Hi - I'm running OpenERP 7 on Ubuntu Server 12.04. I have installed HR, HR_Contracts, Project Management, CRM, Accounting & Finance, Document Management, Employee Appraisals, and a few other modules. I have LDAP authentication working with AD, with LDAP_Populate also working.
I've created and linked employee records to the relevant users, and have started to setup Employee Contracts for each employee with PDF attachments of their actual employment contracts (does anyone know if these appear anywhere in Knowledge Management? It would appear not, but thought I would check!).
If I add attachments to the Employee records directly (i.e. not under Contracts), these are visible to all HR / Employees - so I would like to setup some directories to store employee files that are accessible only by the employee, their line manager, and HR / Officers and HR / Managers, but separate from the Contracts (i.e. I want them to be visible in Knowledge Management to users with the correct permissions, and hence accessible via the FTP service).
In Knowledge Management I have setup the following directory structure:
- HR (Type: Static Directory; Parent: Documents)
Staff Files (Type: Folders per Resource; Parent: HR; Resource Model: Employee)
- T&C (Type: Static Directory; Parent: Staff Files)
- Disciplinary (Type: Static Directory - Parent: Staff Files)
I have added the HR / Officer and HR / Manager groups to the Security tab for the directories HR, T&C, and Disciplinary.
I have (internal) FTP access working and can attach via Windows Explorer in Windows 7, and if I connect as a user who is a member of the HR / Officer (or HR / Manager) group, I can see the directory structure above in Explorer. Copying files to one of the directories above results in them being attached to the relevant employee record. They are not visible to anyone who is not a member of the HR / Officer or HR / Manager groups.
I would like to add access to the T&C directory to the Employee, their Line Manager in addition to the HR / Officer and HR / Manager groups; likewise, I'd like the Line Manager to be able to see the Disciplinary directory, but not the employee.
Is that possible? It feels like it should be possible via a combination of the Knowledge > Directories > Security
, and the Settings > Groups > *Group_Name* > Access Rights
tabs, but I can't find any documentation that shows how to setup access controls on new directory structures for individual users.
Thanks in advance!