From d52fde8222ec8f9d38147864e9e7a59c876241cb Mon Sep 17 00:00:00 2001
From: Anna Janiszewska <anna.janiszewska@camptocamp.com>
Date: Thu, 5 Sep 2024 16:42:36 +0200
Subject: [PATCH] [14.0] base_user_role: warning when adding admin to role
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

When creating a new user role, it is possible to add a user to that role without having added any groups.
If this is saved, all that user’s access rights will be wiped and he will not able to login anymore (Internal Server Error).
---
 base_user_role/models/role.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/base_user_role/models/role.py b/base_user_role/models/role.py
index 65d965224..fb03676ea 100644
--- a/base_user_role/models/role.py
+++ b/base_user_role/models/role.py
@@ -175,3 +175,11 @@ def unlink(self):
         res = super(ResUsersRoleLine, self).unlink()
         users.set_groups_from_roles(force=True)
         return res
+
+    @api.onchange('user_id')
+    def _onchange_user_id(self):
+        if self.user_id and self.user_id._is_admin():
+            return {'warning': {
+                'title': _("Warning"),
+                'message': _("When adding a role to an administrator, make sure no essential groups will be removed."),
+            }}