation)
         return result
 
     @api.model_create_multi
@@ -258,6 +285,5 @@ class DmsSecurityMixin(models.AbstractModel):
         res.flush_recordset()
         # Go back to the original sudo state and check we really had creation permission
         res = res.sudo(self.env.su)
-        res.check_access_rights("create")
-        res.check_access_rule("create")
+        res.check_access("create")
         return res

odoo/addons/dms/models/ir_binary.py

@@ -8,7 +8,7 @@ from odoo import models
 class IrBinary(models.AbstractModel):
     _inherit = "ir.binary"
 
-    def _find_record_check_access(self, record, access_token):
+    def _find_record_check_access(self, record, access_token, field):
         if record._name in ("dms.file", "dms.directory"):
             if record.sudo().check_access_token(access_token):
                 # sudo because the user might not usually have access to the record but
@@ -16,4 +16,4 @@ class IrBinary(models.AbstractModel):
                 # Used to display the icon in the portal.
                 return record.sudo()
 
-        return super()._find_record_check_access(record, access_token)
+        return super()._find_record_check_access(record, access_token, field)

odoo/addons/dms/models/mixins_thumbnail.py

@@ -35,7 +35,7 @@ class Thumbnail(models.AbstractModel):
         """Obtain URL to record icon."""
         local_path = self._get_icon_disk_path()
         icon_name = os.path.basename(local_path)
-        return "/dms/static/icons/%s" % icon_name
+        return f"/dms/static/icons/{icon_name}"
 
     @api.depends("image_128")
     def _compute_icon_url(self):

odoo/addons/dms/models/storage.py

@@ -18,9 +18,9 @@ class Storage(models.Model):
     name = fields.Char(required=True)
     save_type = fields.Selection(
         selection=[
-            ("database", _("Database")),
-            ("file", _("Filestore")),
-            ("attachment", _("Attachment")),
+            ("database", "Database"),
+            ("file", "Filestore"),
+            ("attachment", "Attachment"),
         ],
         default="database",
         required=True,

odoo/addons/dms/readme/CONTRIBUTORS.md

@@ -12,3 +12,5 @@
   - Khanh Bui \<<khanh.bui@mail.elegosoft.com>\>
 - [Subteno](https://www.subteno.com):
   - Timothée Vannier <<tva@subteno.com>>
+- [Kencove](https://www.kencove.com):
+  - Mohamed Alkobrosli <<malkobrosly@kencove.com>>

odoo/addons/dms/readme/ROADMAP.md

@@ -17,3 +17,5 @@
   means. It would be nice to be able to remove that rule at some point.
 - Searchpanel in files: Highlight items (shading) without records when
   filtering something (by name for example).
+- Accessing the clipboard (for example copy share link of file/directory)
+  is limited to secure connections. It also happens in any part of Odoo.