I have a model/table containing the user ID as a property to restrict information to a specific user. A simple definition of the table looks like the following:
| id | title | product_id | user_id |
| 1 | Foo | 100 | 10 |
| 2 | Bar | 101 | 11 |
| 3 | Foo | 100 | 10 |
| 4 | Bar | 101 | 11 |
We assume the name of this model is "baz".
I have a one2many property "baz" in another model refering to the "baz" model on its product_id:
baz = fields.One2many('baz', 'product_id')
If I would now search for each product that is within a specific search (like IN (100,101) ) I would get the rows 1-4. But how should I do if I only want to get the rows that belongs to the current user, defined in the user_id column? How can I achieve that this information is used for extra filtering?
I've tried to make use of the domain attribute in a properties definition to make a more detailed search based on the user_id field:
baz = fields.One2many('baz', 'product_id', domain="[('user_id', '=', " + self.env.user.id + ")]")
But there is no access to the self information at the properties definition.
How can I do it or there other ways to restrict information to a user?
For more detail: the data are directly written in the read() method of the model just before the data are accessed to get the freshest information. To avoid that another process writes the same information we hold the data per user and only want to show his particular information that were previously inserted.
(I'm using odoo v8)
Is there a reason why you're making such a complex setup though? Why don't you just create security rules with domains where people can only see, edit or delete records that are from theirselfes for example? This looks like overengineering.
On a sidenote: I think (untested) that you can access it with env.user.id instead of self.env.user.id.