Odoo Help

Welcome!

This community is for beginners and experts willing to share their Odoo knowledge. It's not a forum to discuss ideas, but a knowledge base of questions and their answers.

2

Multicompany Access Rights - Why is the field res.user.company_ids not used?

By
Michael Karrer
on 2/11/14, 4:34 PM 4,322 views

In a multi-company setup of OpenERP there is a new field available for the users "res.user.company_ids" but it seems that this field will not be taken into account on any of the access Rules:

Acces Rules for res.partner

['|','|',('company_id.child_ids','child_of',[user.company_id.id]),('company_id','child_of',[user.company_id.id]),('company_id','=',False)]

Or Access Rule for res.companies

[('id','child_of',[user.company_id.id])]

I do understand that OpenERP is by default sharing it's documents between Parents and Children and not between brother and sister wich is abvious if you look at

('company_id.child_ids','child_of',[user.company_id.id]) and ('company_id','child_of',[user.company_id.id])

BUT I really don't understand for what the field res.user.company_ids is for? Could somebody shed some light on this?

I was expecting that if all of my companies are in an hierarchy like this:

Company A > Company B > Company C

and a user belongs to "Company B and has set the field "res.user.company_ids" to "Company B" and "Company A" he could see all the partners (contacts) from "Company A" and "Company B" but NOT from "Company C". But in reality he will be able to see all the contacts from all the companies including "Company C".

Maybe i did not understand the purpose of the Field "Allowed Companies" ( res.user.company_ids )

Solution for me: To make it work like expected i altered the access rules like this:

res.partner

['|','|','&',('company_id.child_ids','child_of',[user.company_id.id]),('company_id','child_of',[user.company_id.id]),('company_id','=',False),('company_id', 'in', [company.id for company in user.company_ids])]

res.company

[('id','in',[company.id for company in user.company_ids])]

But i am not sure if this has any impact or if this is the correct way to alter this access rules?!?

So my two questions are:

  1. What is the purpose of res.user.company_ids
  2. Are my new access rules correct and ok?
0
Jos De Graeve
On 9/2/14, 6:39 AM

Hello Michael,

The goal of the res.user.company_ids field is to set the list of companies a user is allowed to use.  A user can change his user preferences and select a different company to work on, if that user has the 'multicompany' technical setting enabled and if the company he want's to change to is in his list of allowed companies.

I dont know if part 2 of you question is still relevant in the light of above answer ?

Regards,

Jos

0
Stephan Amann
On 10/15/14, 8:50 AM

I'm struggling with the same question. In a multi-company setup, where the companies are sisters, things are not working properly by the standard. A simple example is the messaging system in odoo.

If a action in company A triggers a message to be sent to my Inbox, I have no access anymor to my Inbox from company B. If the same happens vice-versa, I keep getting "Access Denied" messages.

The only solution I would see, is to set the access rules according to Michael Karrer.

Your Answer

Please try to give a substantial answer. If you wanted to comment on the question or answer, just use the commenting tool. Please remember that you can always revise your answers - no need to answer the same question twice. Also, please don't forget to vote - it really helps to select the best questions and answers!

About This Community

This community is for professionals and enthusiasts of our products and services. Read Guidelines

Question tools

4 follower(s)

Stats

Asked: 2/11/14, 4:34 PM
Seen: 4322 times
Last updated: 10/21/15, 6:00 PM