Skip to Content
This question has been flagged
settingsaccessrightsadministrator
2 Replies
2783 Views
Avatar
Mihail Tsvetkov

The issue described below is experienced on Odoo 12 CE.

The default Administrator, who is created upon DB creation is of type Administrator/Settings. For simplicity we name it User1. User1 creates User2. User1 gives Administrator/Access Rights to User2. Now User2 is able to:

- Delete User 1 ?!?!

- Self promote to Administrator/Settings ?!?!

How can we prevent User2 from both actions above and thus secure User1?

Thank you in advance for any suggestions.

Avatar
Discard
Avatar
Mihail Tsvetkov
Author Best Answer

Balvant, you are wrong my friend! I have tested it 100 times and it always happens. Now check the screen shots in the exact order. Fresh Odoo12 CE. At the end Administrator is deleted and gone...

https://prnt.sc/przud5
https://prnt.sc/przums
https://prnt.sc/przuyv
https://prnt.sc/przvax
https://prnt.sc/przvmv
https://prnt.sc/przvz8
https://prnt.sc/przw8y
https://prnt.sc/przwhy

So, please feedback is necessary...how to secure Administrator account !!!

Avatar
Discard
Avatar
Balvant Ramani
Best Answer

There is no chance to Delete Administrative account in odoo. Odoo does not allow. so don't worry about it

Avatar
Discard
Related Posts Replies Views Activity
Admin rights changed in error Solved
rights administrator
Avatar
Avatar
2
Oct 24
131
Custom Access Rights are not visible in normal mode, Only visible under Developer mode (v16)
access rights
Avatar
0
Aug 23
6
How to learn Access Rights
access rights
Avatar
Avatar
Avatar
2
Nov 22
1329
In a project only the admin can see the team members but the user can't
access rights
Avatar
Avatar
2
Mar 15
2966
The requested operation cannot be completed due to security restrictions. Please contact your system administrator. document type: users, operation:read.
error access rights
Avatar
Avatar
1
Mar 22
1590