Odoo security: Deny all rule and allow only to specific users/groups? Implement security like a filesystem - is it possible with record rules and access rules?

Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:

CRM
e-Commerce
Accounting
Inventory
PoS
Project management
MRP

Take the tour

Posts People Badges

Tags View all

odoo accounting v7 pos invoice

About this forum

Help

Odoo security: Deny all rule and allow only to specific users/groups? Implement security like a filesystem - is it possible with record rules and access rules?

3568 Views

security record_rules filesystem ACL Odoo13.0

Fernando Gomes

I am trying to implement an ACL system in Odoo 13 like a filesystem:

- Folder;
- Document.

Each folder have documents and/or sub-folders.

Each folder has a parent_id. We can navigate through them just like a filesystem.

How can I implement security using record rules or access rules?

- Access rules allow me to specify permissions over an object type only, not specific objects;
- Record Rules allow me to add additional security restrictions to some combination of group, model and domain.

I cannot, however, find a way to implement a rule like "No one has access to Folders or Documents" so that I can then implement specific rules over some folders and some documents.

Has anyone done this or can anyone give me some pointers on how to best implement this?

I would like to also implement some kind of inheritance (folder permissions applied to all subfolders and documents).

Thank you

Chris TRINGHAM

Is this a question about the Documents app in Odoo?

This question has been flagged