Přejít na obsah
You need to be registered to interact with the community.
All Posts Lidé Odznaky
Štítky (View all)
odoo accounting v14 pos v15
O tomto fóru
This question has been flagged
security
1 Odpovědět
8432 Zobrazení
Avatar
Tyler K

I have a module I'm developing that allows users to submit Change Requests. All Change Requests must be visible to all users, but only the owner of a Change Request is allowed to edit that specific Change Request.

How can I implement this using Odoo's security mechanisms?

Right now, I have defined an access rule as follows (note that the group is empty to specify default employees group)...

id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
document_app_change_request_user,document_app.change_request.user,model_document_app_change_request,,1,1,1,1

Also, I have defined a record rule as follows..

<record id="document_app_change_request_user_rule" model="ir.rule"
<field name="name">Change Request: Write permission for owners only.</field>
<field name="model_id" ref="model_document_app_change_request"/>
<field name="perm_write" eval="1"/>
<field name="domain_force">[('create_uid','=',user.id)]</field>
<field name="groups" eval="[(4, ref('base.group_user'))]"/>
</record>

Avatar
Zrušit
luna_22

Hello, please if you found a solution, kindly share it, I have the same problem.
Thank you.

Avatar
Krimi Shah
Nejlepší odpověď

Hi Tyler,

According me, you need to make two types of users. One who is User and other one is Manager.

So as per the users, record rules will be applied. Below is the code which you can refer.

<!-- Record Rule: Property Managers -->
<record id="property_rule_manager" model="ir.rule">
	<field name="name">Property Manager</field
	<field name="model_id" ref="model_property"/>
	<field name="domain_force">[(1,'=',1)]</field>
        <field name="groups" eval="[(4,ref('hr.group_hr_manager')), (4,ref('hr.group_hr_user'))]"/>
        <field name='perm_create' eval='True'/>
        <field name='perm_read' eval='True'/>
        <field name='perm_unlink' eval='True'/>
        <field name='perm_write' eval='True'/>
</record>

<!-- Record Rule: for User -->
<record id="property_rule_user" model="ir.rule">
	<field name="name">Property User</field>
	<field name="model_id" ref="model_property"/>
	<field name="domain_force">[('partner_id','=',user.partner_id.id)]</field>
	<field name="groups" eval="[(4,ref('base.group_user'))]"/>
	<field name='perm_create' eval='False'/>
        <field name='perm_read' eval='True'/>
        <field name='perm_unlink' eval='False'/>
        <field name='perm_write' eval='False'/>
</record>
Avatar
Zrušit
Tyler K
Autor

Thanks for your response.

I'm not sure that your solution addresses my requirements. I need users to have write/delete access to the Change Requests they create; however, if someone else creates a Change Request, then the user should only have read access.

I guess what I'm trying to achieve is sort of like a post on social media. Users can edit their own posts, but they can't edit the posts of other users. This is the behavior I'm looking for.

Related Posts Odpovědi Zobrazení Aktivita
what is the differance between access right and record rules in odoo ? Vyřešeno
security
Avatar
Avatar
Avatar
Avatar
Avatar
5
zář 25
13868
User Session Bug.
security
Avatar
0
čvn 25
622
How to resolve the Access Error issue?
security
Avatar
0
led 25
1773
Lock/unlock feature in Transfers
security
Avatar
0
led 25
1818
User Access Restriction by IP in Odoo Vyřešeno
security
Avatar
Avatar
1
pro 24
2439