From 2df8bb339a0669523b3e24751e4910c32c7222ef Mon Sep 17 00:00:00 2001
From: Christopher Rogos <crogos@gmail.com>
Date: Fri, 27 Mar 2026 16:36:36 +0000
Subject: [PATCH 1/2] [ADD] mail_activity_restrict: Implement mail activity
 write restrictions based on assigned user

---
 mail_activity_restrict/README.rst             |  84 ++++
 mail_activity_restrict/__init__.py            |   1 +
 mail_activity_restrict/__manifest__.py        |  16 +
 mail_activity_restrict/models/__init__.py     |   2 +
 .../models/mail_activity.py                   |  49 ++
 .../models/mail_activity_type.py              |  18 +
 mail_activity_restrict/pyproject.toml         |   3 +
 mail_activity_restrict/readme/DESCRIPTION.md  |   5 +
 mail_activity_restrict/readme/USAGE.md        |   8 +
 .../static/description/index.html             | 426 ++++++++++++++++++
 mail_activity_restrict/tests/__init__.py      |   1 +
 .../tests/test_mail_activity_restrict.py      | 134 ++++++
 .../views/mail_activity_type_views.xml        |  13 +
 13 files changed, 760 insertions(+)
 create mode 100644 mail_activity_restrict/README.rst
 create mode 100644 mail_activity_restrict/__init__.py
 create mode 100644 mail_activity_restrict/__manifest__.py
 create mode 100644 mail_activity_restrict/models/__init__.py
 create mode 100644 mail_activity_restrict/models/mail_activity.py
 create mode 100644 mail_activity_restrict/models/mail_activity_type.py
 create mode 100644 mail_activity_restrict/pyproject.toml
 create mode 100644 mail_activity_restrict/readme/DESCRIPTION.md
 create mode 100644 mail_activity_restrict/readme/USAGE.md
 create mode 100644 mail_activity_restrict/static/description/index.html
 create mode 100644 mail_activity_restrict/tests/__init__.py
 create mode 100644 mail_activity_restrict/tests/test_mail_activity_restrict.py
 create mode 100644 mail_activity_restrict/views/mail_activity_type_views.xml

diff --git a/mail_activity_restrict/README.rst b/mail_activity_restrict/README.rst
new file mode 100644
index 000000000..9e9ca36e0
--- /dev/null
+++ b/mail_activity_restrict/README.rst
@@ -0,0 +1,84 @@
+===============================
+Mail Activity Write Restriction
+===============================
+
+.. 
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! This file is generated by oca-gen-addon-readme !!
+   !! changes will be overwritten.                   !!
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+   !! source digest: sha256:fca1d7f4b556efb27cc73e10028731aabfc09055e8de4512727b28352a6361e3
+   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
+    :target: https://odoo-community.org/page/development-status
+    :alt: Beta
+.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
+    :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
+    :alt: License: AGPL-3
+.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fmail-lightgray.png?logo=github
+    :target: https://github.com/OCA/mail/tree/18.0/mail_activity_restrict
+    :alt: OCA/mail
+.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
+    :target: https://translation.odoo-community.org/projects/mail-18-0/mail-18-0-mail_activity_restrict
+    :alt: Translate me on Weblate
+.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
+    :target: https://runboat.odoo-community.org/builds?repo=OCA/mail&target_branch=18.0
+    :alt: Try me on Runboat
+
+|badge1| |badge2| |badge3| |badge4| |badge5|
+
+When the activity type option "Restrict Write to Assigned User" on an
+activity type is enabled, only the assigned user can edit or mark the
+activity as done.
+
+The restriction is enforced through the activity access check, so it
+applies consistently to write and done flows.
+
+**Table of contents**
+
+.. contents::
+   :local:
+
+Usage
+=====
+
+To use this module:
+
+1. Go to Activity Types.
+2. Open the activity type you want to protect.
+3. Enable "Restrict Write to Assigned User".
+4. Save.
+
+From now on, only the assigned user can modify or complete activities of
+this type.
+
+Bug Tracker
+===========
+
+Bugs are tracked on `GitHub Issues <https://github.com/OCA/mail/issues>`_.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us to smash it by providing a detailed and welcomed
+`feedback <https://github.com/OCA/mail/issues/new?body=module:%20mail_activity_restrict%0Aversion:%2018.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+
+Do not contact contributors directly about support or help with technical issues.
+
+Credits
+=======
+
+Maintainers
+-----------
+
+This module is maintained by the OCA.
+
+.. image:: https://odoo-community.org/logo.png
+   :alt: Odoo Community Association
+   :target: https://odoo-community.org
+
+OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.
+
+This module is part of the `OCA/mail <https://github.com/OCA/mail/tree/18.0/mail_activity_restrict>`_ project on GitHub.
