From fe00f4c31928e22875f36f2f9998df49c2c7fa43 Mon Sep 17 00:00:00 2001
From: Giovanni Francesco Capalbo <giovanni@therp.nl>
Date: Mon, 11 Apr 2022 11:36:15 +0200
Subject: [PATCH 1/2] [ADD] pre-review version

---
 auditlog/:w                                   |  13 ++
 auditlog/models/rule.py                       |   2 +
 auditlog/views/auditlog_view.xml              |   2 +-
 auditlog_security/README.rst                  | 112 +++++++++++++++++
 auditlog_security/__init__.py                 |   3 +
 auditlog_security/__manifest__.py             |  21 ++++
 auditlog_security/demo/auditlog_rule.xml      |  10 ++
 auditlog_security/models/__init__.py          |   5 +
 .../models/auditlog_autovacuum.py             |  14 +++
 auditlog_security/models/auditlog_rule.py     |  71 +++++++++++
 auditlog_security/models/ir_rule.py           |  52 ++++++++
 auditlog_security/readme/CONTRIBUTORS.rst     |   1 +
 auditlog_security/readme/CREDITS.rst          |   0
 auditlog_security/readme/DESCRIPTION.rst      |   3 +
 auditlog_security/readme/ROADMAP.rst          |   1 +
 auditlog_security/readme/USAGE.rst            |  10 ++
 .../security/ir.model.access.csv              |   3 +
 auditlog_security/views/auditlog_view.xml     | 114 ++++++++++++++++++
 18 files changed, 436 insertions(+), 1 deletion(-)
 create mode 100644 auditlog/:w
 create mode 100644 auditlog_security/README.rst
 create mode 100644 auditlog_security/__init__.py
 create mode 100644 auditlog_security/__manifest__.py
 create mode 100644 auditlog_security/demo/auditlog_rule.xml
 create mode 100644 auditlog_security/models/__init__.py
 create mode 100644 auditlog_security/models/auditlog_autovacuum.py
 create mode 100644 auditlog_security/models/auditlog_rule.py
 create mode 100644 auditlog_security/models/ir_rule.py
 create mode 100644 auditlog_security/readme/CONTRIBUTORS.rst
 create mode 100644 auditlog_security/readme/CREDITS.rst
 create mode 100644 auditlog_security/readme/DESCRIPTION.rst
 create mode 100644 auditlog_security/readme/ROADMAP.rst
 create mode 100644 auditlog_security/readme/USAGE.rst
 create mode 100644 auditlog_security/security/ir.model.access.csv
 create mode 100644 auditlog_security/views/auditlog_view.xml

diff --git a/auditlog/:w b/auditlog/:w
new file mode 100644
index 00000000000..8b489702eb1
--- /dev/null
+++ b/auditlog/:w
@@ -0,0 +1,13 @@
+# Copyright 2021 Therp B.V.
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
+
+from odoo import models, api 
+
+
+class AuditlogAutovacuum(models.TransientModel):
+    _inherit = 'auditlog.autovacuum'
+
+    @api.model
+    def autovaccum(self, days):
+        return super(AuditlogAutovacuum, self.with_context(
+            auditlog_write=True)).autovacuum(days=days)
diff --git a/auditlog/models/rule.py b/auditlog/models/rule.py
index 6cdc7233ccd..e7a3c8f6492 100644
--- a/auditlog/models/rule.py
+++ b/auditlog/models/rule.py
@@ -449,6 +449,8 @@ def _create_log_line_on_write(
             self, log, fields_list, old_values, new_values):
         """Log field updated on a 'write' operation."""
         log_line_model = self.env['auditlog.log.line']
+        import pudb
+        pudb.set_trace()
         for field_name in fields_list:
             if field_name in FIELDS_BLACKLIST:
                 continue
diff --git a/auditlog/views/auditlog_view.xml b/auditlog/views/auditlog_view.xml
index 2ec7b480896..8eaefc4e36a 100644
--- a/auditlog/views/auditlog_view.xml
+++ b/auditlog/views/auditlog_view.xml
@@ -193,7 +193,7 @@
         <field name="name">Logs</field>
         <field name="res_model">auditlog.log</field>
         <field name="view_type">form</field>
-        <field name="search_view_id" ref="view_auditlog_log_search"/>
+        <field name="search_view_id" ref="auditlog.view_auditlog_log_search"/>
     </record>
 
