Skip to Content
This question has been flagged
1 Reply
1490 Views
Avatar
luna_22

Hello everyone,

I developed a simple custom module which has three fields:

start_date=fields.Datetime(string="Start Date")
end_date=fields.Datetime(string="End Date")
current_user = fields.Many2one('res.users', 'Current User', default=lambda self: self.env.user)

I want for this model that every user can read/write/create/unlink all his records, while he can only read other people's records.

I create these two rules in security.xml

   id="user_group_tout" model="ir.rule">
    name="name">Change his own info
    name="model_id" ref="model_lab_calendar"/>
    name="domain_force">[('current_user.id', '=', user.id)]
           name="perm_read" eval="True"/>
    name="perm_write" eval="True"/>
    name="perm_create" eval="True"/>
    name="perm_unlink" eval="True"/>



       id="read_tout" model="ir.rule">
    name="name">Read all
    name="model_id" ref="model_lab_calendar"/>
    name="domain_force">[('current_user.id', '!=', user.id)]
           name="perm_read" eval="True"/>
    name="perm_write" eval="False"/>
    name="perm_create" eval="True"/>
    name="perm_unlink" eval="False"/>

Thank you for your help

Avatar
Discard
Avatar
Cybrosys Techno Solutions Pvt.Ltd
Best Answer

Hi,

I tried your code and no records were visible in the tree view. Hope you have the same issue.
Now, you can achieve your requirement: read & create to all records and all access to self records, by adding the group in the rule. When I added the access right for the model 'lab.calendar' I have given all permissions to the Internal Users Group(base.group_user) in the CSV file. So, I have added the same group in the rule. If you have used any custom group to set access rights for this model, use that group in the rule replacing the 'base.group_user'.

<record id="lab_calendar_rule_self_record" model="ir.rule">


    <field name="name">Change his own info</field>


    <field name="model_id" ref="model_lab_calendar"/>


    <field name="domain_force">[('current_user.id', '=', user.id)]</field>


    <field name="groups" eval="[(4,ref('base.group_user'))]"/>


    <field name="perm_read" eval="True"/>


    <field name="perm_write" eval="True"/>


    <field name="perm_create" eval="True"/>


    <field name="perm_unlink" eval="True"/>


</record>



<record id="lab_calendar_rule_other_record" model="ir.rule">


    <field name="name">Read all</field>


    <field name="model_id" ref="model_lab_calendar"/>


    <field name="domain_force">[('current_user.id', '!=', user.id)]</field>


    <field name="groups" eval="[(4,ref('base.group_user'))]"/>


    <field name="perm_read" eval="True"/>


    <field name="perm_write" eval="False"/>


    <field name="perm_create" eval="True"/>


    <field name="perm_unlink" eval="False"/>


</record>


Regards

Avatar
Discard
luna_22
Author

Thank you for your answer, I'm a bit new to security rules in Odoo, I figured it out later, Thank you