In execute code; When the employee click the "submit" button:

 Pipeline Stages: New Request > For Approval > On Progress > Done

First, the form will proceed to next stage and be locked, or cannot be updated or edit the fields filled up by the employee, even the manager (only the Administrator group can edit it).

Second, it will notify employee's department head and the management person, asking for their approval or signature.

Third, the submit button will disappear, and the "Approve" button will show up (hide in employee), only to a user who are a department head and management personnel. The button must verify if the person who click are the department head of the requestor and a management personnel.

Since the request form is needed the approval of 2 (requestor's dept head and mgmt personnel).

field_names = ['x_studio_position', 'x_studio_department', 'x_studio_read', 'x_studio_write', 'x_studio_create', 'x_studio_delete', 'x_studio_reason_and_justification']  # Replace with your field names

fields = env['ir.model.fields'].sudo().search([('model', '=', 'x_access_request'), ('name', 'in', field_names)])


group_id = env.ref('__export__.res_groups_183_e7aae201').id  
model_id = env['ir.model'].sudo().search([('model', '=', 'x_access_request')]).id
access = env['ir.model.access'].sudo().search([('model_id', '=', model_id), ('group_id', '=', group_id)])
if not access:
    access = env['ir.model.access'].sudo().create({
        'name': 'Access Rights for Group',
        'model_id': model_id,
        'group_id': group_id,
    })

for field in fields:
    access.sudo().write({
        'perm_read': [(4, field.id)]
    })