This question has been flagged
2 Replies
1759 Views

I will here take the example with sales but i'm looking to extend this to several models.


There are 2 kind of users:

  • The regular ones with the usal groups (group_sale_salesman,...) and usual rules.

  • There are also special groups "secret_user" and "secret_manager" of users.


  1. Regular users shouldn't be able to view "secret_user" sales and other documents.

  2. "secret_user" shouldn't be able to access regular users and other "secret_user" documents.

  3. secret_manager" shouldn't be able to access regular user's document but can see "secret_user"'s one (like group_sale_salesman and salesman_all_leads)

  4. A user needs to be in "secret_manager" and "group_sale_salesman_all_leads" to see all sale orders.

How to make a rule checking if the record was created by a user in "secret_user" and so restrict the access to it ?



Avatar
Discard
Author

I'm nearly envisaging multi-company for this, am I wrong ?

Best Answer

Multi-company might work.  You can authorize users to different companies and also use the Record Rules as you have mentioned in #3.  But it does add some other complexity! 

You might also consider the OCA app for Operating Units. I haven't used it, so this is not a recommendation, but it does allow authorized users to see quotations / sales orders across the Operating Units (similar to the way multi-company works in Odoo 13).

Avatar
Discard