     <menuitem id="menu_audit_logs" name="Logs"
diff --git a/auditlog_security/README.rst b/auditlog_security/README.rst
new file mode 100644
index 00000000000..bff1095f5fa
--- /dev/null
+++ b/auditlog_security/README.rst
@@ -0,0 +1,112 @@
+=========
+Audit Log
+=========
+
+.. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! This file is generated by oca-gen-addon-readme !!
+   !! changes will be overwritten.                   !!
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
+    :target: https://odoo-community.org/page/development-status
+    :alt: Beta
+.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
+    :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
+    :alt: License: AGPL-3
+.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--tools-lightgray.png?logo=github
+    :target: https://github.com/OCA/server-tools/tree/11.0/auditlog
+    :alt: OCA/server-tools
+.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
+    :target: https://translation.odoo-community.org/projects/server-tools-11-0/server-tools-11-0-auditlog
+    :alt: Translate me on Weblate
+.. |badge5| image:: https://img.shields.io/badge/runbot-Try%20me-875A7B.png
+    :target: https://runbot.odoo-community.org/runbot/149/11.0
+    :alt: Try me on Runbot
+
+|badge1| |badge2| |badge3| |badge4| |badge5| 
+
+This module allows the administrator to log user operations performed on data
+models such as ``create``, ``read``, ``write`` and ``delete``.
+
+**Table of contents**
+
+.. contents::
+   :local:
+
+Usage
+=====
+
+Go to `Settings / Technical / Audit / Rules` to subscribe rules. A rule defines
+which operations to log for a given data model.
+
+.. image:: https://raw.githubusercontent.com/auditlog/static/description/rule.png
+
+Then, check logs in the `Settings / Technical / Audit / Logs` menu. You can
+group them by user sessions, date, data model or HTTP requests:
+
+.. image:: https://raw.githubusercontent.com/auditlog/static/description/logs.png
+
+Get the details:
+
+.. image:: https://raw.githubusercontent.com/auditlog/static/description/log.png
+
+A scheduled action exists to delete logs older than 6 months (180 days)
+automatically but is not enabled by default.
+To activate it and/or change the delay, go to the
+`Configuration / Technical / Automation / Scheduled Actions` menu and edit the
+`Auto-vacuum audit logs` entry:
+
+.. image:: https://raw.githubusercontent.com/auditlog/static/description/autovacuum.png
+
+Known issues / Roadmap
+======================
+
+ * log only operations triggered by some users (currently it logs all users)
+ * log read operations does not work on all data models, need investigation
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-tools/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us smashing it by providing a detailed and welcomed
+`feedback <https://github.com/OCA/server-tools/issues/new?body=module:%20auditlog%0Aversion:%2011.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Do not contact contributors directly about support or help with technical issues.
+
+Credits
+=======
+
+Authors
+~~~~~~~
+
+* ABF OSIELL
+
+Contributors
+~~~~~~~~~~~~
+
+* Sebastien Alix <sebastien.alix@camptocamp.com>
+* Holger Brunn <hbrunn@therp.nl>
+* Holden Rehg <holdenrehg@gmail.com>
+
+Other credits
+~~~~~~~~~~~~~
+
+* Icon: built with different icons from the `Oxygen theme <https://en.wikipedia.org/wiki/Oxygen_Project>`_ (LGPL)
+
+Maintainers
+~~~~~~~~~~~
+
+This module is maintained by the OCA.
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+This module is part of the `OCA/server-tools <https://github.com/OCA/server-tools/tree/11.0/auditlog>`_ project on GitHub.
+
+You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
diff --git a/auditlog_security/__init__.py b/auditlog_security/__init__.py
new file mode 100644
index 00000000000..31660d6a965
--- /dev/null
+++ b/auditlog_security/__init__.py
@@ -0,0 +1,3 @@
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
+
+from . import models
diff --git a/auditlog_security/__manifest__.py b/auditlog_security/__manifest__.py
new file mode 100644
index 00000000000..5e196c31fa3
--- /dev/null
+++ b/auditlog_security/__manifest__.py
@@ -0,0 +1,21 @@
+# Copyright 2021 Therp B.V. <https://www.therp.nl>
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
+
+{
+    "name": "Audit Log Permissions",
+    "version": "11.0.1.0.1",
+    "author": "Therp B.V.,Odoo Community Association (OCA)",
+    "license": "AGPL-3",
+    "website": "https://github.com/OCA/server-tools/",
+    "category": "Tools",
+    "depends": [
+        "auditlog",
+        "contacts",
+    ],
+    "data": [
+        "demo/auditlog_rule.xml",
+        "views/auditlog_view.xml",
+    ],
+    "application": True,
+    "installable": True,
+}
diff --git a/auditlog_security/demo/auditlog_rule.xml b/auditlog_security/demo/auditlog_rule.xml
new file mode 100644
index 00000000000..eb7639adc6e
--- /dev/null
+++ b/auditlog_security/demo/auditlog_rule.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<odoo noupdate="1">
+
+        <record id="main_partner_rule" model="auditlog.rule">
+            <field name='name'>main auditlog partner rule</field>
+            <field name="model_id" ref="base.model_res_partner"/>
+            <field name="state">subscribed</field>
+        </record>
+
+</odoo>
diff --git a/auditlog_security/models/__init__.py b/auditlog_security/models/__init__.py
new file mode 100644
index 00000000000..aa60319d2a3
--- /dev/null
+++ b/auditlog_security/models/__init__.py
@@ -0,0 +1,5 @@
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
+
+from . import auditlog_rule
+from . import ir_rule
+from . import auditlog_autovacuum
diff --git a/auditlog_security/models/auditlog_autovacuum.py b/auditlog_security/models/auditlog_autovacuum.py
new file mode 100644
index 00000000000..c37db710aaf
--- /dev/null
+++ b/auditlog_security/models/auditlog_autovacuum.py
@@ -0,0 +1,14 @@
+# Copyright 2021 Therp B.V.
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
+
+from odoo import models, api
+
+
+class AuditlogAutovacuum(models.TransientModel):
+    _inherit = "auditlog.autovacuum"
+
+    @api.model
+    def autovaccum(self, days):
+        return super(
+            AuditlogAutovacuum, self.with_context(auditlog_write=True)
+        ).autovacuum(days=days)
diff --git a/auditlog_security/models/auditlog_rule.py b/auditlog_security/models/auditlog_rule.py
new file mode 100644
index 00000000000..fd45558ca70
--- /dev/null
+++ b/auditlog_security/models/auditlog_rule.py
@@ -0,0 +1,71 @@
+# Copyright 2021 Therp B.V.
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
+
+from odoo import models, fields, api, modules, _
+from odoo.addons.auditlog.models.rule import FIELDS_BLACKLIST
+
+
+class AuditlogRule(models.Model):
+    _inherit = "auditlog.rule"
+
+    field_ids = fields.Many2many(
+        "ir.model.fields",
+        required=True,
+    )
+    group_ids = fields.Many2many(
+        "res.groups",
+        string="Groups",
+        help="""Groups that will be allowed to see the logged fields, if left empty 
+                all groups will be allowed (global rule creation)""",
+    )
+
+    """ note this solution will work only with a hardcoded design of models,
+    because on initialization , self.model_id.id still is not defined.
+    for now, to keep generality we put the filtering in the view."""
+
+    def get_field_ids_domain(self):
+        return [
+            ("model_id", "=", self.env.ref("base.model_res_partner").id),
+            ("name", "not in", FIELDS_BLACKLIST),
+        ]
+
+    def unlink(self):
+        # if we delete auditlog rule, corresponding ir.rules are removed
+        # TODO PROPOSAL: a warning here with detailed information?
+        res = super(AuditlogRule, self).unlink()
+        return (
+            res
+            and self.env["ir.rule"]
+            .with_context(auditlog_write=True)
+            .search([("auditlog_id", "in", self.ids)])
+            .unlink()
+        )
+
+    @api.multi
+    def write(self, vals):
+        res = super(AuditlogRule, self).write(vals)
+        for this in self:
+            if any([x in vals for x in ("group_ids", "field_ids", "model_id")]):
+                this.generate_rules()
+        return res
+
+    def generate_rules(self):
+        old_rule = self.env["ir.rule"].search([("auditlog_id", "=", self.id)], limit=1)
+        domain_force = (
+            "[ "
+            + " ('log_id.model_id' , '=', %s)," % (self.model_id.id)
+            + "('field_id', 'in',  %s)" % (self.field_ids.ids)
+            + "]"
+        )
+        values = {
+            "name": "auditlog_extended_%s" % self.id,
+            "model_id": self.env.ref("auditlog.model_auditlog_log_line").id,
+            "groups": [(6, 0, self.group_ids.ids)],
+            "perm_read": True,
+            "domain_force": domain_force,
+            "auditlog_id": self.id,
+        }
+        if old_rule:
+            old_rule.with_context(auditlog_write=True).write(values)
+        else:
+            self.with_context(auditlog_write=True).env["ir.rule"].create(values)
diff --git a/auditlog_security/models/ir_rule.py b/auditlog_security/models/ir_rule.py
new file mode 100644
index 00000000000..44176e14afe
--- /dev/null
+++ b/auditlog_security/models/ir_rule.py
@@ -0,0 +1,52 @@
+# Copyright 2021 Therp B.V.
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
+
+from odoo import exceptions, models, fields, api, _
+
+
+class IrRule(models.Model):
+    _inherit = "ir.rule"
+
+    auditlog_id = fields.Many2one(
+        "auditlog.rule",
+        required=False,
+        help="Auditlog Rule that generated this ir.rule",
+    )
+
+    def prevent_rule_mod(self, vals=None):
+        auditlog_write = self.env.context.get("auditlog_write")
+        if "auditlog_id" in vals and not auditlog_write:
+            raise exceptions.validationerror(_("""Cannot change auditlog_id"""))
+        for this in self:
+            if this.auditlog_id and not auditlog_write:
+                raise exceptions.validationerror(
+                    _(
+                        """
+                     auditlog line rules are automatically generated from the auditlog 
+                     interface, please use that to edit/delete/"""
+                    )
+                )
+
+    @api.model
+    def create(self, values):
+        if values.get("model_id") == self.env.ref(
+            "auditlog.model_auditlog_log_line"
+        ).id and not self.env.context.get("auditlog_write"):
+            raise exceptions.ValidationError(
+                _(
+                    """
+                 Auditlog line rules are automatically generated from the auditlog 
+                 interface, please use that to create"""
+                )
+            )
+        return super(IrRule, self).create(values)
+
+    @api.multi
+    def write(self, vals):
+        self.prevent_rule_mod(vals)
+        return super(IrRule, self).write(vals)
+
+    @api.multi
+    def unlink(self):
+        self.prevent_rule_mod()
+        return super(IrRule, self).unlink()
diff --git a/auditlog_security/readme/CONTRIBUTORS.rst b/auditlog_security/readme/CONTRIBUTORS.rst
new file mode 100644
index 00000000000..addcc3f4a2b
--- /dev/null
+++ b/auditlog_security/readme/CONTRIBUTORS.rst
@@ -0,0 +1 @@
+* Giovanni Francesco Capalbo <giovanni@therp.nl>
diff --git a/auditlog_security/readme/CREDITS.rst b/auditlog_security/readme/CREDITS.rst
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/auditlog_security/readme/DESCRIPTION.rst b/auditlog_security/readme/DESCRIPTION.rst
new file mode 100644
index 00000000000..2d056774e16
--- /dev/null
+++ b/auditlog_security/readme/DESCRIPTION.rst
@@ -0,0 +1,3 @@
+This module allows extends auditlog, allowing specific log lines to be viewed only
+by users belonging to specific views, while all other lines are allowed only to 
+administrator.
diff --git a/auditlog_security/readme/ROADMAP.rst b/auditlog_security/readme/ROADMAP.rst
new file mode 100644
index 00000000000..8b137891791
--- /dev/null
+++ b/auditlog_security/readme/ROADMAP.rst
@@ -0,0 +1 @@
+
diff --git a/auditlog_security/readme/USAGE.rst b/auditlog_security/readme/USAGE.rst
new file mode 100644
index 00000000000..8fa4cd27178
--- /dev/null
+++ b/auditlog_security/readme/USAGE.rst
@@ -0,0 +1,10 @@
+Go to `Settings / Technical / Audit / Rules` to subscribe rules. A rule defines
+which operations to log for a given data model.
+The rule is now extended with a new field permission_ids, that tells us wich groups will
+be allowed to read the lines produced by this rule.
+If permission_ids is left empty, the default will be: 
+"auditlog lines visible only by administrator"
+
+
+Then, check logs in the `Settings / Technical / Audit / Logs` menu. You can
+group them by user sessions, date, data model , HTTP requests.
diff --git a/auditlog_security/security/ir.model.access.csv b/auditlog_security/security/ir.model.access.csv
new file mode 100644
index 00000000000..005a168ba9d
--- /dev/null
+++ b/auditlog_security/security/ir.model.access.csv
@@ -0,0 +1,3 @@
+id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
+access_auditlog_log_line_user,auditlog_log_line_user,model_auditlog_log_line,base.group_user,1,0,0,0
+access_auditlog_log_user,auditlog_log_user,model_auditlog_log,base.group_user,1,0,0,0
diff --git a/auditlog_security/views/auditlog_view.xml b/auditlog_security/views/auditlog_view.xml
new file mode 100644
index 00000000000..46df0263ce9
--- /dev/null
+++ b/auditlog_security/views/auditlog_view.xml
@@ -0,0 +1,114 @@
+<?xml version="1.0" encoding="utf-8"?>
+<odoo>
+
+    <record model="ir.ui.view" id="view_auditlog_log_line_form">
+        <field name="name">auditlog.log.line.form</field>
+        <field name="model">auditlog.log.line</field>
+        <field name="arch" type="xml">
+                <form string="Log - Field updated">
+                    <group>
+                        <field name="field_id" readonly="1"/>
+                    </group>
+                    <group string="Values" col="4">
+                        <field name="old_value" readonly="1"/>
+                        <field name="new_value" readonly="1"/>
+                        <field name="old_value_text" readonly="1"/>
+                        <field name="new_value_text" readonly="1"/>
+                    </group>
+                </form>
+        </field>
+    </record>
+
+    
+    <record model="ir.ui.view" id="view_auditlog_log_line_tree">
+        <field name="name">auditlog.log.line.tree</field>
+        <field name="model">auditlog.log.line</field>
+        <field name="arch" type="xml">
+                <tree>
+                    <field name="field_description"/>
+                    <field name="field_name"/>
+                    <!--<field name="old_value"/>-->
+                    <field name="old_value_text"/>
+                    <!--<field name="new_value"/>-->
+                    <field name="new_value_text"/>
+                </tree>
+        </field>
+    </record>
+
+    <!-- show logs for partner out side of technical too, now that we have rules
+    for all types of users, will place in "contact" -->
+    
+
+    <record id="auditlog_form_view_ext" model="ir.ui.view">                                       
+        <field name="name">auditlog rule form extension</field>                   
+        <field name="model">auditlog.rule</field>                                             
+        <field name="inherit_id" ref="auditlog.view_auditlog_rule_form"/>                         
+        <field name="arch" type="xml">                                                  
+            <xpath expr="//group[last()]" position="after">          
+                <group>
+                    <!-- in the domain are the blacklisted fields in auditlog they 
+                    would be skipped anyway, so we repeat here to avoid incongruencies 
+                    -->
+                    <field name="field_ids"
+                        domain="[('model_id', '=' , model_id),('name', 'not in', ['id', 'create_uid', 'create_date', 'write_uid', 'write_date','display_name', '__last_update']) ]"
+                        />
+                </group>
+                <group>
+                    <field name="group_ids"/>                         
+                </group>
+            </xpath>                                                                 
+
+
+        </field>                                                                        
+    </record>                  
+
+    <record id="auditlog_tree_view_ext" model="ir.ui.view">                                       
+        <field name="name">auditlog rule tree extension</field>                   
+        <field name="model">auditlog.rule</field>                                             
+        <field name="inherit_id" ref="auditlog.view_auditlog_rule_tree"/>                         
+        <field name="arch" type="xml">                                                  
+            <xpath expr="//field[@name='state']" position="after">          
+                <field name="field_ids"/>                         
+                <field name="group_ids"/>                         
+            </xpath>                                                                 
+        </field>                                                                        
+    </record>                   
+
+   <record id="view_auditlog_log_line_search" model="ir.ui.view">
+        <field name="name">auditlog.log.search</field>
+        <field name="model">auditlog.log.line</field>
+        <field name="arch" type="xml">
+            <search string="Log Lines">
+                <filter name="has_extensions"
+                    domain="['|', ('field_ids','!=', False), ('group_ids', '!=', False)]" 
+                    string="Has security Extensions"/>
+                <filter name="global_security"
+                    domain="[('field_ids','!=', False)]" 
+                    string="Accessible to all - globally accessible"/>
+            </search>
+        </field>
+    </record>
+
+    
+
+    <record model="ir.actions.act_window" id="action_auditlog_log_line_tree">
+        <field name="name">Logs</field>
+        <field name="res_model">auditlog.log.line</field>
+        <field name="view_type">form</field>
+        <field name="search_view_id" 
+            ref="auditlog_security.view_auditlog_log_line_search"/>
+        <field name="domain">[('log_id.res_id', '=', active_id)]</field>
+        <field name="binding_model_id" ref="base.model_res_partner"/>        
+    </record>
+
+    <!-- TO BE REMOVED, KEPT FOR TESTING PURPOSES
+    <menuitem id="menu_audit_log_line" name="Audit Lines"
+        parent="contacts.res_partner_menu_contacts" sequence="50"/>
+
+
+    <menuitem id="menu_audit_log_lines" name="Log Lines"
+        parent="menu_audit_log_line" action="action_auditlog_log_line_tree"/>
+    -->
+
+
+</odoo>

