Odoo Help

Welcome!

This community is for beginners and experts willing to share their Odoo knowledge. It's not a forum to discuss ideas, but a knowledge base of questions and their answers.

0

Access Denied by ACLs

By
Antoine Louiset
on 9/9/13, 11:15 AM 3,117 views

Hi,

I would like to add a field in the res.partner model but I want to add a group so that just user of this group could access to this field. Here's my code :

class res_partner(osv.osv): _name = 'res.partner' _inherit = 'res.partner'

_columns = {
    'x_ys_test':fields.char('test',size=64,groups='test.group_test'),
}

res_partner()

"test" is the name of my module, I add the group in openERP without any problem. When I try to access to the res.partner form with a user who is not part of the group "test.group_test", I have got this error in the log file :

WARNING openerp openerp.osv.orm: Access Denied by ACLs for operation: read, uid: 4, model: res.partner, fields: x_ys_test ERROR openerp openerp.netsvc: Access Denied The requested operation cannot be completed due to security restrictions. Please contact your system administrator.

(Document type: Partner, Operation: read) Traceback (most recent call last): File "/opt/openerp/server/openerp/netsvc.py", line 289, in dispatch_rpc result = ExportService.getService(service_name).dispatch(method, params) File "/opt/openerp/server/openerp/service/web_services.py", line 614, in dispatch res = fn(db, uid, params) File "/opt/openerp/server/openerp/osv/osv.py", line 169, in execute_kw return self.execute(db, uid, obj, method, *args, *kw or {}) File "/opt/openerp/server/openerp/osv/osv.py", line 125, in wrapper raise except_osv(inst.name, inst.value) except_osv: (u'Access Denied', u'The requested operation cannot be completed due to security restrictions. Please contact your system administrator.\n\n(Document type: Partner, Operation: read)')

When I try to access to the same form with a user who is part of the group, no error.

I want to avoid users who are not of this group to access to this field but they should access to all other fields of res.partner. It is not the case.

I certainly miss something !

Thanks a lot !

0
Antoine Louiset
On 9/9/13, 8:29 PM

Ok, so I think it's ok for me by using read and write options directly in fields, here's the result :

_columns = { 'x_ys_test':fields.char('test',size=64,read=['base.group_sale_salesman'],write=['test.group_test']), }

Users from 'base.group_sale_salesman' could read this field but can not modify it. Users have to be part of "test.group_test" to write it !

This type of error comes up again and again. If not "admin" I can sometimes, and sometimes not, create new Projects, Add New Users, etc. It appears from your answer that the ACL lists need to be fully explained and sometimes used rather than simple User and Module config in Settings.

Landis Arnold
on 10/14/13, 2:13 PM

Your Answer

Please try to give a substantial answer. If you wanted to comment on the question or answer, just use the commenting tool. Please remember that you can always revise your answers - no need to answer the same question twice. Also, please don't forget to vote - it really helps to select the best questions and answers!

About This Community

This community is for professionals and enthusiasts of our products and services. Read Guidelines

Question tools

0 follower(s)

Stats

Asked: 9/9/13, 11:15 AM
Seen: 3117 times
Last updated: 3/16/15, 8:10 AM