Skip ke Konten
Menu
Pertanyaan ini telah diberikan tanda
2 Replies
3303 Tampilan

i have to implement the records access security as below:

1) only user who's user_id is same as logged-in user can see and have create/update/delete permissions
OR
2) logged-in user is Manager of the user_id in Employees and have all types of permissions

is it needs to create Record Rule to restrict? if yes how to write a Domain for both of the conditions which inclue OR and AND 
OR any other way? 

any other things should I consider / keep in mind to do? because its an ERP system.

please help.
regards

Avatar
Buang
Jawaban Terbai

Hi,

Yes this has to be done using the record rules in Odoo. Assume you have a user_id field in your model and manager_id field at the user level to specify the manager of an user(in your case this you have to modify as per your need), then you can add the domain like this.

['|', ('user_id', '=', user.id), ('user_id.manager_id', '=', user.id)]


Thanks

Avatar
Buang
Penulis

thanks @Niyas Raphy
client is using Odoo CRM which model/table is crm.lead, here is a field user_id
for manager we have to approach to model hr.employee where is parent_id for Manager
now the
1) logged-in user should be the same crm.lead.user_id
OR
2) logged-in user = hr.employee.parent_id AND crm.lead.user_id = hr.employee.id

hope that clear the requirement.
regards

yes, now you can try to map the general one into your requirement, cheers

Penulis

but how? this is what actually i want to know. please help.

Jawaban Terbai

Navigate to settings > Groups 

Select the user group to modify and add this rule in Record Rules tab?


Developer mode needs to be activated to view this menu

Avatar
Buang
Penulis

dear Jaideep, first, thank you to at least trying to help, 2nd please read thoroughly what WE already have posted here and 3rd we all are working in developer mode when customizing any new or existed module(s).

Post Terkait Replies Tampilan Aktivitas
1
Agu 23
1670
0
Sep 22
2165
1
Agu 22
2336
2
Agu 25
2134
1
Nov 22
2962