[16.0] mrp_bom_hierarchy: Permission error when viewing BoM with read-only access

[marco-lucaf]

Module

mrp_bom_hierarchy

Describe the bug

When trying to display a BoM in read-only mode to a user with limited permissions, odoo raises a permission error stating that the user needs write access to mrp.bom.line, even though they're only trying to view the bom.

To Reproduce

Affected versions:

• Odoo 16.0 (with mrp_bom_hierarchy module installed)

Steps to reproduce the behavior:

1. Create a user with read-only access to BoMs (without write permissions on mrp.bom.line)
2. Try to view a BoM with this user
3. An access error is raised when the system tries to compute the "has_bom" field

Expected behavior
Users with read-only access should be able to view the BoM hierarchy without encountering permission errors.

Additional context
The issue is in the _compute_has_bom method. When computing whether a BoM line has a sub-BoM, the system tries to access information that requires elevated permissions.

Proposed solution

Adding sudo() to the _compute_has_bom method solves the issue by temporarily elevating the permissions for this specific operation:

@api.depends("product_id", "bom_id")     
def _compute_has_bom(self):         
    self = self.sudo()         
    res = super()._compute_child_bom_id()
        for line in self:
            line.has_bom = bool(line.child_bom_id)
        return res

This allows read-only users to view the BoM hierarchy while maintaining proper security restrictions elsewhere.