+
+You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
diff --git a/mail_activity_restrict/__init__.py b/mail_activity_restrict/__init__.py
new file mode 100644
index 000000000..0650744f6
--- /dev/null
+++ b/mail_activity_restrict/__init__.py
@@ -0,0 +1 @@
+from . import models
diff --git a/mail_activity_restrict/__manifest__.py b/mail_activity_restrict/__manifest__.py
new file mode 100644
index 000000000..91aa97202
--- /dev/null
+++ b/mail_activity_restrict/__manifest__.py
@@ -0,0 +1,16 @@
+{
+    "name": "Mail Activity Write Restriction",
+    "version": "18.0.1.0.0",
+    "category": "Productivity/Mail",
+    "license": "AGPL-3",
+    "author": "Odoo Community Association (OCA)",
+    "website": "https://github.com/OCA/mail",
+    "depends": [
+        "mail",
+    ],
+    "data": [
+        "views/mail_activity_type_views.xml",
+    ],
+    "installable": True,
+    "application": False,
+}
diff --git a/mail_activity_restrict/models/__init__.py b/mail_activity_restrict/models/__init__.py
new file mode 100644
index 000000000..1beace17c
--- /dev/null
+++ b/mail_activity_restrict/models/__init__.py
@@ -0,0 +1,2 @@
+from . import mail_activity_type
+from . import mail_activity
diff --git a/mail_activity_restrict/models/mail_activity.py b/mail_activity_restrict/models/mail_activity.py
new file mode 100644
index 000000000..87a8fcbdd
--- /dev/null
+++ b/mail_activity_restrict/models/mail_activity.py
@@ -0,0 +1,49 @@
+"""Restrict mail.activity modifications to the assigned user."""
+
+from odoo import models
+from odoo.exceptions import AccessError
+
+
+class MailActivity(models.Model):
+    """Extend mail.activity access checks for restricted activity types."""
+
+    _inherit = "mail.activity"
+
+    def _get_can_write_restrict_allowed_activities(self):
+        """Return restricted activities the current user may modify."""
+        return self.sudo().filtered_domain([("user_id", "=", self.env.uid)])
+
+    def _make_can_write_restrict_error(self, operation: str) -> AccessError:
+        """Build the access error raised for restricted activity types."""
+        if len(self) == 1:
+            return AccessError(
+                self.env._(
+                    "You cannot %(operation)s this activity because only "
+                    "the assigned user can modify activities of this type.",
+                    operation=operation,
+                )
+            )
+        return AccessError(
+            self.env._(
+                "You cannot %(operation)s some activities because only their "
+                "assigned user can modify activities of this type.",
+                operation=operation,
+            )
+        )
+
+    def _check_access(self, operation: str) -> tuple | None:
+        """Restrict write-like operations when the activity type requires it."""
+        result = super()._check_access(operation)
+        if operation not in ("write", "unlink") or not self or self.env.su:
+            return result
+
+        restricted = self.filtered("activity_type_id.can_write_restrict")
+        forbidden = restricted - restricted._get_can_write_restrict_allowed_activities()
+        if not forbidden:
+            return result
+
+        if result and not (forbidden - result[0]):
+            return result
+
+        forbidden = result[0] | forbidden if result else forbidden
+        return forbidden, lambda: forbidden._make_can_write_restrict_error(operation)
diff --git a/mail_activity_restrict/models/mail_activity_type.py b/mail_activity_restrict/models/mail_activity_type.py
new file mode 100644
index 000000000..72c2341b4
--- /dev/null
+++ b/mail_activity_restrict/models/mail_activity_type.py
@@ -0,0 +1,18 @@
+"""Extension to mail.activity.type model for write restriction."""
+
+from odoo import fields, models
+
+
+class MailActivityType(models.Model):
+    """Extend mail.activity.type with write restriction control."""
+
+    _inherit = "mail.activity.type"
+
+    can_write_restrict = fields.Boolean(
+        string="Restrict Write to Assigned User",
+        default=False,
+        help=(
+            "If checked, only the assigned user (user_id field) can write/edit "
+            "activities of this type. Other users cannot modify restricted activities."
+        ),
+    )
diff --git a/mail_activity_restrict/pyproject.toml b/mail_activity_restrict/pyproject.toml
new file mode 100644
index 000000000..4231d0ccc
--- /dev/null
+++ b/mail_activity_restrict/pyproject.toml
@@ -0,0 +1,3 @@
+[build-system]
+requires = ["whool"]
+build-backend = "whool.buildapi"
diff --git a/mail_activity_restrict/readme/DESCRIPTION.md b/mail_activity_restrict/readme/DESCRIPTION.md
new file mode 100644
index 000000000..10ab780e3
--- /dev/null
+++ b/mail_activity_restrict/readme/DESCRIPTION.md
@@ -0,0 +1,5 @@
+When the activity type option "Restrict Write to Assigned User" on an activity type is enabled,
+only the assigned user can edit or mark the activity as done.
+
+The restriction is enforced through the activity access check, so it applies
+consistently to write and done flows.
\ No newline at end of file
diff --git a/mail_activity_restrict/readme/USAGE.md b/mail_activity_restrict/readme/USAGE.md
new file mode 100644
index 000000000..cc78c90ce
--- /dev/null
+++ b/mail_activity_restrict/readme/USAGE.md
@@ -0,0 +1,8 @@
+To use this module:
+
+1. Go to Activity Types.
