Hi, i am confused in Access Right and Record Rules base on several conditions. I had created Access Right for 3 groups: Password Authentication Password Authentication 30 Low <field name=

Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:

CRM
e-Commerce
Bogføring
Lager
PoS
Projekt
MRP

All apps

All Posts People Emblemer

Tags (View all)

odoo accounting v14 pos v15

Om dette forum

Hjælp

Access Right and Record Rules Issues

odoo8.0

3 Besvarelser

6899 Visninger

12e1121

Hi, i am confused in Access Right and Record Rules base on several conditions.

I had created Access Right for 3 groups:

		<record model="ir.module.category" id="module_category_password">
			<field name="name">Password Authentication</field>
			<field name="description">Password Authentication</field>
			<field name="sequence">30</field>
		</record>
		<record id="password_user_id" model="res.groups">
			<field name="name">Low</field>
			<field name="category_id" ref="module_category_password"></field>
			<field name="comment">Low Permission can only view password.</field>
		</record>
		
		<record id="password_officer_id" model="res.groups">
			<field name="name">Medium</field>
			<field name="category_id" ref="module_category_password"></field>
            <field name="implied_ids" eval="[(4, ref('password_user_id'))]"/>
			<field name="comment">Medium Permission will have certain right for Password Authentication.</field>
		</record>
		
		<record id="password_manager_id" model="res.groups">
			<field name="name">High</field>
			<field name="category_id" ref="module_category_password"></field>
            <field name="implied_ids" eval="[(4, ref('password_officer_id'))]"/>
			<field name="comment">High Permission will have all access right for Password Authentication.</field>
		</record>

The columns created:

    _columns = {
		'account_name': fields.char('Account Name', required=True),
		'username': fields.char('Username/Email', required=True),
		'password': fields.char('Password', required=True),
        'confirm_password': fields.char('Confirm Password', required=True),
		'confidential_level': fields.selection([("High", "High"), ("Medium", "Medium"), ("Low", "Low")], 'Confidential Level', required=True), 
		'security_question': fields .text('Security Question'),
        'note': fields .text('Note'),
    }

The ir.model.access:

id,name,model_id/id,group_id/id,perm_read,perm_write,perm_create,perm_unlink

access_password_authentication_manager,password.authentication.manager,model_password_authentication,password_manager_id,1,1,1,1

access_password_authentication_officer,password.authentication.officer,model_password_authentication,password_officer_id,1,1,1,1

access_password_authentication_user,password.authentication.user,model_password_authentication,password_user_id,1,0,0,0

My conditions needed in this custom module are:

High - Have all access

Medium - Can create, view, edit, delete low and medium confidential level password

Low - Only can view Low Confidential Password

Low and High Group is working perfectly. However, for medium group it is not working, it seems that the High Confidential is not view-able (it should be viewable but not editable).

The Record Rule added:

		 <record model="ir.rule" id="module_category_password_rule">
				 <field name="name">Password Rule Medium</field>
				 <field name="model_id" ref="model_password_authentication"></field>
				 <field name="groups" eval="[(4,ref('password_officer_id'))]"></field>
				 <field name="domain_force">[('confidential_level', '!=', 'High')]</field>
				 <field eval="0" name="perm_write"></field>
				 <field eval="1" name="perm_read"></field>
				 <field eval="1" name="perm_unlink"></field>
				 <field eval="1" name="perm_create"></field>
		 </record>

Can someone please advise? Thank you.

12e1121

Forfatter

I might need to post my correction. Odoo does not let me edit my post.

My problems are:

High: Can't view high confidential password (It should be view-able)

Medium: Can't view high confidential password, can't edit medium and low confidential password (it should be view-able and not editable in High, editable in Medium and Low)

Low: Works perfectly

Fatih Piristine

Bedste svar

for medium, you may need to apply some rules on views / window actions. I had run into similar issue and found solution that way. it is messy but not impossible.

12e1121

Forfatter

Thanks FP! You ignited me the ideas! Here is what i did for my solution and i hope can helps those who have same issue like me:

- Remove Record Rules.

-Added on_change method for my confidential_level field (Very similar to states, but in this case the "states" can be edit based on user's group)

    def onchange_confidential_level (self, cr, uid, ids, confidential_level, context = None):
        warning = False
        result = {}
        warning_msgs = ''
        models_user = self.pool.get ('res.users')
        confidential_level_db = self.browse (cr, uid, ids) .confidential_level
        if confidential_level == "High":
            # Check if Confidential Level is High and user group
            flag = models_user.has_group (cr, uid, 'password_authentication.password_manager_id')
            if not flag:
                warning_msgs = 'You have no permission to edit the confidential level.'
                result ['confidential_level'] = confidential_level_db
        else:
            if confidential_level_db == "High":
				# Check if Confidential Level is High and user group
                flag = models_user.has_group (cr, uid, 'password_authentication.password_manager_id')
                if not flag:
                    warning_msgs = 'You have no permission to edit the confidential level.'
                    result ['confidential_level'] = confidential_level_db
        if warning_msgs:
            warning = {
                       'title': _ ('Warning'),
                       'message': warning_msgs
                    }					
        return {'value': result, 'warning': warning}

The on_change method restricted medium user to edit High Confidential Level password.

Enjoying the discussion? Don't just read, join in!

Create an account today to enjoy exclusive features and engage with our awesome community!

Tilmeld dig

Related Posts	Besvarelser	Visninger
how to implement joint piece in odoo 8 in one view odoo8.0	0 apr. 24	2700
what is the reason behind extra move? in stock odoo8.0	4 nov. 23	6881
How to solve fields.function issue in odoo 8 odoo8.0	0 okt. 23	2692
how to restrict create and delete access in one2many field tree view odoo8.0	0 dec. 22	3434
odoo8 How to pass parameters in the URL ? Løst odoo8.0	2 dec. 23	20823

Dette spørgsmål er blevet anmeldt

Enjoying the discussion? Don't just read, join in!