[MERGE] trunk

bzr revid: al@openerp.com-20121111014431-bxrn6tte0anyba5v

.bzrignore

@@ -1,14 +1,19 @@
-.*
-*.egg-info
-*.orig
-*.vim
+.*.swp
+.bzrignore
+.idea
+.project
+.pydevproject
+.ropeproject
+.settings
+.DS_Store
+openerp/addons/*
+openerp/filestore*
+.Python
+*.pyc
+*.pyo
+bin/*
 build/
-RE:^bin/
-RE:^dist/
-RE:^include/
-
-RE:^share/
-RE:^man/
-RE:^lib/
-
-RE:^doc/_build/
+include/
+lib/
+share/
+doc/_build/*

README

@@ -6,17 +6,9 @@ Customer Relationship Management software. More info at:
 
     http://www.openerp.com
 
-Installation on Debian Ubuntu
+Installation on Debian/Ubuntu
 -----------------------------
 
-Download the deb file and type:
-
-    $ sudo dpkg -i <openerp-deb-filename>
-    $ sudo apt-get install install -f
-
-Installation on Debian Ubuntu from nightly build
-------------------------------------------------
-
 Add the the apt repository
 
     deb http://nightly.openerp.com/6.1/deb/ ./
@@ -26,6 +18,11 @@ in your source.list and type:
     $ sudo apt-get update
     $ sudo apt-get install openerp
 
+Or download the deb file and type:
+
+    $ sudo dpkg -i <openerp-deb-filename>
+    $ sudo apt-get install install -f
+
 Installation on RedHat, Fedora, CentOS
 --------------------------------------
 
@@ -42,6 +39,8 @@ Install the openerp rpm
 Installation on Windows
 -----------------------
 
+    Check the notes in setup.py
+
 Installation on MacOSX
 -----------------------
 
@@ -54,14 +53,7 @@ default master password is "admin".
 Detailed System Requirements
 ----------------------------
 
-You need the following software installed:
-
- postgresql-client, python-dateutil, python-feedparser, python-gdata,
- python-ldap, python-libxslt1, python-lxml, python-mako, python-openid,
- python-psycopg2, python-pybabel, python-pychart, python-pydot,
- python-pyparsing, python-reportlab, python-simplejson, python-tz,
- python-vatnumber, python-vobject, python-webdav, python-werkzeug, python-xlwt,
- python-yaml, python-zsi
+The dependencies are listed in setup.py
 
 For Luxembourg localization, you also need:
 

debian/control

@@ -16,13 +16,15 @@ Depends:
  python,
  postgresql-client,
  python-dateutil,
+ python-docutils,
  python-feedparser,
  python-gdata,
  python-ldap,
  python-libxslt1,
  python-lxml,
  python-mako,
  python-openid,
+ python-psutil,
  python-psycopg2,
  python-pybabel,
  python-pychart,

doc/api/field_level_acl.rst

@@ -0,0 +1,45 @@
+Field-level access control
+==========================
+
+.. versionadded:: 7.0
+
+OpenERP now supports real access control at the field level, not just on the view side.
+Previously it was already possible to set a ``groups`` attribute on a ``<field>`` element
+(or in fact most view elements), but with cosmetics effects only: the element was made
+invisible on the client side, while still perfectly available for read/write access at
+the RPC level.
+
+As of OpenERP 7.0 the existing behavior is preserved on the view level, but a new ``groups``
+attribute is available on all model fields, introducing a model-level access control on
+each field. The syntax is the same as for the view-level attribute::
+
+    _columns = {
+        'secret_key': fields.char('Secret Key', groups="base.group_erp_manager,base.group_system")
+     }
+
+There is a major difference with the view-level ``groups`` attribute: restricting
+the access at the model level really means that the field will be completely unavailable
+for users who do not belong to the authorized groups:
+
+* Restricted fields will be **completely removed** from all related views, not just
+  hidden. This is important to keep in mind because it means the field value will not be
+  available at all on the client side, and thus unavailable e.g. for ``on_change`` calls.
+* Restricted fields will not be returned as part of a call to
+  :meth:`~openerp.osv.orm.fields_get` or :meth:`~openerp.osv.orm.fields_view_get`
+  This is in order to avoid them appearing in the list of fields available for
+  advanced search filters, for example. This does not prevent getting the list of
+  a model's fields by querying ``ir.model.fields`` directly, which is fine. 
+* Any attempt to read or write directly the value of the restricted fields will result
+  in an ``AccessError`` exception.
+* As a consequence of the previous item, restricted fields will not be available for
+  use within search filters (domains) or anything that would require read or write access.
+* It is quite possible to set ``groups`` attributes for the same field both at the model
+  and view level, even with different values. Both will carry their effect, with the
+  model-level restriction taking precedence and removing the field completely in case of
+  restriction.
+
+.. note:: The tests related to this feature are in ``openerp/tests/test_acl.py``.
+
+.. warning:: At the time of writing the implementation of this feature is partial
+             and does not yet restrict read/write RPC access to the field.
+             The corresponding test is written already but currently disabled.

