Hello,

Im using Odoo17 and I'm trying to apply a record rule with this domain to be used by internal non-admin users, so an user can only access to those created by the same company. I'm using a group and within I've already gave Users and Contacts rights:

[ '|',  ('user_id', '=', user.id), ('create_uid.company_id', '=', user.company_id.id)]

It actually works in terms of filtering but it creates an error:

Forbidden Uh-oh! It seems he's stumbled upon some top-secret records. Sorry, test_n1 (id=8) does not have 'read' access right to: - User (res.users) If you really need access, maybe you can win over your friendly manager with a batch of freshly baked cookies. Implicitly accessed via 'User' (res.users). 

If I'm already logged it throws this error:

Access error Uh-oh! It seems he's stumbled upon some top-secret records. Sorry, test_n1 (id=8) does not have 'read' access right to: - Contact (res.partner) If you really need access, maybe you can win over your friendly manager with a batch of freshly baked cookies. 

How can I make it work without having conflicts with res.users?