This question has been flagged
2 Replies
15055 Views

In a multi-company setup of OpenERP there is a new field available for the users "res.user.company_ids" but it seems that this field will not be taken into account on any of the access Rules:

Acces Rules for res.partner

['|','|',('company_id.child_ids','child_of',[user.company_id.id]),('company_id','child_of',[user.company_id.id]),('company_id','=',False)]

Or Access Rule for res.companies

[('id','child_of',[user.company_id.id])]

I do understand that OpenERP is by default sharing it's documents between Parents and Children and not between brother and sister wich is abvious if you look at

('company_id.child_ids','child_of',[user.company_id.id]) and ('company_id','child_of',[user.company_id.id])

BUT I really don't understand for what the field res.user.company_ids is for? Could somebody shed some light on this?

I was expecting that if all of my companies are in an hierarchy like this:

Company A > Company B > Company C

and a user belongs to "Company B and has set the field "res.user.company_ids" to "Company B" and "Company A" he could see all the partners (contacts) from "Company A" and "Company B" but NOT from "Company C". But in reality he will be able to see all the contacts from all the companies including "Company C".

Maybe i did not understand the purpose of the Field "Allowed Companies" ( res.user.company_ids )

Solution for me: To make it work like expected i altered the access rules like this:

res.partner

['|','|','&',('company_id.child_ids','child_of',[user.company_id.id]),('company_id','child_of',[user.company_id.id]),('company_id','=',False),('company_id', 'in', [company.id for company in user.company_ids])]

res.company

[('id','in',[company.id for company in user.company_ids])]

But i am not sure if this has any impact or if this is the correct way to alter this access rules?!?

So my two questions are:

  1. What is the purpose of res.user.company_ids
  2. Are my new access rules correct and ok?
Avatar
Discard
Best Answer

Hello Michael,

The goal of the res.user.company_ids field is to set the list of companies a user is allowed to use.  A user can change his user preferences and select a different company to work on, if that user has the 'multicompany' technical setting enabled and if the company he want's to change to is in his list of allowed companies.

I dont know if part 2 of you question is still relevant in the light of above answer ?

Regards,

Jos

Avatar
Discard
Best Answer

I'm struggling with the same question. In a multi-company setup, where the companies are sisters, things are not working properly by the standard. A simple example is the messaging system in odoo.

If a action in company A triggers a message to be sent to my Inbox, I have no access anymor to my Inbox from company B. If the same happens vice-versa, I keep getting "Access Denied" messages.

The only solution I would see, is to set the access rules according to Michael Karrer.

Avatar
Discard