From aded99e3732c01b91f31f75ecdc37398140aa0d8 Mon Sep 17 00:00:00 2001
From: Giovanni Francesco Capalbo <giovanni@therp.nl>
Date: Wed, 13 Apr 2022 11:45:14 +0200
Subject: [PATCH 2/2] [ADD] review fixes

---
 auditlog/:w                                   |  13 -
 auditlog/models/rule.py                       |   2 -
 auditlog/views/auditlog_view.xml              |   2 +-
 auditlog_security/README.rst                  |  55 +--
 auditlog_security/__manifest__.py             |   8 +-
 auditlog_security/demo/auditlog_rule.xml      |  10 -
 auditlog_security/models/__init__.py          |   1 +
 .../models/auditlog_autovacuum.py             |   2 +-
 .../models/auditlog_line_access_rule.py       | 115 +++++
 auditlog_security/models/auditlog_rule.py     |  85 ++--
 auditlog_security/models/ir_rule.py           |  42 +-
 auditlog_security/readme/USAGE.rst            |   3 +-
 .../security/ir.model.access.csv              |   1 +
 .../static/description/index.html             | 438 ++++++++++++++++++
 auditlog_security/views/auditlog_view.xml     | 106 +++--
 maintainer-tools                              |   1 +
 16 files changed, 691 insertions(+), 193 deletions(-)
 delete mode 100644 auditlog/:w
 delete mode 100644 auditlog_security/demo/auditlog_rule.xml
 create mode 100644 auditlog_security/models/auditlog_line_access_rule.py
 create mode 100644 auditlog_security/static/description/index.html
 create mode 160000 maintainer-tools

