[REM] applications: warning about deactivating the admin user#18938
Open
mege-odoo wants to merge 1 commit into
Open
[REM] applications: warning about deactivating the admin user#18938mege-odoo wants to merge 1 commit into
mege-odoo wants to merge 1 commit into
Conversation
The warning is redundant because Odoo prevents you from archiving the currently logged in user. The only way you'd be able to remove access from a database by archiving an admin user would be to do so for all admin users as the superuser. The superuser section of the access rights page warns against locking yourself out that way: https://www.odoo.com/documentation/19.0/applications/general/users/access_rights.html#superuser-mode It also causes confusion, because Odoo has a default admin user with an id defined in the external reference `base.user_admin`. If code relies on that user being present, it can indeed cause problems when archived. But Odoo should support that use case, and be robust against it. You should be able to archive the default admin user. See the discussion in odoo/odoo#264352 . If you ask odoo.com/help if you should be able to archive the default admin user, it'll say you should never do that citing this section. Hence this change removes the section altogether. The main risk for locking yourself out of your database is changing access rights, and the documentation page for that has multiple warnings about it. Unless you are the superuser or use direct SQL, you should not be able to lock all admin users out of the database through archiving in the UI.
Collaborator
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.

The warning is redundant because Odoo prevents you from archiving the currently logged in user. The only way you'd be able to remove access from a database by archiving an admin user would be to do so for all admin users as the superuser. The superuser section of the access rights page warns against locking yourself out that way:
https://www.odoo.com/documentation/19.0/applications/general/users/access_rights.html#superuser-mode
It also causes confusion, because Odoo has a default admin user with an id defined in the external reference
base.user_admin. If code relies on that user being present, it can indeed cause problems when archived. But Odoo should support that use case, and be robust against it. You should be able to archive the default admin user. See the discussion in odoo/odoo#264352 .If you ask odoo.com/help if you should be able to archive the default admin user, it'll say you should never do that citing this section.
Hence this change removes the section altogether. The main risk for locking yourself out of your database is changing access rights, and the documentation page for that has multiple warnings about it. Unless you are the superuser or use direct SQL, you should not be able to lock all admin users out of the database through archiving in the UI.