Problem
When the config setting spp_starter.registry_admin_only_crud is enabled (default True), spp_starter_sp_mis/static/src/js/registry_restriction.js hides create/edit for non-admin users — the New button, canCreate/canEdit, and the delete/archive/duplicate action-menu entries — on every res.partner list and form. There is no supported way to allow non-admin CRUD on one specific action while keeping the restriction enforced everywhere else.
Downstream implementations sometimes need exactly that: one dedicated res.partner action where a non-admin role (e.g. field operators) can author records, while all other partner views stay restricted. Today the only way is to counter-patch ListController/FormController from a downstream module, which is fragile and depends on Odoo web internals.
Proposed fix
Honour a context flag set on the action:
<field name="context">{'bypass_registry_admin_only_crud': True}</field>
When present, registry_restriction.js skips the restriction for that action's views (the flag follows Odoo's normal context propagation, so relational dialogs opened from the exempt view inherit it — which the authoring use case needs). This flag name is already in use by downstream workarounds, so adopting it lets them delete their JS patches directly.
Affected
spp_starter_sp_mis/static/src/js/registry_restriction.js
- Branch
19.0
Follow-up (out of scope here)
Longer term the restriction could be scoped server-side (registrant-flagged partners, exempt security group, get_view-level presentation) instead of per-model JS; tracked separately.
Problem
When the config setting
spp_starter.registry_admin_only_crudis enabled (default True),spp_starter_sp_mis/static/src/js/registry_restriction.jshides create/edit for non-admin users — the New button,canCreate/canEdit, and the delete/archive/duplicate action-menu entries — on everyres.partnerlist and form. There is no supported way to allow non-admin CRUD on one specific action while keeping the restriction enforced everywhere else.Downstream implementations sometimes need exactly that: one dedicated
res.partneraction where a non-admin role (e.g. field operators) can author records, while all other partner views stay restricted. Today the only way is to counter-patchListController/FormControllerfrom a downstream module, which is fragile and depends on Odoo web internals.Proposed fix
Honour a context flag set on the action:
When present,
registry_restriction.jsskips the restriction for that action's views (the flag follows Odoo's normal context propagation, so relational dialogs opened from the exempt view inherit it — which the authoring use case needs). This flag name is already in use by downstream workarounds, so adopting it lets them delete their JS patches directly.Affected
spp_starter_sp_mis/static/src/js/registry_restriction.js19.0Follow-up (out of scope here)
Longer term the restriction could be scoped server-side (registrant-flagged partners, exempt security group,
get_view-level presentation) instead of per-model JS; tracked separately.