diff --git a/auditlog/:w b/auditlog/:w
deleted file mode 100644
index 8b489702eb1..00000000000
--- a/auditlog/:w
+++ /dev/null
@@ -1,13 +0,0 @@
-# Copyright 2021 Therp B.V.
-# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
-
-from odoo import models, api 
-
-
-class AuditlogAutovacuum(models.TransientModel):
-    _inherit = 'auditlog.autovacuum'
-
-    @api.model
-    def autovaccum(self, days):
-        return super(AuditlogAutovacuum, self.with_context(
-            auditlog_write=True)).autovacuum(days=days)
diff --git a/auditlog/models/rule.py b/auditlog/models/rule.py
index e7a3c8f6492..6cdc7233ccd 100644
--- a/auditlog/models/rule.py
+++ b/auditlog/models/rule.py
@@ -449,8 +449,6 @@ def _create_log_line_on_write(
             self, log, fields_list, old_values, new_values):
         """Log field updated on a 'write' operation."""
         log_line_model = self.env['auditlog.log.line']
-        import pudb
-        pudb.set_trace()
         for field_name in fields_list:
             if field_name in FIELDS_BLACKLIST:
                 continue
diff --git a/auditlog/views/auditlog_view.xml b/auditlog/views/auditlog_view.xml
index 8eaefc4e36a..2ec7b480896 100644
--- a/auditlog/views/auditlog_view.xml
+++ b/auditlog/views/auditlog_view.xml
@@ -193,7 +193,7 @@
         <field name="name">Logs</field>
         <field name="res_model">auditlog.log</field>
         <field name="view_type">form</field>
-        <field name="search_view_id" ref="auditlog.view_auditlog_log_search"/>
+        <field name="search_view_id" ref="view_auditlog_log_search"/>
     </record>
 
     <menuitem id="menu_audit_logs" name="Logs"
diff --git a/auditlog_security/README.rst b/auditlog_security/README.rst
index bff1095f5fa..438dfbd137a 100644
--- a/auditlog_security/README.rst
+++ b/auditlog_security/README.rst
@@ -1,6 +1,6 @@
-=========
-Audit Log
-=========
+==========================
+Audit Log User Permissions
+==========================
 
 .. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    !! This file is generated by oca-gen-addon-readme !!
@@ -14,10 +14,10 @@ Audit Log
     :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
     :alt: License: AGPL-3
 .. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--tools-lightgray.png?logo=github
-    :target: https://github.com/OCA/server-tools/tree/11.0/auditlog
+    :target: https://github.com/OCA/server-tools/tree/11.0/auditlog_security
     :alt: OCA/server-tools
 .. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
-    :target: https://translation.odoo-community.org/projects/server-tools-11-0/server-tools-11-0-auditlog
+    :target: https://translation.odoo-community.org/projects/server-tools-11-0/server-tools-11-0-auditlog_security
     :alt: Translate me on Weblate
 .. |badge5| image:: https://img.shields.io/badge/runbot-Try%20me-875A7B.png
     :target: https://runbot.odoo-community.org/runbot/149/11.0
@@ -25,8 +25,9 @@ Audit Log
 
 |badge1| |badge2| |badge3| |badge4| |badge5| 
 
-This module allows the administrator to log user operations performed on data
-models such as ``create``, ``read``, ``write`` and ``delete``.
+This module allows extends auditlog, allowing specific log lines to be viewed only
+by users belonging to specific views, while all other lines are allowed only to 
+administrator.
 
 **Table of contents**
 
@@ -38,31 +39,20 @@ Usage
 
 Go to `Settings / Technical / Audit / Rules` to subscribe rules. A rule defines
 which operations to log for a given data model.
+The rule is now extended with a new field permission_ids, that tells us wich groups will
+be allowed to read the lines produced by this rule.
+If permission_ids is left empty, the default will be: 
+"auditlog lines visible only by user in Settings group, which is the default 
+for the auditlog module"
 
-.. image:: https://raw.githubusercontent.com/auditlog/static/description/rule.png
 
 Then, check logs in the `Settings / Technical / Audit / Logs` menu. You can
-group them by user sessions, date, data model or HTTP requests:
-
-.. image:: https://raw.githubusercontent.com/auditlog/static/description/logs.png
-
-Get the details:
-
-.. image:: https://raw.githubusercontent.com/auditlog/static/description/log.png
-
-A scheduled action exists to delete logs older than 6 months (180 days)
-automatically but is not enabled by default.
-To activate it and/or change the delay, go to the
-`Configuration / Technical / Automation / Scheduled Actions` menu and edit the
-`Auto-vacuum audit logs` entry:
-
-.. image:: https://raw.githubusercontent.com/auditlog/static/description/autovacuum.png
+group them by user sessions, date, data model , HTTP requests.
 
 Known issues / Roadmap
 ======================
 
- * log only operations triggered by some users (currently it logs all users)
- * log read operations does not work on all data models, need investigation
+
 
 Bug Tracker
 ===========
@@ -70,7 +60,7 @@ Bug Tracker
 Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-tools/issues>`_.
 In case of trouble, please check there if your issue has already been reported.
 If you spotted it first, help us smashing it by providing a detailed and welcomed
-`feedback <https://github.com/OCA/server-tools/issues/new?body=module:%20auditlog%0Aversion:%2011.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+`feedback <https://github.com/OCA/server-tools/issues/new?body=module:%20auditlog_security%0Aversion:%2011.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
 
 Do not contact contributors directly about support or help with technical issues.
 
@@ -80,19 +70,12 @@ Credits
 Authors
 ~~~~~~~
 
-* ABF OSIELL
+* Therp B.V.
 
 Contributors
 ~~~~~~~~~~~~
 
-* Sebastien Alix <sebastien.alix@camptocamp.com>
-* Holger Brunn <hbrunn@therp.nl>
-* Holden Rehg <holdenrehg@gmail.com>
-
-Other credits
-~~~~~~~~~~~~~
-
-* Icon: built with different icons from the `Oxygen theme <https://en.wikipedia.org/wiki/Oxygen_Project>`_ (LGPL)
+* Giovanni Francesco Capalbo <giovanni@therp.nl>
 
