Odoo Help


How to implement typical security rule to user group?

on 6/5/13, 7:26 AM 4,516 views

I am implementing security rules in openerp for crm.

Now I want to restrict user group to update certain values.

Now sale person can qualify opportunity but can not "mark won"

Sales manager only can do "mark won".

How can I implement this in openerp? Does this possible !!! OpenERP 7.0 Stable.

Alex Malone
On 6/5/13, 7:45 AM

There are a couple of ways to do this from the code. The easiest method is to restrict the workflow buttons to certain groups.

For example:

<button string="Mark Won" groups="group_sales_manager" />

Putting a "groups = '' " arguement on any field or button within your XML definitions restricts those items to just the groups listed. You can add multiple groups by comma-separating them.

The second method isn't as straight forwards and probably not recommended but might be more flexible. You can override the write method for whatever entity you are on and perform some checks. E.G.

def write(self, cr, uid, ids, vals, context={}):
    if 'state' in vals and vals['state'] == 'won':
        ## Perform your checks on user groups here
        ## If the person is not a sales manager, show them an error message
        dummy,group_id = dataobj.get_object_reference(cr, 1, 'base', 'group_sales_manager')
        user = self.pool.get('res.users').browse(cr, uid, uid)
        if group_id not in user.group_ids:
           ## Raise your error message
           raise osv.except_osv(_('Error Message Title'), _("You are not a sales manager and so you are not allowed to win this thing"))
    return super(entity_you_are_working_on, self).write(cr, uid, ids, vals, context)

The above isn't an accurate piece of code but it gives you an idea of what you can do to control access and workflow. I wouldn't particularly recommend it for general purpose as it can become a real pain to maintain if you have lots of function overrides, but it can be powerful.

user.group_ids not found. please give a proper solution.

Farid Ghanchi
on 6/6/13, 4:02 AM

We used read method user = self.pool.get('res.users').read(cr, uid, [uid], context)[0]['groups_id']

Farid Ghanchi
on 6/6/13, 9:10 AM

About This Community

This platform is for beginners and experts willing to share their Odoo knowledge. It's not a forum to discuss ideas, but a knowledge base of questions and their answers.


Odoo Training Center

Access to our E-learning platform and experience all Odoo Apps through learning videos, exercises and Quizz.

Test it now

Question tools

0 follower(s)


Asked: 6/5/13, 7:26 AM
Seen: 4516 times
Last updated: 3/16/15, 8:10 AM