Community mailing list archives
Re: User manageable record level access restrictionsby
It sounds a bit odd that end users can modifiy record access or model access in a business software environment...
Or is it to simplify the job of the admin?
Odoo v9 only gives the ability to restrict access to fields, the model itself or individual records. The simple way to achieve the desired result would be access rules, but you can't expect a regular user to construct the appropriate domain.
The naive way one might approach this problem is to have something similar to mail.thread extend with a list of allowed/subscribed users and a record rules. There would be 4 record rule entries for each CRUD operation respectively with a domain that checks whether the group or user qualifies for the rule. [('user.id', 'in', [shared_group_ids.users.ids])]
Then the user could add groups and or users via a custom js interface or via a odoo wizard.
Although it could be done like this. It seems a tad clunky. I would love to hear from the community. What approach would you take to solve this kind of problem?Regards, Karlis