+2. Open the activity type you want to protect.
+3. Enable "Restrict Write to Assigned User".
+4. Save.
+
+From now on, only the assigned user can modify or complete activities of this type.
\ No newline at end of file
diff --git a/mail_activity_restrict/static/description/index.html b/mail_activity_restrict/static/description/index.html
new file mode 100644
index 000000000..9cfe936cf
--- /dev/null
+++ b/mail_activity_restrict/static/description/index.html
@@ -0,0 +1,426 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta name="generator" content="Docutils: https://docutils.sourceforge.io/" />
+<title>Mail Activity Write Restriction</title>
+<style type="text/css">
+
+/*
+:Author: David Goodger (goodger@python.org)
+:Id: $Id: html4css1.css 9511 2024-01-13 09:50:07Z milde $
+:Copyright: This stylesheet has been placed in the public domain.
+
+Default cascading style sheet for the HTML output of Docutils.
+Despite the name, some widely supported CSS2 features are used.
+
+See https://docutils.sourceforge.io/docs/howto/html-stylesheets.html for how to
+customize this style sheet.
+*/
+
+/* used to remove borders from tables and images */
+.borderless, table.borderless td, table.borderless th {
+  border: 0 }
+
+table.borderless td, table.borderless th {
+  /* Override padding for "table.docutils td" with "! important".
+     The right padding separates the table cells. */
+  padding: 0 0.5em 0 0 ! important }
+
+.first {
+  /* Override more specific margin styles with "! important". */
+  margin-top: 0 ! important }
+
+.last, .with-subtitle {
+  margin-bottom: 0 ! important }
+
+.hidden {
+  display: none }
+
+.subscript {
+  vertical-align: sub;
+  font-size: smaller }
+
+.superscript {
+  vertical-align: super;
+  font-size: smaller }
+
+a.toc-backref {
+  text-decoration: none ;
+  color: black }
+
+blockquote.epigraph {
+  margin: 2em 5em ; }
+
+dl.docutils dd {
+  margin-bottom: 0.5em }
+
+object[type="image/svg+xml"], object[type="application/x-shockwave-flash"] {
+  overflow: hidden;
+}
+
+/* Uncomment (and remove this text!) to get bold-faced definition list terms
+dl.docutils dt {
+  font-weight: bold }
+*/
+
+div.abstract {
+  margin: 2em 5em }
+
+div.abstract p.topic-title {
+  font-weight: bold ;
+  text-align: center }
+
+div.admonition, div.attention, div.caution, div.danger, div.error,
+div.hint, div.important, div.note, div.tip, div.warning {
+  margin: 2em ;
+  border: medium outset ;
+  padding: 1em }
+
+div.admonition p.admonition-title, div.hint p.admonition-title,
+div.important p.admonition-title, div.note p.admonition-title,
+div.tip p.admonition-title {
+  font-weight: bold ;
+  font-family: sans-serif }
+
+div.attention p.admonition-title, div.caution p.admonition-title,
+div.danger p.admonition-title, div.error p.admonition-title,
+div.warning p.admonition-title, .code .error {
+  color: red ;
+  font-weight: bold ;
+  font-family: sans-serif }
+
+/* Uncomment (and remove this text!) to get reduced vertical space in
+   compound paragraphs.
+div.compound .compound-first, div.compound .compound-middle {
+  margin-bottom: 0.5em }
+
+div.compound .compound-last, div.compound .compound-middle {
+  margin-top: 0.5em }
+*/
+
+div.dedication {
+  margin: 2em 5em ;
+  text-align: center ;
+  font-style: italic }
+
+div.dedication p.topic-title {
+  font-weight: bold ;
+  font-style: normal }
+
+div.figure {
+  margin-left: 2em ;
+  margin-right: 2em }
+
+div.footer, div.header {
+  clear: both;
+  font-size: smaller }
+
+div.line-block {
+  display: block ;
+  margin-top: 1em ;
+  margin-bottom: 1em }
+
+div.line-block div.line-block {
+  margin-top: 0 ;
+  margin-bottom: 0 ;
+  margin-left: 1.5em }
+
+div.sidebar {
+  margin: 0 0 0.5em 1em ;
+  border: medium outset ;
+  padding: 1em ;
+  background-color: #ffffee ;
+  width: 40% ;
+  float: right ;
+  clear: right }
+
+div.sidebar p.rubric {
+  font-family: sans-serif ;
+  font-size: medium }
+
+div.system-messages {
+  margin: 5em }
+
+div.system-messages h1 {
+  color: red }
+
+div.system-message {
+  border: medium outset ;
+  padding: 1em }
+
+div.system-message p.system-message-title {
+  color: red ;
+  font-weight: bold }
+
+div.topic {
+  margin: 2em }
+
+h1.section-subtitle, h2.section-subtitle, h3.section-subtitle,
