Odoo Server (MOVED TO GITHUB)

Bug #397741
Comment #8

Comment 8 for bug 397741

Revision history for this message

Joël Grand-Guillaume @ camptocamp (jgrandguillaume-c2c) wrote on 2009-07-14:

""" It is comparable. If you create or update objects on new versions (add
links to others objects, for example), you will have to create or update
access rights too."""

=> I think here, creatie only new right management, and don't update existing one could work. So new object come with new right, and old one keep the old settings.

"""The problem is exactly the same than the view editor:
* if you change a view, you have to do an inherit or record in a module,
otherwise you may lose your changes at next update."""

=> I agree, but at the end, you find a way that will kept your updating view ! Making them as "inherit". Isn't possible with security... ?

"""I understand it is frustrating to lose your changes, but I think it's
also critical to have two users on 5.2.0 having a different
configuration, because one migrated from v5.0.0 and the other one
installed v5.2.0 directly. Just think about how complex can be to manage
these side effects after several migrations."""

=> It's already the case now ! With views for exemple,... No one of our customer get the same sale order view, and so on... The same with security... No one of our customer has the same security. We have to deal with that.

I still don't know which solution is the best one.

"""But, for me, it's exactly the same problem than the view editor. So we
must keep like that or change both at once, but not change the access
rights only"""

=> Difficult to find a good solution... And I understand that you may be want to find the same solution for both view editor and security. But it's not really the same in fact, view are more "cosmetics" things that security are not ! If you change a view with the editor, it's not that bad if they disapear, you won't break datas...

With security issues, it's not like that, my bad experience : Disallow the accountant to write account period, cause they change the period dates insteed of the period in it-self. Next update => this is gone, and the first thing the accountant made : change the periodes dates !!!

In my point of view, default update must create new security rules, but keep the existing one on existing objects => this will ensure people they keep their settings. A new parameters need to be place on the server to reset every security configuration, and restore the default setting.

Well, this was my2cents,

Regards,

Joël

""" It is comparable. If you create or update objects on new versions (add 
links to others objects, for example), you will have to create or update 
access rights too."""

=> I think here, creatie only new right management, and don't update existing one could work. So new object come with new right, and old one keep the old settings.

"""The problem is exactly the same than the view editor:
* if you change a view, you have to do an inherit or record in a module, 
otherwise you may lose your changes at next update."""

=> I agree, but at the end, you find a way that will kept your updating view ! Making them as "inherit". Isn't possible with security... ?

"""I understand it is frustrating to lose your changes, but I think it's 
also critical to have two users on 5.2.0 having a different 
configuration, because one migrated from v5.0.0 and the other one 
installed v5.2.0 directly. Just think about how complex can be to manage 
these side effects after several migrations."""

I still don't know which solution is the best one.

"""But, for me, it's exactly the same problem than the view editor. So we 
must keep like that or change both at once, but not change the access 
rights only"""

Well, this was my2cents,

Regards,

Joël