 Maintainers
 ~~~~~~~~~~~
@@ -107,6 +90,6 @@ OCA, or the Odoo Community Association, is a nonprofit organization whose
 mission is to support the collaborative development of Odoo features and
 promote its widespread use.
 
-This module is part of the `OCA/server-tools <https://github.com/OCA/server-tools/tree/11.0/auditlog>`_ project on GitHub.
+This module is part of the `OCA/server-tools <https://github.com/OCA/server-tools/tree/11.0/auditlog_security>`_ project on GitHub.
 
 You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
diff --git a/auditlog_security/__manifest__.py b/auditlog_security/__manifest__.py
index 5e196c31fa3..782da1100cc 100644
--- a/auditlog_security/__manifest__.py
+++ b/auditlog_security/__manifest__.py
@@ -2,19 +2,21 @@
 # License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
 
 {
-    "name": "Audit Log Permissions",
-    "version": "11.0.1.0.1",
+    "name": "Audit Log User Permissions",
+    "version": "11.0.1.0.0",
     "author": "Therp B.V.,Odoo Community Association (OCA)",
     "license": "AGPL-3",
     "website": "https://github.com/OCA/server-tools/",
     "category": "Tools",
+    "description": """Allow regular users to view Audit log lines 
+                   via the form view of the relevant model""",
     "depends": [
         "auditlog",
         "contacts",
     ],
     "data": [
-        "demo/auditlog_rule.xml",
         "views/auditlog_view.xml",
+        "security/ir.model.access.csv",
     ],
     "application": True,
     "installable": True,
diff --git a/auditlog_security/demo/auditlog_rule.xml b/auditlog_security/demo/auditlog_rule.xml
deleted file mode 100644
index eb7639adc6e..00000000000
--- a/auditlog_security/demo/auditlog_rule.xml
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<odoo noupdate="1">
-
-        <record id="main_partner_rule" model="auditlog.rule">
-            <field name='name'>main auditlog partner rule</field>
-            <field name="model_id" ref="base.model_res_partner"/>
-            <field name="state">subscribed</field>
-        </record>
-
-</odoo>
diff --git a/auditlog_security/models/__init__.py b/auditlog_security/models/__init__.py
index aa60319d2a3..4c1c462d621 100644
--- a/auditlog_security/models/__init__.py
+++ b/auditlog_security/models/__init__.py
@@ -1,5 +1,6 @@
 # License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
 
 from . import auditlog_rule
+from . import auditlog_line_access_rule
 from . import ir_rule
 from . import auditlog_autovacuum
diff --git a/auditlog_security/models/auditlog_autovacuum.py b/auditlog_security/models/auditlog_autovacuum.py
index c37db710aaf..7b4b0bc3a19 100644
--- a/auditlog_security/models/auditlog_autovacuum.py
+++ b/auditlog_security/models/auditlog_autovacuum.py
@@ -8,7 +8,7 @@ class AuditlogAutovacuum(models.TransientModel):
     _inherit = "auditlog.autovacuum"
 
     @api.model
-    def autovaccum(self, days):
+    def autovacuum(self, days):
         return super(
             AuditlogAutovacuum, self.with_context(auditlog_write=True)
         ).autovacuum(days=days)
diff --git a/auditlog_security/models/auditlog_line_access_rule.py b/auditlog_security/models/auditlog_line_access_rule.py
new file mode 100644
index 00000000000..aedb39009f0
--- /dev/null
+++ b/auditlog_security/models/auditlog_line_access_rule.py
@@ -0,0 +1,115 @@
+# Copyright 2021 Therp B.V.
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
+
+from odoo import exceptions, models, fields, api, modules, _
+from odoo.addons.auditlog.models.rule import FIELDS_BLACKLIST
+
+
+class AuditlogLineAccessRule(models.Model):
+    _name = "auditlog.line.access.rule"
+
+    name = fields.Char()
+
+    field_ids = fields.Many2many("ir.model.fields")
+    group_ids = fields.Many2many(
+        "res.groups",
+        help="""Groups that will be allowed to see the logged fields, if left empty 
+                default will be all users with a login""",
+    )
+    model_id = fields.Many2one(
+        "ir.model", related="auditlog_rule_id.model_id", readonly=True
+    )
+    auditlog_rule_id = fields.Many2one(
+        "auditlog.rule", "auditlog_access_rule_ids", readonly=True, ondelete="cascade"
+    )
+    state = fields.Selection(related="auditlog_rule_id.state", readonly=True)
+    
+
+    def needs_rule(self):
+        self.ensure_one()
+        return bool(self.group_ids)
+
+    def get_linked_rules(self):
+        # return with context key so that deletion will not be forbidden
+        return self.env["ir.rule"].search(
+            [("auditlog_line_access_rule_id", "in", self.ids)]
+        )
+
+    def get_field_ids_domain(self):
+        """note this solution will work only with a hardcoded design of models,
+        because on initialization , self.model_id.id still is not defined.
+        for now, to keep generality we put the filtering in the view."""
+        return [
+            ("model_id", "=", self.env.ref("base.model_res_partner").id),
+            ("name", "not in", FIELDS_BLACKLIST),
+        ]
+
+    def unlink(self):
+        to_delete = self.get_linked_rules()
+        res = super(AuditlogLineAccessRule, self).unlink()
+        if res:
+            res = res and to_delete.with_context(auditlog_write=True).unlink()
+        return res
+
+    def add_default_group_if_needed(self):
+        self.ensure_one()
+        res = False
+        if not self.group_ids and self.field_ids:
+            res = self.with_context(no_iter=True).write(
+                {"group_ids": [(6, 0, [self.env.ref("base.group_user").id])]}
+            )
+        return res
+
+    @api.model
+    def create(self, vals):
+        res = super(AuditlogLineAccessRule, self).create(vals)
+        res.add_default_group_if_needed()
+        if res.needs_rule():
+            res.generate_rules()
+        return res
+
+    @api.multi
+    def write(self, vals):
+        res = super(AuditlogLineAccessRule, self).write(vals)
+        for this in self:
+            added = this.add_default_group_if_needed()
+            if (
+                any(
+                    [
+                        x in vals
+                        for x in ("group_ids", "field_ids", "model_id", "all_fields")
+                    ]
+                )
+                or added
+            ):
+                if this.needs_rule():
+                    this.generate_rules()
+                else:
+                    this.get_linked_rules().with_context(auditlog_write=True).unlink()
+        return res
+
+    def generate_rules(self):
+        old_rule = self.env["ir.rule"].search(
+            [("auditlog_line_access_rule_id", "=", self.id)], limit=1
+        )
+        values = self._prepare_rule_values()
+        if old_rule:
+            old_rule.with_context(auditlog_write=True).write(values)
+        else:
+            self.with_context(auditlog_write=True).env["ir.rule"].create(values)
+
+    def _prepare_rule_values(self):
+        domain_force = "[" + " ('aulditlog_rule_id.log_id.model_id' , '=', %s)," % (
+            self.model_id.id
+        )
+        if self.field_ids:
+            domain_force += "('field_id', 'in',  %s)" % (self.field_ids.ids)
+        domain_force += "]"
+        return {
+            "name": "auditlog_extended_%s" % self.id,
+            "model_id": self.env.ref("auditlog.model_auditlog_log_line").id,
+            "groups": [(6, 0, self.group_ids.ids)],
+            "perm_read": True,
+            "domain_force": domain_force,
+            "auditlog_line_access_rule_id": self.id,
+        }
diff --git a/auditlog_security/models/auditlog_rule.py b/auditlog_security/models/auditlog_rule.py
index fd45558ca70..4ca5a924395 100644
--- a/auditlog_security/models/auditlog_rule.py
+++ b/auditlog_security/models/auditlog_rule.py
@@ -1,71 +1,46 @@
 # Copyright 2021 Therp B.V.
 # License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
 
-from odoo import models, fields, api, modules, _
+from odoo import exceptions, models, fields, api, modules, _
 from odoo.addons.auditlog.models.rule import FIELDS_BLACKLIST
 
 
 class AuditlogRule(models.Model):
     _inherit = "auditlog.rule"
 
-    field_ids = fields.Many2many(
-        "ir.model.fields",
-        required=True,
+    auditlog_line_access_rule_ids = fields.One2many(
+        "auditlog.line.access.rule", "auditlog_rule_id", ondelete="cascade"
     )
-    group_ids = fields.Many2many(
-        "res.groups",
-        string="Groups",
-        help="""Groups that will be allowed to see the logged fields, if left empty 
-                all groups will be allowed (global rule creation)""",
-    )
-
-    """ note this solution will work only with a hardcoded design of models,
-    because on initialization , self.model_id.id still is not defined.
-    for now, to keep generality we put the filtering in the view."""
 
-    def get_field_ids_domain(self):
-        return [