+h4.section-subtitle, h5.section-subtitle, h6.section-subtitle {
+  margin-top: 0.4em }
+
+h1.title {
+  text-align: center }
+
+h2.subtitle {
+  text-align: center }
+
+hr.docutils {
+  width: 75% }
+
+img.align-left, .figure.align-left, object.align-left, table.align-left {
+  clear: left ;
+  float: left ;
+  margin-right: 1em }
+
+img.align-right, .figure.align-right, object.align-right, table.align-right {
+  clear: right ;
+  float: right ;
+  margin-left: 1em }
+
+img.align-center, .figure.align-center, object.align-center {
+  display: block;
+  margin-left: auto;
+  margin-right: auto;
+}
+
+table.align-center {
+  margin-left: auto;
+  margin-right: auto;
+}
+
+.align-left {
+  text-align: left }
+
+.align-center {
+  clear: both ;
+  text-align: center }
+
+.align-right {
+  text-align: right }
+
+/* reset inner alignment in figures */
+div.align-right {
+  text-align: inherit }
+
+/* div.align-center * { */
+/*   text-align: left } */
+
+.align-top    {
+  vertical-align: top }
+
+.align-middle {
+  vertical-align: middle }
+
+.align-bottom {
+  vertical-align: bottom }
+
+ol.simple, ul.simple {
+  margin-bottom: 1em }
+
+ol.arabic {
+  list-style: decimal }
+
+ol.loweralpha {
+  list-style: lower-alpha }
+
+ol.upperalpha {
+  list-style: upper-alpha }
+
+ol.lowerroman {
+  list-style: lower-roman }
+
+ol.upperroman {
+  list-style: upper-roman }
+
+p.attribution {
+  text-align: right ;
+  margin-left: 50% }
+
+p.caption {
+  font-style: italic }
+
+p.credits {
+  font-style: italic ;
+  font-size: smaller }
+
+p.label {
+  white-space: nowrap }
+
+p.rubric {
+  font-weight: bold ;
+  font-size: larger ;
+  color: maroon ;
+  text-align: center }
+
+p.sidebar-title {
+  font-family: sans-serif ;
+  font-weight: bold ;
+  font-size: larger }
+
+p.sidebar-subtitle {
+  font-family: sans-serif ;
+  font-weight: bold }
+
+p.topic-title {
+  font-weight: bold }
+
+pre.address {
+  margin-bottom: 0 ;
+  margin-top: 0 ;
+  font: inherit }
+
+pre.literal-block, pre.doctest-block, pre.math, pre.code {
+  margin-left: 2em ;
+  margin-right: 2em }
+
+pre.code .ln { color: gray; } /* line numbers */
+pre.code, code { background-color: #eeeeee }
+pre.code .comment, code .comment { color: #5C6576 }
+pre.code .keyword, code .keyword { color: #3B0D06; font-weight: bold }
+pre.code .literal.string, code .literal.string { color: #0C5404 }
+pre.code .name.builtin, code .name.builtin { color: #352B84 }
+pre.code .deleted, code .deleted { background-color: #DEB0A1}
+pre.code .inserted, code .inserted { background-color: #A3D289}
+
+span.classifier {
+  font-family: sans-serif ;
+  font-style: oblique }
+
+span.classifier-delimiter {
+  font-family: sans-serif ;
+  font-weight: bold }
+
+span.interpreted {
+  font-family: sans-serif }
+
+span.option {
+  white-space: nowrap }
+
+span.pre {
+  white-space: pre }
+
+span.problematic, pre.problematic {
+  color: red }
+
+span.section-subtitle {
+  /* font-size relative to parent (h1..h6 element) */
+  font-size: 80% }
+
+table.citation {
+  border-left: solid 1px gray;
+  margin-left: 1px }
+
+table.docinfo {
+  margin: 2em 4em }
+
+table.docutils {
+  margin-top: 0.5em ;
+  margin-bottom: 0.5em }
+
+table.footnote {
+  border-left: solid 1px black;
+  margin-left: 1px }
+
+table.docutils td, table.docutils th,
+table.docinfo td, table.docinfo th {
+  padding-left: 0.5em ;
+  padding-right: 0.5em ;
+  vertical-align: top }
+
+table.docutils th.field-name, table.docinfo th.docinfo-name {
+  font-weight: bold ;
+  text-align: left ;
+  white-space: nowrap ;
+  padding-left: 0 }
+
+/* "booktabs" style (no vertical lines) */
+table.docutils.booktabs {
+  border: 0px;
+  border-top: 2px solid;
+  border-bottom: 2px solid;
+  border-collapse: collapse;
+}
+table.docutils.booktabs * {
+  border: 0px;
+}
+table.docutils.booktabs th {
+  border-bottom: thin solid;
+  text-align: left;
+}
+
+h1 tt.docutils, h2 tt.docutils, h3 tt.docutils,
+h4 tt.docutils, h5 tt.docutils, h6 tt.docutils {
+  font-size: 100% }
+
+ul.auto-toc {
+  list-style-type: none }
+
+</style>
+</head>
+<body>
+<div class="document" id="mail-activity-write-restriction">
+<h1 class="title">Mail Activity Write Restriction</h1>
+
+<!-- !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!! This file is generated by oca-gen-addon-readme !!
