[MIG] base_user_role: migrate to 19.0

- Replace groups_id with group_ids in views/actions
- Bump version to 19.0.1.0.0; adjust manifests/assets
- Use env attributes and Domain expressions
- Adopt new Constraint/Index APIs where applicable

Functional changes

Author: Milan Topuzov

base_user_role/models/role.py

@@ -3,7 +3,8 @@
 import datetime
 import logging
 
-from odoo import SUPERUSER_ID, _, api, fields, models
+from odoo import api, fields, models
+from odoo.api import SUPERUSER_ID
 
 _logger = logging.getLogger(__name__)
 
@@ -40,11 +41,10 @@ class ResUsersRole(models.Model):
         required=False,
     )
     model_access_count = fields.Integer(compute="_compute_model_access_ids")
-    group_category_id = fields.Many2one(
-        related="group_id.category_id",
-        default=lambda cls: cls.env.ref("base_user_role.ir_module_category_role").id,
-        string="Associated category",
-        help="Associated group's category",
+    group_privilege_id = fields.Many2one(
+        related="group_id.privilege_id",
+        string="Associated privilege",
+        help="Privilege assigned to the associated group.",
         readonly=False,
     )
 
@@ -105,7 +105,7 @@ def unlink(self):
 
     def copy(self, default=None):
         self.ensure_one()
-        default = dict(default or {}, name=_("%s (copy)", self.name))
+        default = dict(default or {}, name=self.env._("%s (copy)", self.name))
         return super().copy(default)
 
     def update_users(self):
@@ -117,7 +117,14 @@ def update_users(self):
     @api.model
     def cron_update_users(self):
         logging.info("Update user roles")
-        self.search([]).update_users()
+        offset = 0
+        batch = 2000
+        while True:
+            roles = self.search([], offset=offset, limit=batch)
+            if not roles:
+                break
+            roles.update_users()
+            offset += batch
 
     def show_rule_ids(self):
         action = self.env["ir.actions.actions"]._for_xml_id("base.action_rule")
@@ -148,13 +155,10 @@ class ResUsersRoleLine(models.Model):
     date_from = fields.Date("From")
     date_to = fields.Date("To")
     is_enabled = fields.Boolean("Enabled", compute="_compute_is_enabled")
-    _sql_constraints = [
-        (
-            "user_role_uniq",
-            "unique (user_id,role_id)",
-            "User roles can be assigned to a user only once at a time",
-        )
-    ]
+    _user_role_uniq = models.Constraint(
+        "UNIQUE (user_id, role_id)",
+        "User roles can be assigned to a user only once at a time",
+    )
 
     @api.depends("date_from", "date_to")
     def _compute_is_enabled(self):

base_user_role/models/user.py

@@ -31,10 +31,14 @@ def _compute_show_alert(self):
 
