project_permission.py
class project_permission(osv.Model): _inherit = 'project.project' def _get_visibility_selection(self, cr, uid, context=None): selection = super(project_permission, self)._get_visibility_selection(cr, uid, context=context) selection.append(('team', _('Private project: team Only'))) # sólo personas del equipo return selection
And I'm trying to give permissions:
permission_security.xml
<?xml version="1.0" encoding="utf-8"?> <openerp> <data noupdate="0"> <record id="group_permission" model="res.groups"> <field name="name">Team</field> <field name="groups_id" eval="[(6,0,['group_permission'])]" /> </record> </data> <data noupdate="1"> <record model="ir.rule" id="permission_project_public_members_rule"> <field name="name">Project: employees: public, team, employees or following</field> <field name="model_id" ref="project.model_project_project"/> <field name="domain_force"> ['|', ('privacy_visibility', 'in', ['public', 'employees', 'team']), '|', '&', ('privacy_visibility', '=', 'followers'), ('message_follower_ids', 'in', [user.partner_id.id]), '&', ('privacy_visibility', '=', 'team'), ('members', 'in', [user.partner_id.id]), ] </field> <field name="groups" eval="[(4, ref('base.group_user'))]"/> </record> <record id="permission_project_rule" model="ir.rule"> <field name="name">Project: team users: public, team or following</field> <field name="model_id" ref="project.model_project_project"/> <field name="domain_force"> ['|', '|', ('privacy_visibility', '=', 'public'), '&', ('privacy_visibility', '=', 'team'), ('message_follower_ids', 'child_of', [user.partner_id.commercial_partner_id.id]), '&', ('privacy_visibility', '=', 'followers'), ('message_follower_ids', 'in', [user.partner_id.id]) ] </field> <field name="groups" eval="[(4, ref('projects_permissions.group_permission'))]"/> </record> <record model="ir.rule" id="project_permission_public_rule"> <field name="name">Project: public users: public only</field> <field name="model_id" ref="project.model_project_project"/> <field name="domain_force">[('privacy_visibility', '=', 'public')]</field> <field name="groups" eval="[(4, ref('base.group_public'))]"/> </record> <record model="ir.rule" id="projects_permissions.task_visibility_rule"> <field name="name">Project/Task: employees: public, team, employee or (followers and following)</field> <field name="model_id" ref="project.model_project_task"/> <field name="domain_force"> ['|', ('project_id.privacy_visibility', 'in', ['public', 'team', 'employees']), '|', '&', ('project_id.privacy_visibility', '=', 'followers'), ('project_id.message_follower_ids', 'in', [user.partner_id.id]), '|', ('message_follower_ids', 'in', [user.partner_id.id]), ('user_id', '=', user.id), '|', '&', ('privacy_visibility', '=', 'team'), ('members', 'in', [user.partner_id.id]), '|', ('members', 'in', [user.partner_id.id]), ('user_id', '=', user.id), ] </field> </record> <record id="permission_task_rule" model="ir.rule"> <field name="name">Project/Task: team users: public or (team and colleagues following)</field> <field name="model_id" ref="project.model_project_task"/> <field name="domain_force"> ['|', '|', '|', ('project_id.privacy_visibility', '=', 'public'), '&', ('project_id.privacy_visibility', '=', 'team'), ('project_id.members', 'child_of', [user.partner_id.commercial_partner_id.id]), '&', ('project_id.privacy_visibility', '=', 'followers'), ('project_id.message_follower_ids', 'in', [user.partner_id.id]), '&', # on employee project can receive messages but not access the object ('project_id.privacy_visibility', '!=', 'employees'), ('message_follower_ids', 'in', [user.partner_id.id]), ] </field> <field name="groups" eval="[(4, ref('projects_permissions.group_permission'))]"/> </record> <record model="ir.rule" id="permission_task_public_rule"> <field name="name">Project/Task: public users: public only</field> <field name="model_id" ref="project.model_project_task"/> <field name="domain_force">[('project_id.privacy_visibility', '=', 'public')]</field> <field name="groups" eval="[(4, ref('base.group_public'))]"/> </record> </data> </openerp>
And this is my .csv:
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink access_permission_project_public,permission.project,project.model_project_project,base.group_public,1,0,0,0 access_permission_task_public,permission.task,project.model_project_task,base.group_public,1,0,0,0 access_permission_project_team,permission.project_team,project.model_project_project,projects_permissions.group_permission,1,1,0,0 access_permission_task_team,permission.task,project.model_project_task,projects_permissions.group_permission,1,1,0,0
Am I doing well? Or maybe have I got to do another thing (like a domain...)?
This is works when I'm admin, the problem is when I enter as demo user