-            ("model_id", "=", self.env.ref("base.model_res_partner").id),
-            ("name", "not in", FIELDS_BLACKLIST),
-        ]
+    @api.onchange("model_id")
+    def onchange_model_id(self):
+        # if model changes we must wipe out all field ids
+        self.auditlog_line_access_rule_ids.unlink()
 
+    @api.multi
     def unlink(self):
-        # if we delete auditlog rule, corresponding ir.rules are removed
-        # TODO PROPOSAL: a warning here with detailed information?
+        lines = self.mapped("auditlog_line_access_rule_ids")
         res = super(AuditlogRule, self).unlink()
-        return (
-            res
-            and self.env["ir.rule"]
-            .with_context(auditlog_write=True)
-            .search([("auditlog_id", "in", self.ids)])
-            .unlink()
-        )
-
-    @api.multi
-    def write(self, vals):
-        res = super(AuditlogRule, self).write(vals)
-        for this in self:
-            if any([x in vals for x in ("group_ids", "field_ids", "model_id")]):
-                this.generate_rules()
+        if res:
+            lines.unlink()
         return res
 
-    def generate_rules(self):
-        old_rule = self.env["ir.rule"].search([("auditlog_id", "=", self.id)], limit=1)
-        domain_force = (
-            "[ "
-            + " ('log_id.model_id' , '=', %s)," % (self.model_id.id)
-            + "('field_id', 'in',  %s)" % (self.field_ids.ids)
-            + "]"
-        )
-        values = {
-            "name": "auditlog_extended_%s" % self.id,
-            "model_id": self.env.ref("auditlog.model_auditlog_log_line").id,
-            "groups": [(6, 0, self.group_ids.ids)],
-            "perm_read": True,
-            "domain_force": domain_force,
-            "auditlog_id": self.id,
-        }
-        if old_rule:
-            old_rule.with_context(auditlog_write=True).write(values)
-        else:
-            self.with_context(auditlog_write=True).env["ir.rule"].create(values)
+    @api.multi
+    def subscribe(self):
+        super(AuditlogRule, self).subscribe()
+        act_window_model = self.env["ir.actions.act_window"]
+        for rule in self:
+            domain = (
+                "[('log_id.model_id', '=', %s), ('log_id.res_id', '=', active_id)]"
+                % (rule.model_id.id)
+            )
+            vals = {
+                "name": _("View log lines"),
+                "res_model": "auditlog.log.line",
+                "src_model": rule.model_id.model,
+                "binding_model_id": rule.model_id.id,
+                "domain": domain,
+            }
+            act_window = act_window_model.sudo().create(vals)
+            rule.write({"state": "subscribed", "action_id": act_window.id})
+        return True
diff --git a/auditlog_security/models/ir_rule.py b/auditlog_security/models/ir_rule.py
index 44176e14afe..dfb1c822fae 100644
--- a/auditlog_security/models/ir_rule.py
+++ b/auditlog_security/models/ir_rule.py
@@ -7,26 +7,14 @@
 class IrRule(models.Model):
     _inherit = "ir.rule"
 
-    auditlog_id = fields.Many2one(
-        "auditlog.rule",
+    auditlog_line_access_rule_id = fields.Many2one(
+        "auditlog.line.access.rule",
         required=False,
-        help="Auditlog Rule that generated this ir.rule",
+        index=True,
+        ondelete='cascade',
+        help="Auditlog line access Rule that generated this ir.rule",
     )
 
-    def prevent_rule_mod(self, vals=None):
-        auditlog_write = self.env.context.get("auditlog_write")
-        if "auditlog_id" in vals and not auditlog_write:
-            raise exceptions.validationerror(_("""Cannot change auditlog_id"""))
-        for this in self:
-            if this.auditlog_id and not auditlog_write:
-                raise exceptions.validationerror(
-                    _(
-                        """
-                     auditlog line rules are automatically generated from the auditlog 
-                     interface, please use that to edit/delete/"""
-                    )
-                )
-
     @api.model
     def create(self, values):
         if values.get("model_id") == self.env.ref(
@@ -35,18 +23,30 @@ def create(self, values):
             raise exceptions.ValidationError(
                 _(
                     """
-                 Auditlog line rules are automatically generated from the auditlog 
-                 interface, please use that to create"""
+                 Auditlog line rules are automatically generated from the  
+                 auditlog interface, please use that to create"""
                 )
             )
         return super(IrRule, self).create(values)
 
     @api.multi
     def write(self, vals):
-        self.prevent_rule_mod(vals)
+        if "auditlog_id" in vals and not self.env.context.get("auditlog_write"):
+            raise exceptions.ValidationError(
+                _("""Cannot change auditlog_line_access_rule""")
+            )
         return super(IrRule, self).write(vals)
 
     @api.multi
     def unlink(self):
-        self.prevent_rule_mod()
+        auditlog_write = self.env.context.get("auditlog_write")
+        for this in self:
+            if this.auditlog_line_access_rule_id and not auditlog_write:
+                raise exceptions.ValidationError(
+                    _(
+                        """
+                 Auditlog line rules are automatically generated from the  
+                 auditlog interface, please use that to delete"""
+                    )
+                )
         return super(IrRule, self).unlink()
diff --git a/auditlog_security/readme/USAGE.rst b/auditlog_security/readme/USAGE.rst
index 8fa4cd27178..f4cfaeca2cf 100644
--- a/auditlog_security/readme/USAGE.rst
+++ b/auditlog_security/readme/USAGE.rst
@@ -3,7 +3,8 @@ which operations to log for a given data model.
 The rule is now extended with a new field permission_ids, that tells us wich groups will
 be allowed to read the lines produced by this rule.
 If permission_ids is left empty, the default will be: 
-"auditlog lines visible only by administrator"
+"auditlog lines visible only by user in Settings group, which is the default 
+for the auditlog module"
 
 
 Then, check logs in the `Settings / Technical / Audit / Logs` menu. You can
diff --git a/auditlog_security/security/ir.model.access.csv b/auditlog_security/security/ir.model.access.csv
index 005a168ba9d..f5314c702a3 100644
--- a/auditlog_security/security/ir.model.access.csv
+++ b/auditlog_security/security/ir.model.access.csv
@@ -1,3 +1,4 @@
 id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
 access_auditlog_log_line_user,auditlog_log_line_user,model_auditlog_log_line,base.group_user,1,0,0,0
 access_auditlog_log_user,auditlog_log_user,model_auditlog_log,base.group_user,1,0,0,0
+access_auditlog_line_access_rule_admin,auditlog_line_access_rule_admin,model_auditlog_line_access_rule,base.group_system,1,1,1,1
diff --git a/auditlog_security/static/description/index.html b/auditlog_security/static/description/index.html
new file mode 100644
index 00000000000..03f14d1e6be
--- /dev/null
+++ b/auditlog_security/static/description/index.html
@@ -0,0 +1,438 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta name="generator" content="Docutils: http://docutils.sourceforge.net/" />
+<title>Audit Log User Permissions</title>
+<style type="text/css">
+
+/*
+:Author: David Goodger (goodger@python.org)
+:Id: $Id: html4css1.css 7952 2016-07-26 18:15:59Z milde $
+:Copyright: This stylesheet has been placed in the public domain.
+
+Default cascading style sheet for the HTML output of Docutils.
+
+See http://docutils.sf.net/docs/howto/html-stylesheets.html for how to
+customize this style sheet.
+*/
+
+/* used to remove borders from tables and images */
+.borderless, table.borderless td, table.borderless th {
+  border: 0 }
+
+table.borderless td, table.borderless th {
+  /* Override padding for "table.docutils td" with "! important".
+     The right padding separates the table cells. */
+  padding: 0 0.5em 0 0 ! important }
+
+.first {
+  /* Override more specific margin styles with "! important". */
+  margin-top: 0 ! important }
+
+.last, .with-subtitle {
+  margin-bottom: 0 ! important }
+
+.hidden {
+  display: none }
+
+.subscript {
+  vertical-align: sub;
+  font-size: smaller }
+
+.superscript {
+  vertical-align: super;
+  font-size: smaller }
+
+a.toc-backref {
+  text-decoration: none ;
+  color: black }
+
+blockquote.epigraph {
+  margin: 2em 5em ; }
+
+dl.docutils dd {
+  margin-bottom: 0.5em }
+
+object[type="image/svg+xml"], object[type="application/x-shockwave-flash"] {
+  overflow: hidden;
+}
+
+/* Uncomment (and remove this text!) to get bold-faced definition list terms
+dl.docutils dt {
+  font-weight: bold }
+*/
+
+div.abstract {
+  margin: 2em 5em }
+
+div.abstract p.topic-title {
+  font-weight: bold ;
+  text-align: center }
+
+div.admonition, div.attention, div.caution, div.danger, div.error,
+div.hint, div.important, div.note, div.tip, div.warning {
+  margin: 2em ;
+  border: medium outset ;
+  padding: 1em }
+
+div.admonition p.admonition-title, div.hint p.admonition-title,
+div.important p.admonition-title, div.note p.admonition-title,
+div.tip p.admonition-title {
+  font-weight: bold ;
+  font-family: sans-serif }
+
+div.attention p.admonition-title, div.caution p.admonition-title,
+div.danger p.admonition-title, div.error p.admonition-title,
+div.warning p.admonition-title, .code .error {
+  color: red ;
+  font-weight: bold ;
+  font-family: sans-serif }
+
+/* Uncomment (and remove this text!) to get reduced vertical space in
+   compound paragraphs.
+div.compound .compound-first, div.compound .compound-middle {
+  margin-bottom: 0.5em }
+
+div.compound .compound-last, div.compound .compound-middle {
+  margin-top: 0.5em }
+*/
+
+div.dedication {
+  margin: 2em 5em ;
+  text-align: center ;
+  font-style: italic }
+
+div.dedication p.topic-title {
+  font-weight: bold ;
+  font-style: normal }
+
+div.figure {
+  margin-left: 2em ;
+  margin-right: 2em }
+
+div.footer, div.header {
+  clear: both;
+  font-size: smaller }
+
+div.line-block {
+  display: block ;
+  margin-top: 1em ;
+  margin-bottom: 1em }
+
+div.line-block div.line-block {
+  margin-top: 0 ;
+  margin-bottom: 0 ;
+  margin-left: 1.5em }
+
+div.sidebar {
+  margin: 0 0 0.5em 1em ;
+  border: medium outset ;
+  padding: 1em ;
+  background-color: #ffffee ;
+  width: 40% ;
+  float: right ;
+  clear: right }
+
+div.sidebar p.rubric {
+  font-family: sans-serif ;
+  font-size: medium }
+
+div.system-messages {
+  margin: 5em }
+
+div.system-messages h1 {
+  color: red }
+
+div.system-message {
+  border: medium outset ;
+  padding: 1em }
+
+div.system-message p.system-message-title {
+  color: red ;
+  font-weight: bold }
+
+div.topic {
+  margin: 2em }
+
+h1.section-subtitle, h2.section-subtitle, h3.section-subtitle,
+h4.section-subtitle, h5.section-subtitle, h6.section-subtitle {
+  margin-top: 0.4em }
+
+h1.title {
+  text-align: center }
+
+h2.subtitle {
+  text-align: center }
+
+hr.docutils {
+  width: 75% }
+
+img.align-left, .figure.align-left, object.align-left, table.align-left {
+  clear: left ;
+  float: left ;
+  margin-right: 1em }
+
+img.align-right, .figure.align-right, object.align-right, table.align-right {
+  clear: right ;
+  float: right ;
+  margin-left: 1em }
+
+img.align-center, .figure.align-center, object.align-center {
+  display: block;
+  margin-left: auto;
+  margin-right: auto;
+}
+
+table.align-center {
+  margin-left: auto;
+  margin-right: auto;
+}
+
+.align-left {
+  text-align: left }
+
+.align-center {
+  clear: both ;
+  text-align: center }
+
+.align-right {
+  text-align: right }
+
+/* reset inner alignment in figures */
+div.align-right {
+  text-align: inherit }
+
+/* div.align-center * { */
+/*   text-align: left } */
+
+.align-top    {
+  vertical-align: top }
+
+.align-middle {
+  vertical-align: middle }
+
+.align-bottom {
+  vertical-align: bottom }
+
+ol.simple, ul.simple {
+  margin-bottom: 1em }
+
+ol.arabic {
+  list-style: decimal }
+
+ol.loweralpha {
+  list-style: lower-alpha }
+
+ol.upperalpha {
+  list-style: upper-alpha }
+
+ol.lowerroman {
+  list-style: lower-roman }
+
+ol.upperroman {
+  list-style: upper-roman }
+
+p.attribution {
+  text-align: right ;
+  margin-left: 50% }
+
+p.caption {
+  font-style: italic }
+
+p.credits {
+  font-style: italic ;
+  font-size: smaller }
+
+p.label {
+  white-space: nowrap }
+
+p.rubric {
+  font-weight: bold ;
+  font-size: larger ;
+  color: maroon ;
+  text-align: center }
+
+p.sidebar-title {
+  font-family: sans-serif ;
+  font-weight: bold ;
+  font-size: larger }
+
+p.sidebar-subtitle {
+  font-family: sans-serif ;
+  font-weight: bold }
+
+p.topic-title {
+  font-weight: bold }
+
+pre.address {
+  margin-bottom: 0 ;
+  margin-top: 0 ;
+  font: inherit }
+
+pre.literal-block, pre.doctest-block, pre.math, pre.code {
+  margin-left: 2em ;
+  margin-right: 2em }
+
+pre.code .ln { color: grey; } /* line numbers */
+pre.code, code { background-color: #eeeeee }
+pre.code .comment, code .comment { color: #5C6576 }
+pre.code .keyword, code .keyword { color: #3B0D06; font-weight: bold }
+pre.code .literal.string, code .literal.string { color: #0C5404 }
+pre.code .name.builtin, code .name.builtin { color: #352B84 }
+pre.code .deleted, code .deleted { background-color: #DEB0A1}
+pre.code .inserted, code .inserted { background-color: #A3D289}
+
+span.classifier {
+  font-family: sans-serif ;
+  font-style: oblique }
+
+span.classifier-delimiter {
+  font-family: sans-serif ;
+  font-weight: bold }
+
+span.interpreted {
+  font-family: sans-serif }
+
+span.option {
+  white-space: nowrap }
+
+span.pre {
+  white-space: pre }
+
+span.problematic {
+  color: red }
+
+span.section-subtitle {
+  /* font-size relative to parent (h1..h6 element) */
+  font-size: 80% }
+
+table.citation {
+  border-left: solid 1px gray;
+  margin-left: 1px }
+
+table.docinfo {
+  margin: 2em 4em }
+
+table.docutils {
+  margin-top: 0.5em ;
+  margin-bottom: 0.5em }
+
+table.footnote {
+  border-left: solid 1px black;
+  margin-left: 1px }
+
+table.docutils td, table.docutils th,
+table.docinfo td, table.docinfo th {
+  padding-left: 0.5em ;
+  padding-right: 0.5em ;
+  vertical-align: top }
+
+table.docutils th.field-name, table.docinfo th.docinfo-name {
+  font-weight: bold ;
+  text-align: left ;
+  white-space: nowrap ;
+  padding-left: 0 }
+
+/* "booktabs" style (no vertical lines) */
+table.docutils.booktabs {
+  border: 0px;
+  border-top: 2px solid;
+  border-bottom: 2px solid;
+  border-collapse: collapse;
+}
+table.docutils.booktabs * {
+  border: 0px;
+}
+table.docutils.booktabs th {
+  border-bottom: thin solid;
+  text-align: left;
+}
+
+h1 tt.docutils, h2 tt.docutils, h3 tt.docutils,
+h4 tt.docutils, h5 tt.docutils, h6 tt.docutils {
+  font-size: 100% }
+
+ul.auto-toc {
+  list-style-type: none }
+
+</style>
+</head>
+<body>
+<div class="document" id="audit-log-user-permissions">
+<h1 class="title">Audit Log User Permissions</h1>
+
+<!-- !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!! This file is generated by oca-gen-addon-readme !!
+!! changes will be overwritten.                   !!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
+<p><a class="reference external" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external" href="https://github.com/OCA/server-tools/tree/11.0/auditlog_security"><img alt="OCA/server-tools" src="https://img.shields.io/badge/github-OCA%2Fserver--tools-lightgray.png?logo=github" /></a> <a class="reference external" href="https://translation.odoo-community.org/projects/server-tools-11-0/server-tools-11-0-auditlog_security"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external" href="https://runbot.odoo-community.org/runbot/149/11.0"><img alt="Try me on Runbot" src="https://img.shields.io/badge/runbot-Try%20me-875A7B.png" /></a></p>
+<p>This module allows extends auditlog, allowing specific log lines to be viewed only
+by users belonging to specific views, while all other lines are allowed only to
+administrator.</p>
+<p><strong>Table of contents</strong></p>
+<div class="contents local topic" id="contents">
+<ul class="simple">
+<li><a class="reference internal" href="#usage" id="id1">Usage</a></li>
+<li><a class="reference internal" href="#known-issues-roadmap" id="id2">Known issues / Roadmap</a></li>
+<li><a class="reference internal" href="#bug-tracker" id="id3">Bug Tracker</a></li>
+<li><a class="reference internal" href="#credits" id="id4">Credits</a><ul>
+<li><a class="reference internal" href="#authors" id="id5">Authors</a></li>
+<li><a class="reference internal" href="#contributors" id="id6">Contributors</a></li>
+<li><a class="reference internal" href="#maintainers" id="id7">Maintainers</a></li>
+</ul>
+</li>
+</ul>
+</div>
+<div class="section" id="usage">
+<h1><a class="toc-backref" href="#id1">Usage</a></h1>
+<p>Go to <cite>Settings / Technical / Audit / Rules</cite> to subscribe rules. A rule defines
+which operations to log for a given data model.
+The rule is now extended with a new field permission_ids, that tells us wich groups will
+be allowed to read the lines produced by this rule.
+If permission_ids is left empty, the default will be:
+“auditlog lines visible only by user in Settings group, which is the default
+for the auditlog module”</p>
+<p>Then, check logs in the <cite>Settings / Technical / Audit / Logs</cite> menu. You can
+group them by user sessions, date, data model , HTTP requests.</p>
+</div>
+<div class="section" id="known-issues-roadmap">
+<h1><a class="toc-backref" href="#id2">Known issues / Roadmap</a></h1>
+</div>
+<div class="section" id="bug-tracker">
+<h1><a class="toc-backref" href="#id3">Bug Tracker</a></h1>
