[REF] Server Environment: restrict access to server config to allowed users

New security group restricting access to server config
Admin is part of the group by default

server_environment/__manifest__.py

@@ -31,6 +31,7 @@
     "license": "GPL-3 or any later version",
     "category": "Tools",
     "data": [
+        'security/res_groups.xml',
         'serv_config.xml',
     ],
     'installable': True,

server_environment/security/res_groups.xml

@@ -0,0 +1,10 @@
+<?xml version="1.0"?>
+
+<odoo>
+
+    <record model="res.groups" id="has_server_configuration_access">
+        <field name="name">View Server Environment Configuration</field>
+        <field name="users" eval="[(4, ref('base.user_root'))]"/>
+    </record>
+
+</odoo>

server_environment/serv_config.py

@@ -286,6 +286,11 @@ class ServerConfiguration(models.TransientModel):
     @api.model
     def default_get(self, fields_list):
         res = {}
+        current_user = self.pool['res.users'].browse(
+            cr, uid, uid, context=context)
+        if not current_user.has_group(
+                'server_environment.has_server_configuration_access'):
+            return res
         for key in self._conf_defaults:
             if 'passw' in key and not self.show_passwords:
                 res[key] = '**********'