     @api.model
     def _default_role_lines(self):
-        default_user = self.env.ref("base.default_user", raise_if_not_found=False)
+        template_user = self.env.ref(
+            "base.template_portal_user_id", raise_if_not_found=False
+        )
         default_values = []
-        if default_user:
-            for role_line in default_user.with_context(active_test=False).role_line_ids:
+        if template_user:
+            for role_line in template_user.with_context(
+                active_test=False
+            ).role_line_ids:
                 default_values.append(
                     {
                         "role_id": role_line.role_id.id,
@@ -73,13 +77,8 @@ def set_groups_from_roles(self, force=False):
         # We obtain all the groups associated to each role first, so that
         # it is faster to compare later with each user's groups.
         for role in self.mapped("role_line_ids.role_id"):
-            role_groups[role] = list(
-                set(
-                    role.group_id.ids
-                    + role.implied_ids.ids
-                    + role.trans_implied_ids.ids
-                )
-            )
+            # v19: use transitive implied groups provided by ORM
+            role_groups[role] = list(set(role.all_implied_ids.ids))
         for user in self:
             if not user.role_line_ids and not force:
                 continue
@@ -88,12 +87,24 @@ def set_groups_from_roles(self, force=False):
                 role = role_line.role_id
                 group_ids += role_groups[role]
             group_ids = list(set(group_ids))  # Remove duplicates IDs
-            groups_to_add = list(set(group_ids) - set(user.groups_id.ids))
-            groups_to_remove = list(set(user.groups_id.ids) - set(group_ids))
+            # Preserve admin only if dropping it would leave zero administrators
+            admin_group = self.env.ref("base.group_system", raise_if_not_found=False)
+            if (
+                admin_group
+                and admin_group.id in user.group_ids.ids
+                and admin_group.id not in group_ids
+            ):
+                other_admins = self.sudo().search_count(
+                    [("id", "!=", user.id), ("group_ids", "in", admin_group.id)]
+                )
+                if other_admins == 0:
+                    group_ids.append(admin_group.id)
+            groups_to_add = list(set(group_ids) - set(user.group_ids.ids))
+            groups_to_remove = list(set(user.group_ids.ids) - set(group_ids))
             to_add = [(4, gr) for gr in groups_to_add]
             to_remove = [(3, gr) for gr in groups_to_remove]
             groups = to_remove + to_add
             if groups:
-                vals = {"groups_id": groups}
+                vals = {"group_ids": groups}
                 super(ResUsers, user).write(vals)
         return True

base_user_role/tests/test_user_role.py

@@ -20,7 +20,7 @@ def setUpClass(cls):
 
         cls.company1 = cls.env.ref("base.main_company")
         cls.company2 = cls.env["res.company"].create({"name": "company2"})
-        cls.default_user = cls.env.ref("base.default_user")
+        cls.default_user = cls.env.ref("base.template_portal_user_id")
         cls.user_id = cls.user_model.create(
             {"name": "USER TEST (ROLES)", "login": "user_test_roles"}
         )
@@ -61,7 +61,7 @@ def setUpClass(cls):
                 "name": "User 2",
                 "company_id": cls.company1.id,
                 "company_ids": [(6, 0, [cls.company1.id, cls.company2.id])],
-                "groups_id": [(6, 0, cls.env.ref("base.group_erp_manager").ids)],
+                "group_ids": [(6, 0, cls.env.ref("base.group_erp_manager").ids)],
                 "login": "multicompany_user_1",
             }
         )
@@ -70,7 +70,7 @@ def setUpClass(cls):
                 "name": "User 2",
                 "company_id": cls.company2.id,
                 "company_ids": [(6, 0, [cls.company2.id])],
-                "groups_id": [(6, 0, cls.env.ref("base.group_user").ids)],
+                "group_ids": [(6, 0, cls.env.ref("base.group_user").ids)],
                 "login": "multicompany_user_2",
             }
         )
@@ -84,18 +84,14 @@ def setUpClass(cls):
 
     def test_role_1(self):
         self.user_id.write({"role_line_ids": [(0, 0, {"role_id": self.role1_id.id})]})
-        user_group_ids = sorted({group.id for group in self.user_id.groups_id})
-        role_group_ids = self.role1_id.trans_implied_ids.ids
-        role_group_ids.append(self.role1_id.group_id.id)
-        role_group_ids = sorted(set(role_group_ids))
+        user_group_ids = sorted({group.id for group in self.user_id.group_ids})
+        role_group_ids = sorted(set(self.role1_id.all_implied_ids.ids))
         self.assertEqual(user_group_ids, role_group_ids)
 
     def test_role_2(self):
         self.user_id.write({"role_line_ids": [(0, 0, {"role_id": self.role2_id.id})]})
-        user_group_ids = sorted({group.id for group in self.user_id.groups_id})
-        role_group_ids = self.role2_id.trans_implied_ids.ids
-        role_group_ids.append(self.role2_id.group_id.id)
-        role_group_ids = sorted(set(role_group_ids))
+        user_group_ids = sorted({group.id for group in self.user_id.group_ids})
+        role_group_ids = sorted(set(self.role2_id.all_implied_ids.ids))
         self.assertEqual(user_group_ids, role_group_ids)
 
     def test_role_1_2(self):
@@ -107,11 +103,9 @@ def test_role_1_2(self):
                 ]
             }
         )
-        user_group_ids = sorted({group.id for group in self.user_id.groups_id})
-        role1_group_ids = self.role1_id.trans_implied_ids.ids
-        role1_group_ids.append(self.role1_id.group_id.id)
-        role2_group_ids = self.role2_id.trans_implied_ids.ids
-        role2_group_ids.append(self.role2_id.group_id.id)
+        user_group_ids = sorted({group.id for group in self.user_id.group_ids})
+        role1_group_ids = self.role1_id.all_implied_ids.ids
+        role2_group_ids = self.role2_id.all_implied_ids.ids
         role_group_ids = sorted(set(role1_group_ids + role2_group_ids))
         self.assertEqual(user_group_ids, role_group_ids)
 
@@ -130,16 +124,14 @@ def test_role_1_2_with_dates(self):
                 ]
             }
         )
-        user_group_ids = sorted({group.id for group in self.user_id.groups_id})
-        role1_group_ids = self.role1_id.trans_implied_ids.ids
-        role1_group_ids.append(self.role1_id.group_id.id)
-        role_group_ids = sorted(set(role1_group_ids))
+        user_group_ids = sorted({group.id for group in self.user_id.group_ids})
+        role_group_ids = sorted(set(self.role1_id.all_implied_ids.ids))
         self.assertEqual(user_group_ids, role_group_ids)
 
     def test_role_unlink(self):
         # Get role1 and role2 groups
-        role1_groups = self.role1_id.trans_implied_ids | self.role1_id.group_id
-        role2_groups = self.role2_id.trans_implied_ids | self.role2_id.group_id
+        role1_groups = self.role1_id.all_implied_ids
+        role2_groups = self.role2_id.all_implied_ids
 
         # Configure the user with role1 and role2
         self.user_id.write(
@@ -151,23 +143,23 @@ def test_role_unlink(self):
             }
         )
         # Check user has groups from role1 and role2
-        self.assertLessEqual(role1_groups, self.user_id.groups_id)
-        self.assertLessEqual(role2_groups, self.user_id.groups_id)
+        self.assertLessEqual(role1_groups, self.user_id.group_ids)
+        self.assertLessEqual(role2_groups, self.user_id.group_ids)
         # Remove role2
         self.role2_id.unlink()
         # Check user has groups from only role1
-        self.assertLessEqual(role1_groups, self.user_id.groups_id)
-        self.assertFalse(role2_groups <= self.user_id.groups_id)
+        self.assertLessEqual(role1_groups, self.user_id.group_ids)
+        self.assertFalse(role2_groups <= self.user_id.group_ids)
         # Remove role1
         self.role1_id.unlink()
         # Check user has no groups from role1 and role2
-        self.assertFalse(role1_groups <= self.user_id.groups_id)
-        self.assertFalse(role2_groups <= self.user_id.groups_id)
+        self.assertFalse(role1_groups <= self.user_id.group_ids)
+        self.assertFalse(role2_groups <= self.user_id.group_ids)
 
     def test_role_line_unlink(self):
         # Get role1 and role2 groups
-        role1_groups = self.role1_id.trans_implied_ids | self.role1_id.group_id
-        role2_groups = self.role2_id.trans_implied_ids | self.role2_id.group_id
+        role1_groups = self.role1_id.all_implied_ids
+        role2_groups = self.role2_id.all_implied_ids
 
