Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:

CRM
e-Commerce
Bogføring
Lager
PoS
Projekt
MRP

All apps

All Posts People Emblemer

Tags (View all)

odoo accounting v14 pos v15

Om dette forum

Hjælp

How to restrict modification for some user

security rights restrict access_rules odooV8

2 Besvarelser

10951 Visninger

Dewilde Valentin

I have a module that store the publication of a group of person and i want to restrict the "write" permission for the person who create the publication.

Here is my situation :

-Publications must be creatable and readable for all user

-Publications must be editable just for the one who create it

-Publication must be manageable (read, write, create and delete) for member of a group.

I made some research and it seem that restrict on user who don't have a group is a bit difficult. Well is there a way i didn't see ?

Thanks

Brett Lehrer

Bedste svar

You can accomplish this by inheriting the write() function of the publication model. Give everyone write access initially, then restrict it back down if they're not the creator or in the management group. I'll assume your module is called "publication_module" and the publications model itself is named "my.publication".

First, you'll need a management group defined:

 <record id="group_publication_manager" model="res.groups">
    <field name="name">Publication Manager</field>
    <field name="users" eval="[(4, ref('base.user_root'))]"/>
</record>

By default, I'm assuming that the built-in "admin" user (uid=1) is a Publication Manager.

Your ir.model.access.csv file would include lines for model_my_publication for general users and for managers:

id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
security_publication_user,security.publication.user,model_my_publication,base.group_user,1,1,1,0
security_publication_manager,security.publication.manager,model_my_publication,publication_module.group_publication_manager,1,1,1,1

Finally, the inherited write() function. If the user isn't a member of the management group, check if there are any records among the ones they're attempting to edit that were created by a different user, and raise an error if any are found:

 def write(self, cr, uid, ids, values, context=None):
    """User must be a member of the management group or the creator of the publication to edit it"""
    if context is None: context = {}
    if not self.pool['res.users'].has_group(cr, uid, 'publication_module.group_publication_manager'):
        # Find any instances of the current user not being the creator of the given ids
        cr.execute("""select 1
                from my_publication
                where id in %s and create_uid <> %s""", (tuple(ids), uid,))
        if bool(cr.fetchone()):
            raise orm.except_orm("Error", "You can only edit your own publications!")
    return super(my_publication, self).write(cr, uid, ids, values, context=context)

Dewilde Valentin

Forfatter

Sorry for the late response.

Thank you, your solution work absolutely fine. I work with the new api (v8) so i make some modification about your implementation but its exactely the same. I give your solution in the new api for people who want to know how to do this :

@api.one
def write(self, vals):
	# Check if user is not member of management's group
	if not self.env['res.users'].has_group(
                'publication_module.group_publication_manager'):
		# Test if user is not the creator
		# (and if the template is in edit mode)
		if self.create_uid and not (self.env.uid==self.create_uid.id):
			raise exceptions.ValidationError(
				_("You don't have the permission to edit this template"))
	indicator = super(Indicator, self).write(vals)
	return indicator

Enjoying the discussion? Don't just read, join in!

Create an account today to enjoy exclusive features and engage with our awesome community!

Tilmeld dig

Related Posts	Besvarelser	Visninger
Security rights model within OdooV8 security edit forms rights odooV8	0 jan. 16	3474
Is it possible to restrict access to certain warehouses based on username/login? security access_rules	1 jan. 17	3858
Give access to odoo model in access controls list give "No matching record found for external id" Løst security access_rules	1 jul. 16	8395
superuser rights for another user security access_rules	3 dec. 23	22625
Access Rules in odoo 8 access_rules odooV8	1 maj 15	6284

Dette spørgsmål er blevet anmeldt

Enjoying the discussion? Don't just read, join in!