From 86cc746d5f41107569e8c6190fc583cab701c1ac Mon Sep 17 00:00:00 2001 From: Abdallah Almashaqbeh Date: Wed, 1 Apr 2026 11:29:16 +0300 Subject: [PATCH] [FIX] dms: allow unarchiving DMS files for non-superusers The _check_access_dms_record method uses self.search(domain) to verify write permissions. However, search() applies active_test=True by default, which excludes archived records (active=False). This means when a user tries to unarchive a file via toggle_active(), the write permission check cannot find the archived record in the search results, causing an AccessError even when the user has full write permissions through DMS access groups. Fix: add active_test=False context to include archived records in the permission check search. --- dms/models/dms_security_mixin.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dms/models/dms_security_mixin.py b/dms/models/dms_security_mixin.py index fb96ec0c3..87f65a449 100644 --- a/dms/models/dms_security_mixin.py +++ b/dms/models/dms_security_mixin.py @@ -282,7 +282,7 @@ def _check_access_dms_record(self, operation: str) -> tuple | None: if any(self._ids) and not self.env.su: Rule = self.env["ir.rule"] domain = Rule._compute_domain(self._name, operation) - items = self.search(domain) + items = self.with_context(active_test=False).search(domain) if any(x_id not in items.ids for x_id in self.ids): raise Rule._make_access_error(operation, (self - items))