From c3db4b206402a0a480e1964df49474e52a7a56c4 Mon Sep 17 00:00:00 2001
From: sergio-teruel <sergio.teruel@tecnativa.com>
Date: Tue, 7 Apr 2026 23:09:17 +0200
Subject: [PATCH] [IMP] product_cost_security: Make tests more resilient

---
 .../models/product_cost_security_mixin.py     | 21 ++++++++++++++++++-
 .../tests/test_product_cost_security.py       |  8 ++++++-
 2 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/product_cost_security/models/product_cost_security_mixin.py b/product_cost_security/models/product_cost_security_mixin.py
index e1bb4411095..665a167accc 100644
--- a/product_cost_security/models/product_cost_security_mixin.py
+++ b/product_cost_security/models/product_cost_security_mixin.py
@@ -4,6 +4,7 @@
 
 from odoo import api, fields, models
 from odoo.exceptions import AccessError
+from odoo.tools import config
 
 
 class ProductCostSecurityMixin(models.AbstractModel):
@@ -60,7 +61,25 @@ def check_field_access_rights(self, operation, fields):
         extra protection to prevent only editing if the user is not in the
         `product_cost_security.group_product_edit_cost` group.
         """
-        valid_fields = super().check_field_access_rights(operation, fields)
+        valid_fields = False
+        if (
+            config["test_enable"]
+            and not self.env.context.get("testing_product_cost_security")
+            and "standard_price" in fields
+        ):
+            # In unrelated tests, users usually do not have this security group.
+            # Apply this bypass only when explicitly testing this module.
+            try:
+                valid_fields = super().check_field_access_rights(operation, fields)
+            except AccessError as e:
+                if (
+                    "You do not have enough rights to access the "
+                    'fields "standard_price" on' in str(e)
+                ):
+                    return fields
+        valid_fields = valid_fields or super().check_field_access_rights(
+            operation, fields
+        )
         if self.env.su:
             return valid_fields
         product_cost_fields = self._product_cost_security_fields().intersection(
diff --git a/product_cost_security/tests/test_product_cost_security.py b/product_cost_security/tests/test_product_cost_security.py
index 37815b4a518..edbd2521046 100644
--- a/product_cost_security/tests/test_product_cost_security.py
+++ b/product_cost_security/tests/test_product_cost_security.py
@@ -17,7 +17,13 @@ def setUpClass(cls):
         # and attempting to change standard_price
         # Without this flag in the context,
         # the system tries to access stock.move, which the user may not have permission.
-        cls.env = cls.env(context=dict(cls.env.context, disable_auto_svl=True))
+        cls.env = cls.env(
+            context=dict(
+                cls.env.context,
+                disable_auto_svl=True,
+                testing_product_cost_security=True,
+            )
+        )
         cls.base_group_user_id = cls.env.ref("base.group_user").id
         cls.product_edit_cost_group_id = cls.env.ref(
             "product_cost_security.group_product_edit_cost"