+!! changes will be overwritten.                   !!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!! source digest: sha256:fca1d7f4b556efb27cc73e10028731aabfc09055e8de4512727b28352a6361e3
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
+<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/mail/tree/18.0/mail_activity_restrict"><img alt="OCA/mail" src="https://img.shields.io/badge/github-OCA%2Fmail-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/mail-18-0/mail-18-0-mail_activity_restrict"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/mail&amp;target_branch=18.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
+<p>When the activity type option “Restrict Write to Assigned User” on an
+activity type is enabled, only the assigned user can edit or mark the
+activity as done.</p>
+<p>The restriction is enforced through the activity access check, so it
+applies consistently to write and done flows.</p>
+<p><strong>Table of contents</strong></p>
+<div class="contents local topic" id="contents">
+<ul class="simple">
+<li><a class="reference internal" href="#usage" id="toc-entry-1">Usage</a></li>
+<li><a class="reference internal" href="#bug-tracker" id="toc-entry-2">Bug Tracker</a></li>
+<li><a class="reference internal" href="#credits" id="toc-entry-3">Credits</a><ul>
+<li><a class="reference internal" href="#maintainers" id="toc-entry-4">Maintainers</a></li>
+</ul>
+</li>
+</ul>
+</div>
+<div class="section" id="usage">
+<h1><a class="toc-backref" href="#toc-entry-1">Usage</a></h1>
+<p>To use this module:</p>
+<ol class="arabic simple">
+<li>Go to Activity Types.</li>
+<li>Open the activity type you want to protect.</li>
+<li>Enable “Restrict Write to Assigned User”.</li>
+<li>Save.</li>
+</ol>
+<p>From now on, only the assigned user can modify or complete activities of
+this type.</p>
+</div>
+<div class="section" id="bug-tracker">
+<h1><a class="toc-backref" href="#toc-entry-2">Bug Tracker</a></h1>
+<p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/mail/issues">GitHub Issues</a>.
+In case of trouble, please check there if your issue has already been reported.
+If you spotted it first, help us to smash it by providing a detailed and welcomed
+<a class="reference external" href="https://github.com/OCA/mail/issues/new?body=module:%20mail_activity_restrict%0Aversion:%2018.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
+<p>Do not contact contributors directly about support or help with technical issues.</p>
+</div>
+<div class="section" id="credits">
+<h1><a class="toc-backref" href="#toc-entry-3">Credits</a></h1>
+<div class="section" id="maintainers">
+<h2><a class="toc-backref" href="#toc-entry-4">Maintainers</a></h2>
+<p>This module is maintained by the OCA.</p>
+<a class="reference external image-reference" href="https://odoo-community.org">
+<img alt="Odoo Community Association" src="https://odoo-community.org/logo.png" />
+</a>
+<p>OCA, or the Odoo Community Association, is a nonprofit organization whose
+mission is to support the collaborative development of Odoo features and
+promote its widespread use.</p>
+<p>This module is part of the <a class="reference external" href="https://github.com/OCA/mail/tree/18.0/mail_activity_restrict">OCA/mail</a> project on GitHub.</p>
+<p>You are welcome to contribute. To learn how please visit <a class="reference external" href="https://odoo-community.org/page/Contribute">https://odoo-community.org/page/Contribute</a>.</p>
+</div>
+</div>
+</div>
+</body>
+</html>
diff --git a/mail_activity_restrict/tests/__init__.py b/mail_activity_restrict/tests/__init__.py
new file mode 100644
index 000000000..c1e523861
--- /dev/null
+++ b/mail_activity_restrict/tests/__init__.py
@@ -0,0 +1 @@
+from . import test_mail_activity_restrict
diff --git a/mail_activity_restrict/tests/test_mail_activity_restrict.py b/mail_activity_restrict/tests/test_mail_activity_restrict.py
new file mode 100644
index 000000000..1cfc35125
--- /dev/null
+++ b/mail_activity_restrict/tests/test_mail_activity_restrict.py
@@ -0,0 +1,134 @@
+"""Tests for mail_activity_restrict."""
+
+from odoo.exceptions import AccessError
+from odoo.tests import TransactionCase, new_test_user
+
+
+class TestMailActivityRestrict(TransactionCase):
+    """Test access restrictions on mail.activity."""