+<p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/server-tools/issues">GitHub Issues</a>.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us smashing it by providing a detailed and welcomed
+<a class="reference external" href="https://github.com/OCA/server-tools/issues/new?body=module:%20auditlog_security%0Aversion:%2011.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
+<p>Do not contact contributors directly about support or help with technical issues.</p>
+</div>
+<div class="section" id="credits">
+<h1><a class="toc-backref" href="#id4">Credits</a></h1>
+<div class="section" id="authors">
+<h2><a class="toc-backref" href="#id5">Authors</a></h2>
+<ul class="simple">
+<li>Therp B.V.</li>
+</ul>
+</div>
+<div class="section" id="contributors">
+<h2><a class="toc-backref" href="#id6">Contributors</a></h2>
+<ul class="simple">
+<li>Giovanni Francesco Capalbo &lt;<a class="reference external" href="mailto:giovanni&#64;therp.nl">giovanni&#64;therp.nl</a>&gt;</li>
+</ul>
+</div>
+<div class="section" id="maintainers">
+<h2><a class="toc-backref" href="#id7">Maintainers</a></h2>
+<p>This module is maintained by the OCA.</p>
+<a class="reference external image-reference" href="https://odoo-community.org"><img alt="Odoo Community Association" src="https://odoo-community.org/logo.png" /></a>
+<p>OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.</p>
+<p>This module is part of the <a class="reference external" href="https://github.com/OCA/server-tools/tree/11.0/auditlog_security">OCA/server-tools</a> project on GitHub.</p>
+<p>You are welcome to contribute. To learn how please visit <a class="reference external" href="https://odoo-community.org/page/Contribute">https://odoo-community.org/page/Contribute</a>.</p>
+</div>
+</div>
+</div>
+</body>
+</html>
diff --git a/auditlog_security/views/auditlog_view.xml b/auditlog_security/views/auditlog_view.xml
index 46df0263ce9..6d34b52e66d 100644
--- a/auditlog_security/views/auditlog_view.xml
+++ b/auditlog_security/views/auditlog_view.xml
@@ -44,21 +44,59 @@
         <field name="model">auditlog.rule</field>                                             
         <field name="inherit_id" ref="auditlog.view_auditlog_rule_form"/>                         
         <field name="arch" type="xml">                                                  
-            <xpath expr="//group[last()]" position="after">          
+            <xpath expr="//group[last()]" position="after">         
                 <group>
                     <!-- in the domain are the blacklisted fields in auditlog they 
-                    would be skipped anyway, so we repeat here to avoid incongruencies 
+                        would be skipped anyway, so we repeat here to avoid incongruencies 
                     -->
-                    <field name="field_ids"
-                        domain="[('model_id', '=' , model_id),('name', 'not in', ['id', 'create_uid', 'create_date', 'write_uid', 'write_date','display_name', '__last_update']) ]"
-                        />
-                </group>
-                <group>
-                    <field name="group_ids"/>                         
-                </group>
-            </xpath>                                                                 
+                    <div><p>
+                        Add fields here to make any changes to them (audit log lines) 
+                        visible to members of the selected groups.
+                    </p></div>
+
+                    <field name="auditlog_line_access_rule_ids">
+                        <tree delete="1" create="1" edit="0">
+                            <field name="name" readonly="1"/>
+                            <field name="model_id" readonly="1" invisible="1"/>
+                            <field name="group_ids"                          
+                                   options="{'no_create': True}"
+                             />
+                            <field name="field_ids"                           
+                                    options="{'no_create': True}"
+                            />
+                        </tree>
+                        <form >
+                            <sheet>
+                                <group>
+                                    <field name="state" readonly="1" invisible="1"/>
+                                    <field name="model_id" readonly="1" invisible="1" />
+                                    <field name="auditlog_rule_id" readonly="1" invisible="1"/>
+                                    <field name="group_ids" 
+                                        attrs="{'readonly': [('state', '=', 'subscribed')]}"
+                                        >                      
+                                    <tree editable="bottom">
+                                        <field name="name" readonly="1"/>
+                                        <field name="full_name" readonly="1"/>
+                                    </tree>
 
+                                </field>
+                                    <field name="field_ids"
+                                        domain="[('model_id', '=' , model_id),('name', 'not in', ['id', 'create_uid', 'create_date', 'write_uid', 'write_date','display_name', '__last_update']) ]"
+                                        attrs="{'readonly': [('state', '=', 'subscribed')]}"
+                                        >                      
+                                    <tree editable="bottom" >
+                                        <field name="name" readonly="1"/>
+                                        <field name="field_description" readonly="1"/>
+                                        <field name="ttype" readonly="1"/>
 
+                                    </tree>
+                                  </field>
+                                </group>
+                            </sheet>
+                        </form>
+                    </field>
+                </group>
+            </xpath>                                                                 
         </field>                                                                        
     </record>                  
 
@@ -68,47 +106,15 @@
         <field name="inherit_id" ref="auditlog.view_auditlog_rule_tree"/>                         
         <field name="arch" type="xml">                                                  
             <xpath expr="//field[@name='state']" position="after">          
-                <field name="field_ids"/>                         
-                <field name="group_ids"/>                         
+                <field name="auditlog_line_access_rule_ids">
+                    <tree>
+                        <field name="group_ids"/>                         
+                        <field name="field_ids"/>                         
+
+                    </tree>
+
+                </field>
             </xpath>                                                                 
         </field>                                                                        
     </record>                   
-
-   <record id="view_auditlog_log_line_search" model="ir.ui.view">
-        <field name="name">auditlog.log.search</field>
-        <field name="model">auditlog.log.line</field>
-        <field name="arch" type="xml">
-            <search string="Log Lines">
-                <filter name="has_extensions"
-                    domain="['|', ('field_ids','!=', False), ('group_ids', '!=', False)]" 
-                    string="Has security Extensions"/>
-                <filter name="global_security"
-                    domain="[('field_ids','!=', False)]" 
-                    string="Accessible to all - globally accessible"/>
-            </search>
-        </field>
-    </record>
-
-    
-
-    <record model="ir.actions.act_window" id="action_auditlog_log_line_tree">
-        <field name="name">Logs</field>
-        <field name="res_model">auditlog.log.line</field>
-        <field name="view_type">form</field>
-        <field name="search_view_id" 
-            ref="auditlog_security.view_auditlog_log_line_search"/>
-        <field name="domain">[('log_id.res_id', '=', active_id)]</field>
-        <field name="binding_model_id" ref="base.model_res_partner"/>        
-    </record>
-
-    <!-- TO BE REMOVED, KEPT FOR TESTING PURPOSES
-    <menuitem id="menu_audit_log_line" name="Audit Lines"
-        parent="contacts.res_partner_menu_contacts" sequence="50"/>
-
-
-    <menuitem id="menu_audit_log_lines" name="Log Lines"
-        parent="menu_audit_log_line" action="action_auditlog_log_line_tree"/>
-    -->
-
-
 </odoo>
diff --git a/maintainer-tools b/maintainer-tools
new file mode 160000
index 00000000000..7d8a9f9ad73
--- /dev/null
+++ b/maintainer-tools
@@ -0,0 +1 @@
+Subproject commit 7d8a9f9ad73db0976fb03cbee43d953bc29b89e9