mirror of
https://github.com/odoo/runbot.git
synced 2025-03-19 17:35:45 +07:00
b51909fab6
Until now api routes on runbot have been created through custom website pages in production. We want to unify the API by making a 'public' api, inspired by the way `web_search_read` works. This commit adds: - A route to list all publicly available models - A route to do a read on a public model - A route to fetch the publicly available specification for a model - A public model mixin that provides all the tools required to support the above mentionned routes. The mixin adds the ability to add the `public` attribute on fields. Any field marked as public can then be publicly queried through the controller. Relational fields work in a nested manner (`fields` key in the field's sub-specification) (up to a depth of 10). The public api does not allow going through a relationship back and front (parent->child->parent is NOT allowed). Because we are based on `web_search_read`, we heavily focus on validating the specification, for security reasons, and offset the load of reading to the `web_read` function (we currently don't provide limit metadata).
1.0 KiB
1.0 KiB
| 1 | id | name | model_id:id | group_id:id | perm_read | perm_write | perm_create | perm_unlink |
|---|---|---|---|---|---|---|---|---|
| 2 | runbot_test.access_runbot_test_model_parent | access_runbot_test_model_parent | runbot_test.model_runbot_test_model_parent | base.group_user | 1 | 0 | 0 | 0 |
| 3 | runbot_test.access_runbot_test_model_child | access_runbot_test_model_child | runbot_test.model_runbot_test_model_child | base.group_user | 1 | 0 | 0 | 0 |
| 4 | runbot_test.access_runbot_test_model_child_private | access_runbot_test_model_child_private | runbot_test.model_runbot_test_model_child_private | base.group_user | 1 | 0 | 0 | 0 |
| 5 | runbot_test.access_runbot_test_model_parent_admin | access_runbot_test_model_parent_admin | runbot_test.model_runbot_test_model_parent | runbot.group_runbot_admin | 1 | 1 | 1 | 1 |
| 6 | runbot_test.access_runbot_test_model_child_admin | access_runbot_test_model_child_admin | runbot_test.model_runbot_test_model_child | runbot.group_runbot_admin | 1 | 1 | 1 | 1 |
| 7 | runbot_test.access_runbot_test_model_child_admin_private | access_runbot_test_model_child_admin_private | runbot_test.model_runbot_test_model_child_private | runbot.group_runbot_admin | 1 | 1 | 1 | 1 |