+
+    @classmethod
+    def setUpClass(cls):
+        super().setUpClass()
+        cls.partner = cls.env["res.partner"].create({"name": "Test Partner"})
+        cls.partner_model = cls.env["ir.model"]._get("res.partner")
+
+        cls.activity_type_unrestricted = cls.env["mail.activity.type"].create(
+            {
+                "name": "Unrestricted Activity",
+                "can_write_restrict": False,
+            }
+        )
+        cls.activity_type_restricted = cls.env["mail.activity.type"].create(
+            {
+                "name": "Restricted Activity",
+                "can_write_restrict": True,
+            }
+        )
+        cls.user_assigned = new_test_user(
+            cls.env,
+            login="user_assigned@example.com",
+            name="Assigned User",
+            groups="base.group_user",
+        )
+        cls.user_other = new_test_user(
+            cls.env,
+            login="user_other@example.com",
+            name="Other User",
+            groups="base.group_user",
+        )
+
+    @classmethod
+    def _create_activity(cls, activity_type, user):
+        return cls.env["mail.activity"].create(
+            {
+                "activity_type_id": activity_type.id,
+                "res_model_id": cls.partner_model.id,
+                "res_id": cls.partner.id,
+                "user_id": user.id,
+                "summary": activity_type.name,
+                "date_deadline": "2026-12-31",
+            }
+        )
+
+    def test_unrestricted_activity_assigned_user_can_write(self):
+        """Unrestricted activities keep the assignee's default write behavior."""
+        activity = self._create_activity(
+            self.activity_type_unrestricted, self.user_assigned
+        )
+
+        activity.with_user(self.user_assigned).write(
+            {"summary": "Updated by Assigned User"}
+        )
+
+        self.assertEqual(activity.summary, "Updated by Assigned User")
+
+    def test_restricted_activity_assigned_user_can_write(self):
+        """Assigned users may still edit restricted activities."""
+        activity = self._create_activity(
+            self.activity_type_restricted, self.user_assigned
+        )
+
+        activity.with_user(self.user_assigned).write(
+            {"summary": "Updated by Assigned User"}
+        )
+
+        self.assertEqual(activity.summary, "Updated by Assigned User")
+
+    def test_restricted_activity_other_user_cannot_write(self):
+        """Non-assigned users cannot edit restricted activities."""
+        activity = self._create_activity(
+            self.activity_type_restricted, self.user_assigned
+        )
+
+        with self.assertRaises(AccessError):
+            activity.with_user(self.user_other).write(
+                {"summary": "Updated by Other User"}
+            )
+
+    def test_restricted_activity_other_user_cannot_mark_done(self):
+        """Restricted activities also block mark done for other users."""
+        activity = self._create_activity(
+            self.activity_type_restricted, self.user_assigned
+        )
+
+        with self.assertRaises(AccessError):
+            activity.with_user(self.user_other).action_done()
+
+    def test_restricted_activity_assigned_user_can_mark_done(self):
+        """Assigned users may mark restricted activities as done."""
+        activity = self._create_activity(
+            self.activity_type_restricted, self.user_assigned
+        )
+        activity_id = activity.id
+
+        activity.with_user(self.user_assigned).action_done()
+
+        self.assertFalse(self.env["mail.activity"].browse(activity_id).exists())
+
+    def test_restrict_field_default_value(self):
+        """The restriction flag defaults to False."""
+        activity_type = self.env["mail.activity.type"].create(
+            {
+                "name": "Default Activity Type",
+            }
+        )
+        self.assertFalse(activity_type.can_write_restrict)
+
+    def test_restrict_field_can_be_toggled(self):
+        """The restriction flag can be toggled."""
+        activity_type = self.env["mail.activity.type"].create(
+            {
+                "name": "Toggleable Activity Type",
+                "can_write_restrict": False,
+            }
+        )
+        self.assertFalse(activity_type.can_write_restrict)
+
+        # Toggle on
+        activity_type.write({"can_write_restrict": True})
+        self.assertTrue(activity_type.can_write_restrict)
+
+        # Toggle off
+        activity_type.write({"can_write_restrict": False})
+        self.assertFalse(activity_type.can_write_restrict)
diff --git a/mail_activity_restrict/views/mail_activity_type_views.xml b/mail_activity_restrict/views/mail_activity_type_views.xml
new file mode 100644
index 000000000..d3ab5e335
--- /dev/null
+++ b/mail_activity_restrict/views/mail_activity_type_views.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<odoo>
+    <record id="mail_activity_type_view_form_inherit_restrict" model="ir.ui.view">
+        <field name="name">mail.activity.type.view.form.restrict</field>
+        <field name="model">mail.activity.type</field>
+        <field name="inherit_id" ref="mail.mail_activity_type_view_form" />
+        <field name="arch" type="xml">
