How to implement access rights to a controller route using security group in odoo13?

Question

Hi All,
I found an URL /web/tests ​ in Odoo default addon. Now this route is accessible to all internal users. i need to limit this access to some users who belong to a particular security group.
I tried below steps:
Created a new group Added some employees to this group Created a new Record rule for the model of ir.http ​ In the domain field of the Record rule, i added the desired URL, /web/tests ​ And i logged in as a user who does not belong to the above-mentioned group. But still, the user c

Savya Sachin · Answer

Hi,
You can try creating a custom decorator and use it in routes,
from odoo import http
from odoo.http import request
class TestController(http.Controller):
@http.route ( '/web/tests' ,  type = 'http' ,  auth = 'user' )
@check_user_groups ( 'your_module.your_group' )
def  tests ( self , **kw):
​#Your controller
Now you have to create the custom decorator,
from functools import wraps
from odoo.exceptions import AccessError
def  check_user_groups ( group_xml_id ):
​def  decorator (func):
​ 	 ​@wra

Related Posts	Replies	Views
Odoo 13 installation won't let me tick the PostgreSQL and 500 internal server error odoo Odoo13.0 odoo13.0	1 Sep 20	5899
how add portal chatter odoo 13 chatter odoo odoo13.0	0 Jul 20	5678
How to do record rule for same object with different menu Solved rules record_rules odoo	1 Jul 19	7371
Record rule error!!! security record_rules odoo	8 May 15	5603
Where is this function being called? javascript js odoo odoo13.0	0 Nov 23	2749

This question has been flagged

Enjoying the discussion? Don't just read, join in!