Community mailing list archives

Re: security modification question

Elico Solutions Pte Ltd, dominique kon sun tack
- 06/07/2016 19:19:44


It seems that you are using global record rules. Have you tried to use record rules applied specifically on groups?

Take the example of sales see own leads, and sales see all leads.
The former can see only leads assigned to the user, the latter can see all leads. There are two records rules (one is 1 = 1), applied on two different groups.

On 8 Jun, 2016 6:03 am, "Arjan Duijs" <> wrote:
Hi all,

I want to add some extra security to the hr.employee model.
two rules for the timesheet_cost field.

- Visible for only self and below in hierarchy
- Only 'Human resources/Officer' can edit

I have tried it with a security rule for the Employee object with the rule "[('id', 'child_of', [ for employee in user.employee_ids])]"

 it did work,but that was a bit too rigorous. the hr officers werent able to fill in timesheets for other employees afterwards.

then i tried to edit the field directly but got a nice pop up saying i couldnt modify that and should be done through an addon.

in the "Odoo development cookbook" chapter 10:  "Limit access to fields in models" it is explained but directly in the model. 
since this is a core model i doubt this is the way to do so.

What is the proper way to implement this?

Post to: