Skip to content

[FIX] queue_job: repoint default_env to SUPERUSER in runjob#923

Open
dannyadair wants to merge 2 commits into
OCA:19.0from
dannyadair:19.0-fix-runjob-env-user
Open

[FIX] queue_job: repoint default_env to SUPERUSER in runjob#923
dannyadair wants to merge 2 commits into
OCA:19.0from
dannyadair:19.0-fix-runjob-env-user

Conversation

@dannyadair

Copy link
Copy Markdown

runjob is declared auth="none", so _auth_method_none pins request.env and transaction.default_env to a uid=None env. env = http.request.env( user=SUPERUSER_ID) only creates a local superuser env, leaving the default_env as uid=None. Any flush that goes through Transaction.flush() -> default_env.flush_all() then recomputes stored fields as uid=None and fails on anything dereferencing self.env.user.

http.request.update_env(user=SUPERUSER_ID) additionally sets transaction.default_env to the superuser env.

Closes #922

@OCA-git-bot

Copy link
Copy Markdown
Contributor

Hi @guewen, @sbidoul,
some modules you are maintaining are being modified, check this out!

runjob is declared auth="none", so _auth_method_none pins request.env
and transaction.default_env to a uid=None env. `env = http.request.env(
user=SUPERUSER_ID)` only creates a local superuser env, leaving the
default_env as uid=None. Any flush that goes through
Transaction.flush() -> default_env.flush_all() then recomputes stored
fields as uid=None and fails on anything dereferencing self.env.user.

`http.request.update_env(user=SUPERUSER_ID)` additionally sets
transaction.default_env to the superuser env.

Closes OCA#922
@dannyadair dannyadair force-pushed the 19.0-fix-runjob-env-user branch from 4a36fc9 to 415420f Compare June 29, 2026 04:25
@dannyadair

Copy link
Copy Markdown
Author

Rebased after #924 was merged.
That PR removed the db/session.db handling but not the uid=None default_env issue this fixes, so the change is unchanged.

@amh-mw amh-mw left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems reasonable after reading the source here and https://github.com/odoo/odoo/blob/19.0/odoo/http.py#L1856-L1867:

    def update_env(self, user=None, context=None, su=None):
        """ Update the environment of the current request.

        :param user: optional user/user id to change the current user
        :type user: int or :class:`res.users record<~odoo.addons.base.models.res_users.ResUsers>`
        :param dict context: optional context dictionary to change the current context
        :param bool su: optional boolean to change the superuser mode
        """
        cr = None  # None is a sentinel, it keeps the same cursor
        self.env = self.env(cr, user, context, su)
        self.env.transaction.default_env = self.env
        threading.current_thread().uid = self.env.uid

That said, why make the change? What problem does this avoid? ☕ Unit test that problem?

@dannyadair

Copy link
Copy Markdown
Author

The problem is described in #922 and solved by this PR.

@amh-mw

amh-mw commented Jun 29, 2026

Copy link
Copy Markdown
Member

The problem is described in #922 and solved by this PR.

Yep, sorry! Struck through much of my comment already! Still desire a unit test.

@dannyadair

Copy link
Copy Markdown
Author

The problem is described in #922 and solved by this PR.

Yep, sorry! Struck through much of my comment already! Still desire a unit test.

ok with the existing tests this one would be weak and almost meaningless. (test_run_job_controller just calling class methods so we'd be mocking and verify that our two line change calls the two-line change), I 'll add something using HttpCase.

@dannyadair dannyadair force-pushed the 19.0-fix-runjob-env-user branch from 588919a to eeea3ee Compare July 1, 2026 11:28
@dannyadair

Copy link
Copy Markdown
Author

ugh, sorry for the noise. _acquire_job commits which is forbidden in tests. Have to get tricky.

Adds test_run_job_controller_http.py covering OCA#922:
- test_runjob_pins_default_env_to_superuser asserts that when
  _acquire_job is entered, env.transaction.default_env.uid is
  SUPERUSER_ID -- the state a job would inherit at perform time.
- test_runjob_without_updating_default_env_leaves_uid_none patches
  Request.update_env to a no-op and verifies default_env.uid stays
  None, isolating default_env repointing as the load-bearing
  behavior of runjob.

Tests use HttpCase so _auth_method_none, session handling, and
update_env run for real. _acquire_job is patched to return None so
the endpoint exits cleanly without performing DB work (its internal
commit is forbidden inside tests).
@dannyadair dannyadair force-pushed the 19.0-fix-runjob-env-user branch from eeea3ee to fd214cb Compare July 1, 2026 11:54
@dannyadair

Copy link
Copy Markdown
Author

added test

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants