Community mailing list archives
security modification questionby
I want to add some extra security to the hr.employee model.
two rules for the timesheet_cost field.
- Visible for only self and below in hierarchy
- Only 'Human resources/Officer' can edit
I have tried it with a security rule for the Employee object with the rule "[('id', 'child_of', [employee.id for employee in user.employee_ids])]"
it did work,but that was a bit too rigorous. the hr officers werent able to fill in timesheets for other employees afterwards.
then i tried to edit the field directly but got a nice pop up saying i couldnt modify that and should be done through an addon.
in the "Odoo development cookbook" chapter 10: "Limit access to fields in models" it is explained but directly in the model.
since this is a core model i doubt this is the way to do so.
What is the proper way to implement this?