[FIX] base: don't lose sudo when searching partners

luisg123v · mart-e · commit c91cf1a2a7f1 · 2022-08-09T17:00:52.000+02:00
Currently, when searching a partner through a related record using `sudo()`, the superuser privileges are used when searching the record, but not when searching the related partner. That's because the su flag is lost during the call to with_user, even if it was to keep the same user. For instance, a code like the following wouldn't work if the current user has no enough rights (e.g. the public user): self.sudo().search([('partner_id', 'ilike', 'John Doe')]) To solve the above, the with_user is called only when a specific name_get_uid is given, as done in the _search implementation. closes odoo#83156 Signed-off-by: Raphael Collet <rco@odoo.com>
diff --git a/odoo/addons/base/models/res_partner.py b/odoo/addons/base/models/res_partner.py
@@ -759,7 +759,7 @@ def _get_name_search_order_by_fields(self):
 
     @api.model
     def _name_search(self, name, args=None, operator='ilike', limit=100, name_get_uid=None):
-        self = self.with_user(name_get_uid or self.env.uid)
+        self = self.with_user(name_get_uid) if name_get_uid else self
         # as the implementation is in SQL, we force the recompute of fields if necessary
         self.recompute(['display_name'])
         self.flush()
diff --git a/odoo/addons/base/tests/test_res_partner.py b/odoo/addons/base/tests/test_res_partner.py
@@ -3,7 +3,7 @@
 
 from odoo.tests import Form
 from odoo.tests.common import TransactionCase
-from odoo.exceptions import UserError
+from odoo.exceptions import AccessError, UserError
 
 
 class TestPartner(TransactionCase):
@@ -20,6 +20,13 @@ def test_name_search(self):
         ns_res = self.env['res.partner'].name_search('Vlad', args=[('user_ids.email', 'ilike', 'vlad')])
         self.assertEqual(set(i[0] for i in ns_res), set(test_user.partner_id.ids))
 
+        # Check a partner may be searched when current user has no access but sudo is used
+        public_user = self.env.ref('base.public_user')
+        with self.assertRaises(AccessError):
+            test_partner.with_user(public_user).check_access_rule('read')
+        ns_res = self.env['res.partner'].with_user(public_user).sudo().name_search('Vlad', args=[('user_ids.email', 'ilike', 'vlad')])
+        self.assertEqual(set(i[0] for i in ns_res), set(test_user.partner_id.ids))
+
     def test_name_get(self):
         """ Check name_get on partner, especially with different context
         Check name_get correctly return name with context. """
