[18.0][product_cost_security] Unable to validate incoming stock pickings without product cost read rights #2115
Description
Module
product_cost_security
Describe the bug
The module prevents validation of stock pickings (for example, Purchase Receipts) when installed for users without read access to product cost fields.
Inventory Users should be able to validate stock pickings even if they are not allowed to see product costs.
This issue appears to be caused by changes in the Stock Valuation Layer (SVL) logic introduced in Odoo 18. During validation, SVL lines are generated, and the standard_price field is accessed in stock_account/models/stock_move.py, method _get_in_svl_vals:
unit_cost = {self.env['stock.lot']: move.product_id.standard_price}
Since standard_price requires read access on the product cost, this raises an AccessError for users without the required rights when product_cost_security is installed.
It seems that this call should likely use sudo() or an adjusted approach to bypass cost read restrictions during SVL valuation. However, i am not sure what changes should be applied within the product_cost_security module to prevent this error.
To Reproduce
Affected versions: 18.0.1.0.0
Steps to reproduce the behavior:
Dependencies: stock_account installed
- Use user without read or edit access to product costs.
- Create a new Receipt (incoming stock picking) with any storable product.
- Attempt to validate the picking.
Result:
Validation fails with an access error when reading product_id.standard_price.
Expected behavior
Stock picking validation (e.g. incoming stock picking) should succeed for users without product cost access rights. The module should not block standard warehouse operations.
