diff --git a/l10n_it_fatturapa_out/tests/__init__.py b/l10n_it_fatturapa_out/tests/__init__.py index ceefd69f2811..5386c4b64db9 100644 --- a/l10n_it_fatturapa_out/tests/__init__.py +++ b/l10n_it_fatturapa_out/tests/__init__.py @@ -3,3 +3,4 @@ from . import fatturapa_common from . import test_fatturapa_xml_validation from . import test_fatturapa_out_noteline +from . import test_wizard_export diff --git a/l10n_it_fatturapa_out/tests/test_wizard_export.py b/l10n_it_fatturapa_out/tests/test_wizard_export.py new file mode 100644 index 000000000000..157d345d26b6 --- /dev/null +++ b/l10n_it_fatturapa_out/tests/test_wizard_export.py @@ -0,0 +1,50 @@ +# Copyright 2026 Stefano Nana - Nextev Srl +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl). + +from lxml import etree + +from odoo.tests import tagged +from odoo.tools.safe_eval import safe_eval + +from .fatturapa_common import FatturaPACommon + + +@tagged("post_install", "-at_install") +class TestWizardExport(FatturaPACommon): + def test_report_print_menu_domain_non_admin(self): + """ + Check that a non-admin user can call name_search on ir.actions.report + with the domain actually defined in the wizard view for the + ``report_print_menu`` field, without getting an AccessError. + + The original domain ``[('binding_model_id', '=', …)]`` triggers + a read on ir.model (via Many2one resolution) which non-admin users + are not allowed to do. The fix uses the ``model`` Char field on + ir.actions.report instead, avoiding the ir.model lookup entirely. + + This test reads the domain straight from the view arch so it will + *fail* whenever the XML contains the broken domain. + """ + non_admin_env = self.env(user=self.account_manager) + self.assertFalse( + non_admin_env.user.has_group("base.group_system"), + "This test requires a non-admin user", + ) + + # ---- extract the domain from the actual view arch ---- + wizard_model = non_admin_env["wizard.export.fatturapa"] + view_result = wizard_model.get_view(view_type="form") + arch = etree.fromstring(view_result["arch"]) + field_node = arch.xpath("//field[@name='report_print_menu']") + self.assertTrue(field_node, "report_print_menu field not found in view") + raw_domain = field_node[0].get("domain", "[]") + + # Evaluate the domain with the same context the UI would use. + # The view uses ``context.get('active_model')``; simulate it. + eval_ctx = {"context": {"active_model": "account.move"}} + domain = safe_eval(raw_domain, eval_ctx) + + # ---- the actual assertion ---- + # If the domain still references binding_model_id, name_search will + # raise AccessError because the non-admin user cannot read ir.model. + non_admin_env["ir.actions.report"].name_search("", args=domain) diff --git a/l10n_it_fatturapa_out/wizard/wizard_export_fatturapa_view.xml b/l10n_it_fatturapa_out/wizard/wizard_export_fatturapa_view.xml index bacc376c3b06..fcbb4f50ceaa 100644 --- a/l10n_it_fatturapa_out/wizard/wizard_export_fatturapa_view.xml +++ b/l10n_it_fatturapa_out/wizard/wizard_export_fatturapa_view.xml @@ -14,7 +14,7 @@