doc/api/startup.rst

@@ -2,6 +2,8 @@
 Start-up script
 ---------------
 
+.. versionadded:: 6.1
+
 To run the OpenERP server, the conventional approach is to use the
 `openerp-server` script.  It loads the :ref:`openerp library`, sets a few
 configuration variables corresponding to command-line arguments, and starts to
@@ -11,9 +13,6 @@ Depending on your deployment needs, you can write such a start-up script very
 easily. We also recommend you take a look at an alternative tool called
 `openerp-command` that can, among other things, launch the server.
 
-.. versionadded:: 6.1
-
 Yet another alternative is to use a WSGI-compatible HTTP server and let it call
 into one of the WSGI entry points of the server.
 
-.. versionadded:: 6.1

doc/conf.py

@@ -16,9 +16,10 @@
 # If extensions (or modules to document with autodoc) are in another directory,
 # add these directories to sys.path here. If the directory is relative to the
 # documentation root, use os.path.abspath to make it absolute, like shown here.
+#sys.path.insert(0, os.path.abspath('.'))
 sys.path.append(os.path.abspath('_themes'))
-sys.path.insert(0, os.path.abspath('../addons'))
-sys.path.insert(0, os.path.abspath('..'))
+sys.path.append(os.path.abspath('..'))
+sys.path.append(os.path.abspath('../openerp'))
 
 # -- General configuration -----------------------------------------------------
 
@@ -42,17 +43,17 @@
 master_doc = 'index'
 
 # General information about the project.
-project = u'OpenERP Web Developers Documentation'
+project = u'OpenERP Server Developers Documentation'
 copyright = u'2012, OpenERP s.a.'
 
 # The version info for the project you're documenting, acts as replacement for
 # |version| and |release|, also used in various other places throughout the
 # built documents.
 #
 # The short X.Y version.
-version = '6.1'
+version = '7.0'
 # The full version, including alpha/beta/rc tags.
-release = '6.1'
+release = '7.0b'
 
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.
@@ -170,7 +171,7 @@
 #html_file_suffix = None
 
 # Output file base name for HTML help builder.
-htmlhelp_basename = 'openerp-web-doc'
+htmlhelp_basename = 'openerp-server-doc'
 
 
 # -- Options for LaTeX output --------------------------------------------------
@@ -189,7 +190,7 @@
 # Grouping the document tree into LaTeX files. List of tuples
 # (source start file, target name, title, author, documentclass [howto/manual]).
 latex_documents = [
-  ('index', 'openerp-web-doc.tex', u'OpenERP Web Developers Documentation',
+  ('index', 'openerp-server-doc.tex', u'OpenERP Server Developers Documentation',
    u'OpenERP s.a.', 'manual'),
 ]
 
@@ -219,7 +220,7 @@
 # One entry per manual page. List of tuples
 # (source start file, name, description, authors, manual section).
 man_pages = [
-    ('index', 'openerp-web-doc', u'OpenERP Web Developers Documentation',
+    ('index', 'openerp-server-doc', u'OpenERP Server Developers Documentation',
      [u'OpenERP s.a.'], 1)
 ]
 
@@ -233,8 +234,8 @@
 # (source start file, target name, title, author,
 #  dir menu entry, description, category)
 texinfo_documents = [
-  ('index', 'OpenERPWebDocumentation', u'OpenERP Web Developers Documentation',
-   u'OpenERP s.a.', 'OpenERPWebDocumentation', 'Developers documentation for the openerp-web project.',
+  ('index', 'OpenERPServerDocumentation', u'OpenERP Server Developers Documentation',
+   u'OpenERP s.a.', 'OpenERPServerDocumentation', 'Developers documentation for the openobject-server project.',
    'Miscellaneous'),
 ]
 
@@ -251,6 +252,6 @@
 # Example configuration for intersphinx: refer to the Python standard library.
 intersphinx_mapping = {
     'python': ('http://docs.python.org/', None),
-    'openerpserver': ('http://doc.openerp.com/trunk/developers/server', None),
+    'openerpweb': ('http://doc.openerp.com/trunk/developers/web', None),
     'openerpdev': ('http://doc.openerp.com/trunk/developers', None),
 }