Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:
Hi everyone,
I'm on odoo 16 and noticed that some users were accidentally creating analytic accounts, analytic plans and analytic distributions. The group Technical: Analytic Accounting grants creation rights and is inherited by all internal users by default.
I would prefer to be more restrictive (for example only accountants can create new analytic plans and distribution models).
Is there a reason why every internal user needs full rights on "all analytic accounting"?
Thanks in advance :)
Hello Malta,
It is advisable not to grant all analytic accounting access to every internal user in Odoo. Instead, Odoo offers various user roles and permissions with specific functionalities:
1. Billing User: This role allows managing customer invoices, credit notes, and financial transactions. Billing users can create, validate invoices, handle customer payments, and perform follow-ups.
2. Read-only User: Users with this role have limited access rights and can only view data within Odoo. They cannot make changes to records, making it suitable for those who need information access without editing privileges.
3. Bookkeeper: Bookkeepers are responsible for managing financial records like general journal entries, vendor bills, and expenses. Their role is to maintain accurate financial data and keep the books up to date.
4. Accountant: Accountants have more extensive access rights than bookkeepers and billing users. They can manage and reconcile bank statements, create financial reports, and exercise greater control over accounting processes.
5. Consolidation User: Consolidation users handle financial data consolidation in multi-company setups. They are authorized to manage inter-company transactions and generate consolidated financial reports.
Assigning the above roles to users based on their job roles will help restrict data creation and manipulation for specific groups.
Additionally, you can create custom user groups with tailored access rights according to your specific needs and requirements. This gives you more flexibility in defining permissions for different user categories.
Hope this answer will help you.
Thanks & Regards,
Email: odoo@aktivsoftware.com
Skype: kalpeshmaheshwari
Hi Jainesh,
thanks for your fast reply! We already make use of the roles in accounting, but my issue is an "underlying" one.
The default roles for accounting define reasonable access to the analytic accounting, but there is another group called Technical: Analytic Accounting which provides full access to all analytic account functions. This group is inherited by User type/Internal User, which means any internal user (in terms of access rights) can create analytic accounts, plans and distributions.
Not all users have access to the necessary views and menus, but the Sales app is a good example:
An internal user with role of Sales: Own documents or All Documents can access an invoice via the sales order.
Without any role in accounting they can edit the invoice draft, including setting the analytic accounts (for this invoice) and saving (aka creating) an analytic distribution model.
I think that's unintentional or my question is if the group Technical: Analytic Accounting is actually needed for anything. I hope I can just reduce it to read/write access to stop "regular" users from creating new accounts, plans and distributions.
Create an account today to enjoy exclusive features and engage with our awesome community!
Sign up
1. Use the live chat to ask your questions.
2. The operator answers within a few minutes.