+            <field name="keep_done" position="after">
+                <field name="can_write_restrict" />
+            </field>
+        </field>
+    </record>
+</odoo>

From 5f4571fa061d122de5b267032d6d9e253b25682a Mon Sep 17 00:00:00 2001
From: Christopher Rogos <crogos@gmail.com>
Date: Thu, 9 Apr 2026 12:40:18 +0000
Subject: [PATCH 2/2] [MIG] mail_activity_restrict: Migration to 19.0

---
 mail_activity_restrict/README.rst             | 16 +++++++-----
 mail_activity_restrict/__manifest__.py        |  2 +-
 .../static/description/index.html             | 26 ++++++++++++-------
 .../tests/test_mail_activity_restrict.py      |  5 +---
 .../views/mail_activity_type_views.xml        |  4 +--
 5 files changed, 30 insertions(+), 23 deletions(-)

diff --git a/mail_activity_restrict/README.rst b/mail_activity_restrict/README.rst
index 9e9ca36e0..342e79f1a 100644
--- a/mail_activity_restrict/README.rst
+++ b/mail_activity_restrict/README.rst
@@ -1,3 +1,7 @@
+.. image:: https://odoo-community.org/readme-banner-image
+   :target: https://odoo-community.org/get-involved?utm_source=readme
+   :alt: Odoo Community Association
+
 ===============================
 Mail Activity Write Restriction
 ===============================
@@ -13,17 +17,17 @@ Mail Activity Write Restriction
 .. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
     :target: https://odoo-community.org/page/development-status
     :alt: Beta
-.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
+.. |badge2| image:: https://img.shields.io/badge/license-AGPL--3-blue.png
     :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
     :alt: License: AGPL-3
 .. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fmail-lightgray.png?logo=github
-    :target: https://github.com/OCA/mail/tree/18.0/mail_activity_restrict
+    :target: https://github.com/OCA/mail/tree/19.0/mail_activity_restrict
     :alt: OCA/mail
 .. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
-    :target: https://translation.odoo-community.org/projects/mail-18-0/mail-18-0-mail_activity_restrict
+    :target: https://translation.odoo-community.org/projects/mail-19-0/mail-19-0-mail_activity_restrict
     :alt: Translate me on Weblate
 .. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
-    :target: https://runboat.odoo-community.org/builds?repo=OCA/mail&target_branch=18.0
+    :target: https://runboat.odoo-community.org/builds?repo=OCA/mail&target_branch=19.0
     :alt: Try me on Runboat
 
 |badge1| |badge2| |badge3| |badge4| |badge5|
@@ -59,7 +63,7 @@ Bug Tracker
 Bugs are tracked on `GitHub Issues <https://github.com/OCA/mail/issues>`_.
 In case of trouble, please check there if your issue has already been reported.
 If you spotted it first, help us to smash it by providing a detailed and welcomed
-`feedback <https://github.com/OCA/mail/issues/new?body=module:%20mail_activity_restrict%0Aversion:%2018.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+`feedback <https://github.com/OCA/mail/issues/new?body=module:%20mail_activity_restrict%0Aversion:%2019.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
 
 Do not contact contributors directly about support or help with technical issues.
 
@@ -79,6 +83,6 @@ OCA, or the Odoo Community Association, is a nonprofit organization whose
 mission is to support the collaborative development of Odoo features and
 promote its widespread use.
 
-This module is part of the `OCA/mail <https://github.com/OCA/mail/tree/18.0/mail_activity_restrict>`_ project on GitHub.
+This module is part of the `OCA/mail <https://github.com/OCA/mail/tree/19.0/mail_activity_restrict>`_ project on GitHub.
 
 You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
diff --git a/mail_activity_restrict/__manifest__.py b/mail_activity_restrict/__manifest__.py
index 91aa97202..0df0a6301 100644
--- a/mail_activity_restrict/__manifest__.py
+++ b/mail_activity_restrict/__manifest__.py
@@ -1,6 +1,6 @@
 {
     "name": "Mail Activity Write Restriction",
-    "version": "18.0.1.0.0",
+    "version": "19.0.1.0.0",
     "category": "Productivity/Mail",
     "license": "AGPL-3",
     "author": "Odoo Community Association (OCA)",
diff --git a/mail_activity_restrict/static/description/index.html b/mail_activity_restrict/static/description/index.html
index 9cfe936cf..fc63ba8d3 100644
--- a/mail_activity_restrict/static/description/index.html
+++ b/mail_activity_restrict/static/description/index.html
@@ -3,7 +3,7 @@
 <head>
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
 <meta name="generator" content="Docutils: https://docutils.sourceforge.io/" />
-<title>Mail Activity Write Restriction</title>
+<title>README.rst</title>
 <style type="text/css">
 
 /*
@@ -360,16 +360,21 @@
 </style>
 </head>
 <body>
-<div class="document" id="mail-activity-write-restriction">
-<h1 class="title">Mail Activity Write Restriction</h1>
+<div class="document">
 
+
+<a class="reference external image-reference" href="https://odoo-community.org/get-involved?utm_source=readme">
+<img alt="Odoo Community Association" src="https://odoo-community.org/readme-banner-image" />
+</a>
+<div class="section" id="mail-activity-write-restriction">
+<h1>Mail Activity Write Restriction</h1>
 <!-- !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !! This file is generated by oca-gen-addon-readme !!
