Community mailing list archives

User manageable record level access restrictions

Karlis Dreizis
- 02/29/2016 04:59:42

Odoo v9 only gives the ability to restrict access to fields, the model itself or individual records. The simple way to achieve the desired result would be access rules, but you can't expect a regular user to construct the appropriate domain.

The naive way one might approach this problem is to have something similar to mail.thread extend with a list of allowed/subscribed users and a record rules. There would be 4 record rule entries for each CRUD operation respectively with a domain that checks whether the group or user qualifies for the rule. [('', 'in', [shared_group_ids.users.ids])]

Then the user could add groups and or users via a custom js interface or via a odoo wizard.

Although it could be done like this. It seems a tad clunky. I would love to hear from the community. What approach would you take to solve this kind of problem? 

​Regards, Karlis