Give the rights to create, edit and delete accounting fiscal years and periods

to a new and specific group.

--HG-- branch : 13.0

tests/test_account_fiscalyear.py

@@ -32,4 +32,6 @@
 
     def setUp(self):
         super().setUp()
+
+        # Use a specific user for the unit tests.
         self.group_id = self.ref("account_period.group_account_period")
@@ -35,7 +37,18 @@
         self.group_id = self.ref("account_period.group_account_period")
+        self.account_user = self.env["res.users"].create(
+            {
+                "login": "test@inbox.fr",
+                "name": "User Test",
+                "groups_id": [
+                    (4, self.ref("account.group_account_user")),
+                    (4, self.group_id),
+                ],
+            }
+        )
+
         self.long_past = date(1977, 9, 20)
         # this should not be in any demo data, so use assert, and not a unit
         # assert.
         assert not self.env["account.fiscalyear"].find(self.long_past)
 
     def test_create_period(self):
@@ -36,10 +49,14 @@
         self.long_past = date(1977, 9, 20)
         # this should not be in any demo data, so use assert, and not a unit
         # assert.
         assert not self.env["account.fiscalyear"].find(self.long_past)
 
     def test_create_period(self):
-        fiscalyear = self.env["account.fiscalyear"].create(
+
+        fiscalyear_obj = self.env["account.fiscalyear"].with_user(
+            self.account_user.id
+        )
+        fiscalyear = fiscalyear_obj.create(
             {
                 "code": "something",
                 "name": "anything",
@@ -49,6 +66,7 @@
 
         # Check that without the correct security group, it is not possible to
         # create a period and edit a fiscal year.
-        self.env.user.groups_id = [(3, self.group_id)]
+        fiscalyear.env.user.groups_id = [(3, self.group_id)]
+        fiscalyear.create_period()
         with self.assertRaises(odoo.exceptions.AccessError):
             fiscalyear.create_period()
@@ -53,6 +71,6 @@
         with self.assertRaises(odoo.exceptions.AccessError):
             fiscalyear.create_period()
-        self.env.user.groups_id = [(4, self.group_id)]
+        fiscalyear.user.groups_id = [(4, self.group_id)]
 
         fiscalyear.create_period()
         self.assertEqual(len(fiscalyear.period_ids), 12)
@@ -68,9 +86,9 @@
         # Check that without the correct security group, it is not possible to
         # edit or delete a period.
         period = fiscalyear.period_ids[2]
-        self.env.user.groups_id = [(3, self.group_id)]
+        period.env.user.groups_id = [(3, self.group_id)]
         with self.assertRaises(odoo.exceptions.AccessError):
             period.write({"state": "done"})
         with self.assertRaises(odoo.exceptions.AccessError):
             period.unlink()
 
@@ -72,9 +90,9 @@
         with self.assertRaises(odoo.exceptions.AccessError):
             period.write({"state": "done"})
         with self.assertRaises(odoo.exceptions.AccessError):
             period.unlink()
 
-        self.env.user.groups_id = [(4, self.group_id)]
+        period.env.user.groups_id = [(4, self.group_id)]
         period.write({"state": "done"})
         self.assertEqual(period.state, "done")
         period.unlink()
@@ -108,6 +126,7 @@
         # Check that without the correct security group, it is not possible to
         # create a fiscal year.
         self.env.user.groups_id = [(3, self.group_id)]
+        self.env["account.fiscalyear"].find(self.long_past, create=True)
         with self.assertRaises(odoo.exceptions.AccessError):
             self.env["account.fiscalyear"].find(self.long_past, create=True)
         self.env.user.groups_id = [(4, self.group_id)]