Help

0

Record Rule for Contacts (A Specific Group of Users Can Only See Other Users)

Avatar
Anke Vulprecht-Weil

Hey there,

I'm looking for a solution to restrict access in the contacts view for a certain user group. 

The users should be able to see other users (aka other employees in our company) but no customers and partners.

Any ideas how the syntax of the Record Rule might look like? Or any other ideas/recommendations?

1Comment
Avatar
Discard
Avatar
Elder Id
-

Hi,

Have you been able to figure out a solution?


2Answers
0
Avatar
Christian Kubicki
Best Answer

Just an Idea. Delete Group Name "User types / Internal User" from Menu Item "Contacts" to get sure, that Employees still have read-access if they came from a related module instead of restricting via Record Rule.

Than delete Group Contact Creation on res.users for related Employees and adapt also on Default User Template.

Employees should still be able to see other Employees via Employees-Module

1Comment
Avatar
Discard
Avatar
Anke Vulprecht-Weil
-

Thanks Christian but the tricky part is, that I have to make sure that certain users can't access these information in any way. Our test in that regard is that if I copy the url from a user with higher access rights from a sensible view and paste it in the browser window of the user with the limited access, they should get the Odoo warning window and no accessible page.