From 89067fab2c9e8815c8573cdd8d01ee9eb671b925 Mon Sep 17 00:00:00 2001
From: pol <pol.reig@qubiq.es>
Date: Tue, 21 Nov 2023 09:55:36 +0100
Subject: [PATCH] [IMP] base_user_role: users validation

---
 base_user_role/models/role.py | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/base_user_role/models/role.py b/base_user_role/models/role.py
index 65d965224..8f06400ce 100644
--- a/base_user_role/models/role.py
+++ b/base_user_role/models/role.py
@@ -4,6 +4,7 @@
 import logging
 
 from odoo import SUPERUSER_ID, _, api, fields, models
+from odoo.exceptions import ValidationError
 
 _logger = logging.getLogger(__name__)
 
@@ -129,6 +130,16 @@ def show_model_access_ids(self):
         action["domain"] = [("id", "in", self.model_access_ids.ids)]
         return action
 
+    @api.constrains("line_ids")
+    def restriction_users_role(self):
+        for role in self:
+            admin_role = self.env.ref("base.user_admin")
+            users = role.line_ids.mapped("user_id")
+            if admin_role in users:
+                raise ValidationError(
+                    _("You cannot add the administrator user to the users role.")
+                )
+
 
 class ResUsersRoleLine(models.Model):
     _name = "res.users.role.line"