This question has been flagged
1 Reply
4619 Views
crmphonecall
Avatar
Sage

I have tried to add some domain force to some osv objects. All of them are working fine except crm.phonecall object. Here is the code i have added to restrict the access.

<record id="crm_phonecall_comp_rule" model="ir.rule">
<field name="name">CRM Phone Call MutliCompany</field>
<field model="ir.model" name="model_id" ref="crm.model_crm_phonecall"/>
<field eval="True" name="global"/>
<field name="domain_force">['|',('company_id','=',False),('company_id','child_of',[user.company_id.id])]</field>
</record>

These code don't work... Is there anything wrong in my code or is this a known issue in V7 against crm.phonecall object?

Avatar
Discard
Sage
Author

Is there anything to do with the view part of crm phonecall?

Avatar
Sage
Author Best Answer

I solved the problem. In case any one face the same issue, here shares my solution. By default, in the file crm_security.xml, there is one rule controlling the crm phone call access.

<record id="crm_rule_all_phones" model="ir.rule">
    <field name="name">All Phones</field>
    <field ref="model_crm_phonecall" name="model_id"/>
    <field name="domain_force">[(1,'=',1)]</field>
    <field name="groups" eval="[(4, ref('base.group_sale_salesman_all_leads'))]"/>
</record>

It allows the phone call records to be viewed by all the users no matter he is in this company or not. So in order to fix the issue, you could change the rule to the following:

<record id="crm_rule_all_phones" model="ir.rule">
    <field name="name">All Phones</field>
    <field ref="model_crm_phonecall" name="model_id"/>
    <field name="domain_force">['|',('company_id','=',False),('company_id','child_of',[user.company_id.id])]</field>
</record>

That will protect the records to be viewed by the members out of this company.

Regards Sage

Avatar
Discard