Přejít na obsah
Menu
You need to be registered to interact with the community.
This question has been flagged

Hi all,

I've faced the problem between record rules and access rights. This is as below:

I have 1 groups "user" in my model with perm_read,perm_write,perm_create,perm_unlink as 1,1,1,0

I have 2 record rules for this group as:

edit only own record: 

  • domain_force: [('user_id','=',user.id)]

  • perm_read,perm_write,perm_create,perm_unlink as 1,1,1,0

Read only other record:

  • domain_force: [('user_id','!=',user.id)]

  • perm_read,perm_write,perm_create,perm_unlink as 1,0,0,0

My problem is: I can edit whole the record and it does not apply my created rules.

What's wrong with my setting?

Can anyone help me.

Many thanks in advance

Avatar
Zrušit
Autor Nejlepší odpověď

I got the anwser:

Boolean fields (read, write, create, delete) of ir.rule mean Apply this rule for this kind of operation. They do not mean restrict access for this kind of operation. 

Avatar
Zrušit

hey

the question remains anyway.

how can we restrict access for a special kind of operation ?

(restrict fields per user per object ?)

Related Posts Odpovědi Zobrazení Aktivita
1
čvn 22
4276
2
led 24
2367
2
úno 21
2180
2
čvn 24
3070
0
úno 24
1149