Setting up rules' Access Right in xml,csv files
I created new module depends on Project Management, i want to add new Groups,users,rules and Access controls in security folder. I successfully added groups and users, and for some extend Access Controls.
My Question is: how to specify the access right(Read/Write/Create/Delete) for every rule?.
For example: 1.User can create/read/write tasks (ACL) 2.User can read/modify only tasks assigned to him (Rule) 3.Project managers can see all tasks in their projects (Rule)
I couldn't find a documentation for this point, any links or explanations?
Access Right This is how you can give read/write/create/delete rights in group on particular object by creating
ir.model.access.csv file. See line number 1 & 2.
Access Rules This is how you can create access rules for particular object and groups by creating xml file.
<record model="ir.rule" id="ir_values_my_costume_rule"> <field name="name">My Rule Name</field> <field name="model_id" ref="model_your_model_name"/> <field name="domain_force">[('field','operator','value'),('user_id','=',user.id)]</field> <field name="perm_read" eval="True"/> <field name="perm_write" eval="True"/> <field name="perm_unlink" eval="True"/> <field name="perm_create" eval="True"/> </record>
You must pass
model_ before model name in
<field name="model_id" ref="model_your_model_name"/> like this:
eval you can either pass
False as per you need.
Record Rules can be defined from the menu also without creating any file : Settings->Technical->Security->Record Rules.
There are three main fields that you need to configure carefully in order to define "Record Rule"
- Object: On which you want to apply record rule. (in this example it is "Task" object).
- Domain: Setup domain for filtering the data.
- Groups: Add group for which you want to apply this record rule. If nothing to add then this rule is apply globally which is usually used to configuring multi-company record rule.
I am going to explain such access rule by taking the example of "Task" object of OpenERP.
In my example, suppose my requirement is like this:
The user 'rch' can access only list of tasks of following kind...
- list of all tasks which is not assigned to any user. i.e.('user_id','=',False)
- list of all tasks Which is assigned to user 'rch'. i.e.('user_id','=',user.id)
- list of all tasks of all the project's for which he is a member of. i.e.('project_id.members','in', [user.id])
- list of all tasks of the project for which he is a project manager. i.e.('project_id.user_id','=',user.id)
Configure your record rule as follow:
- Name: Tasks According to User and Project.
- Object: Task.
- Domain: ['|','|','|',('user_id','=',False),('user_id','=',user.id),('project_id.members','in', [user.id]),('project_id.user_id','=',user.id)].
- Groups: project/User.
Now add this group (project/User) to user 'rch'.
- What documentation is available for odoo?
- The different "openerp model inheritance" mechanisms: what's the difference between them, and when should they be used ?
- What is the different between col and colspan?
- How can I activate the developer mode?
- How i can create module openerp 7 / Odoo 8 ?
- How css and js inheritance works on Odoo v8?
- How to display database name without debug mode?
- How to run tests
- Relative Date (today, this month, e.g.) in Filter
- How to disable developer mode or debugging feature in openerp 7
- Hide menu for existing group
- How to show Thumbnail image in list view?
- Please define these Python Fetch types
- What is the _track proprerty of mail.thread model used for ?
- why dummy field used in product.product
- How to add a custom css?
- How to move around workflow states back and forth?
- Anyone has realized a locking functionality?
- How to override a global function?
- Show Account Number(Partial or Semi Visible Number) Formatting in OpenERP 7.0
- how to override name_get method in new api
- How to extend fields.selection options without overwriting them?
- How to enable a security group for all users?
- How to detect which modules are installed
- Details and examples on the accounting API?
- How to handle reading and writing to read-only fields
- How to debug Odoo in Eclipse under Winows?
- Whats the difference between inherit and inherits?
- What should onchange methods do and return?