         # Configure the user with role1 and role2
         self.user_id.write(
@@ -179,22 +171,22 @@ def test_role_line_unlink(self):
             }
         )
         # Check user has groups from role1 and role2
-        self.assertLessEqual(role1_groups, self.user_id.groups_id)
-        self.assertLessEqual(role2_groups, self.user_id.groups_id)
+        self.assertLessEqual(role1_groups, self.user_id.group_ids)
+        self.assertLessEqual(role2_groups, self.user_id.group_ids)
         # Remove role2 from the user
         self.user_id.role_line_ids.filtered(
             lambda rl: rl.role_id.id == self.role2_id.id
         ).unlink()
         # Check user has groups from only role1
-        self.assertLessEqual(role1_groups, self.user_id.groups_id)
-        self.assertFalse(role2_groups <= self.user_id.groups_id)
+        self.assertLessEqual(role1_groups, self.user_id.group_ids)
+        self.assertFalse(role2_groups <= self.user_id.group_ids)
         # Remove role1 from the user
         self.user_id.role_line_ids.filtered(
             lambda rl: rl.role_id.id == self.role1_id.id
         ).unlink()
         # Check user has no groups from role1 and role2
-        self.assertFalse(role1_groups <= self.user_id.groups_id)
-        self.assertFalse(role2_groups <= self.user_id.groups_id)
+        self.assertFalse(role1_groups <= self.user_id.group_ids)
+        self.assertFalse(role2_groups <= self.user_id.group_ids)
 
     def test_default_user_roles(self):
         self.default_user.write(
@@ -222,7 +214,7 @@ def test_role_multicompany(self):
         role.with_context(allowed_company_ids=self.company1.ids).read()
         # Downgrade multicompany user 1 to common user
         self.multicompany_user_1.write(
-            {"groups_id": [(6, 0, self.env.ref("base.group_user").ids)]}
+            {"group_ids": [(6, 0, self.env.ref("base.group_user").ids)]}
         )
         # Check that the user cannot read multicompany data again since it lost
         # its admin privileges
@@ -247,8 +239,8 @@ def test_create_role_from_user(self):
         # Check that the role has the same groups as the user
         role_id = result["res_id"]
         role = self.role_model.browse([role_id])
-        user_group_ids = sorted(set(self.user_id.groups_id.ids))
-        role_group_ids = sorted(set(role.trans_implied_ids.ids))
+        user_group_ids = sorted(set(self.user_id.group_ids.ids))
+        role_group_ids = sorted(set(role.implied_ids.ids))
         self.assertEqual(user_group_ids, role_group_ids)
 
     def test_show_alert_computation(self):
@@ -261,7 +253,7 @@ def test_show_alert_computation(self):
         self.assertFalse(self.user_id.show_alert)
 
     def test_group_groups_into_role(self):
-        user_group_ids = self.user_id.groups_id.ids
+        user_group_ids = self.user_id.group_ids.ids
         # Check that there is not a role with name: Test Role
         self.assertFalse(self.role_model.search([("name", "=", "Test Role")]))
         # Call create_role function to group groups into a role

base_user_role/views/role.xml

@@ -41,7 +41,13 @@
                     </group>
                     <notebook>
                         <page string="Groups">
-                            <field name="implied_ids" nolabel="1" />
+                            <field
+                                name="implied_ids"
+                                nolabel="1"
+                                widget="many2many_tags"
+                                class="w-100"
+                                options="{'no_create': True}"
+                            />
                         </page>
                         <page string="Users">
                             <field name="line_ids" nolabel="1">

base_user_role/views/user.xml

@@ -62,7 +62,7 @@
         <field name="model">res.users</field>
         <field name="inherit_id" ref="base.view_users_tree" />
         <field name="arch" type="xml">
-            <field name="company_id" position="before">
+            <field name="role" position="after">
                 <field name="role_ids" widget="many2many_tags" />
             </field>
         </field>

base_user_role/wizards/create_from_user.py

@@ -28,7 +28,7 @@ def create_from_user(self):
             }
         )
 
-        role.implied_ids = [(6, 0, user.groups_id.ids)]
+        role.implied_ids = [(6, 0, user.group_ids.ids)]
 
         if self.assign_to_user:
             role_line_obj.create(