Skip to Content
This question has been flagged
Odoo17
2 Replies
6965 Views
Avatar
Happy Hoister Inc, Anton

I find very confusing to learn access right and record rules. Is there any way to easily learn the functions of every access rights and record rules? There's no definition of the functionalities. 

What i want to implement is that, under one department there is a multiple officers,
Sales, Accounting, Procurement, etc; And in every department there's this Manager, officer and staff. So the level of access and what they can do about, depends on their specific role. 


  • Manager, can only modify, create, and configure.
  • Officer, can only modify, create, and can view more part of the module.
  • Staff, can only modify, input and can view some port of the module.

And every department, they can only access the specific module they need for their department. 

e.g: Sales team cannot access the accounting's team module, but accounting's team can access the Sales module. 

Avatar
Discard
Avatar
Marc Durepos
Best Answer

Hi Anton,

In order to implement what you describe you will likely want to create three groups to delineate your Manager, Officer and Staff roles.

From there, you'll create access rights that allow members of these groups to either read, write (modify), create or delete records of specific models. You will need to identify all the models that you want to allow each group to have access to. From your description, I am guessing this will be Employee (hr.employee), Time Off (hr.leave), Expense (hr.expense) and/or a number of others. You need one access right per group per model to grant access.

Once you have given access rights to your different groups (very general - applies to all records in a model), you can refine things further by adding Record Rules. Record rules restrict access already granted by access rights Record rules are what you would use to restrict access based on the department a given user belongs to, for example. You will use domains to define the scope of records on which the read/write/create/delete permissions should be granted for each user.

Record rules can be a little confusing to implement, so I would strongly recommend you read the documentation on Security in Odoo​ before moving on to this part.​ I would also recommend that you have a look at existing Record Rules by navigating to Settings > Technical > Security > Record Rules (or just type "record rules" in the app switcher). You'll need to have turned on the developer (debug) mode to see record rules. Have a look at some of the existing rules with "employee" or "time off" in the name to get some inspiration.

If you run into any more specific hurdles, let us know and we'll try to help you solve whatever problems you run into. 

Good luck! Oh, and ... don't give up. Access Rights and Record Rules are super powerful tools once you understand how to use them. The knowledge you gain will be very useful as you continue to use Odoo.

Avatar
Discard
Avatar
Cybrosys Techno Solutions Pvt.Ltd
Best Answer

Hi,

Please refer to the following blogs and videos for an understanding record rules and access rights:

https://www.cybrosys.com/blog/how-to-create-record-rules-in-odoo-17

https://www.cybrosys.com/odoo/videos/technical/security-groups-and-access-rights-in-odoo-17


Hope it helps.

Avatar
Discard
Related Posts Replies Views Activity
Displaying Many2one field on mobile devices identical to desktop view in Odoo 17
Odoo17
Avatar
Avatar
1
Jul 25
2607
Update the discount in POS order
Odoo17
Avatar
0
Nov 24
2821
New employee Button in POS
Odoo17
Avatar
0
Oct 24
3521
ADD new group under other
Odoo17
Avatar
Avatar
1
Oct 24
4100
Odoo 17 kanban second Progress bar
Odoo17
Avatar
0
Oct 24
2754