 !! changes will be overwritten.                   !!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 !! source digest: sha256:fca1d7f4b556efb27cc73e10028731aabfc09055e8de4512727b28352a6361e3
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
-<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/mail/tree/18.0/mail_activity_restrict"><img alt="OCA/mail" src="https://img.shields.io/badge/github-OCA%2Fmail-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/mail-18-0/mail-18-0-mail_activity_restrict"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/mail&amp;target_branch=18.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
+<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/license-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/mail/tree/19.0/mail_activity_restrict"><img alt="OCA/mail" src="https://img.shields.io/badge/github-OCA%2Fmail-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/mail-19-0/mail-19-0-mail_activity_restrict"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/mail&amp;target_branch=19.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
 <p>When the activity type option “Restrict Write to Assigned User” on an
 activity type is enabled, only the assigned user can edit or mark the
 activity as done.</p>
@@ -387,7 +392,7 @@ <h1 class="title">Mail Activity Write Restriction</h1>
 </ul>
 </div>
 <div class="section" id="usage">
-<h1><a class="toc-backref" href="#toc-entry-1">Usage</a></h1>
+<h2><a class="toc-backref" href="#toc-entry-1">Usage</a></h2>
 <p>To use this module:</p>
 <ol class="arabic simple">
 <li>Go to Activity Types.</li>
@@ -399,17 +404,17 @@ <h1><a class="toc-backref" href="#toc-entry-1">Usage</a></h1>
 this type.</p>
 </div>
 <div class="section" id="bug-tracker">
-<h1><a class="toc-backref" href="#toc-entry-2">Bug Tracker</a></h1>
+<h2><a class="toc-backref" href="#toc-entry-2">Bug Tracker</a></h2>
 <p>Bugs are tracked on <a class="reference external" href="https://github.com/OCA/mail/issues">GitHub Issues</a>.
 In case of trouble, please check there if your issue has already been reported.
 If you spotted it first, help us to smash it by providing a detailed and welcomed
-<a class="reference external" href="https://github.com/OCA/mail/issues/new?body=module:%20mail_activity_restrict%0Aversion:%2018.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
+<a class="reference external" href="https://github.com/OCA/mail/issues/new?body=module:%20mail_activity_restrict%0Aversion:%2019.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**">feedback</a>.</p>
 <p>Do not contact contributors directly about support or help with technical issues.</p>
 </div>
 <div class="section" id="credits">
-<h1><a class="toc-backref" href="#toc-entry-3">Credits</a></h1>
+<h2><a class="toc-backref" href="#toc-entry-3">Credits</a></h2>
 <div class="section" id="maintainers">
-<h2><a class="toc-backref" href="#toc-entry-4">Maintainers</a></h2>
+<h3><a class="toc-backref" href="#toc-entry-4">Maintainers</a></h3>
 <p>This module is maintained by the OCA.</p>
 <a class="reference external image-reference" href="https://odoo-community.org">
 <img alt="Odoo Community Association" src="https://odoo-community.org/logo.png" />
@@ -417,10 +422,11 @@ <h2><a class="toc-backref" href="#toc-entry-4">Maintainers</a></h2>
 <p>OCA, or the Odoo Community Association, is a nonprofit organization whose
 mission is to support the collaborative development of Odoo features and
 promote its widespread use.</p>
-<p>This module is part of the <a class="reference external" href="https://github.com/OCA/mail/tree/18.0/mail_activity_restrict">OCA/mail</a> project on GitHub.</p>
+<p>This module is part of the <a class="reference external" href="https://github.com/OCA/mail/tree/19.0/mail_activity_restrict">OCA/mail</a> project on GitHub.</p>
 <p>You are welcome to contribute. To learn how please visit <a class="reference external" href="https://odoo-community.org/page/Contribute">https://odoo-community.org/page/Contribute</a>.</p>
 </div>
 </div>
 </div>
+</div>
 </body>
 </html>
diff --git a/mail_activity_restrict/tests/test_mail_activity_restrict.py b/mail_activity_restrict/tests/test_mail_activity_restrict.py
index 1cfc35125..e4178e593 100644
--- a/mail_activity_restrict/tests/test_mail_activity_restrict.py
+++ b/mail_activity_restrict/tests/test_mail_activity_restrict.py
@@ -100,11 +100,8 @@ def test_restricted_activity_assigned_user_can_mark_done(self):
         activity = self._create_activity(
             self.activity_type_restricted, self.user_assigned
         )
-        activity_id = activity.id
-
         activity.with_user(self.user_assigned).action_done()
-
-        self.assertFalse(self.env["mail.activity"].browse(activity_id).exists())
+        self.assertEqual(activity.state, "done")
 
     def test_restrict_field_default_value(self):
         """The restriction flag defaults to False."""
diff --git a/mail_activity_restrict/views/mail_activity_type_views.xml b/mail_activity_restrict/views/mail_activity_type_views.xml
index d3ab5e335..27e8a54bd 100644
--- a/mail_activity_restrict/views/mail_activity_type_views.xml
+++ b/mail_activity_restrict/views/mail_activity_type_views.xml
@@ -5,9 +5,9 @@
         <field name="model">mail.activity.type</field>
         <field name="inherit_id" ref="mail.mail_activity_type_view_form" />
         <field name="arch" type="xml">
-            <field name="keep_done" position="after">
+            <group name="activity_details" position="inside">
                 <field name="can_write_restrict" />
-            </field>
+            </group>
         </field>
     </record>
 </odoo>