Skip ke Konten
Menu
Pertanyaan ini telah diberikan tanda
1 Balas
4051 Tampilan

Hi everyone, I have a custom model "A" that has a Many2many relationship to the hr.applicant model.

I have two groups of users in my application: admin and non-admin. I want both groups to have read permission of model "A", but only the admin group should have read permissions on hr.applicant.

I thought I could achieve this by adding groups="my_admin_group" to the field in model A's views, but unfortunately this is not working.

It's important to note that the approach above works IF the field is Many2one, rather than Many2many, which results in the value of the field being hidden from the non-admin group. But if the fields is Many2many (which is required in my case) it throws a permission error.

I have also tried to make the field conditionally invisible, but to no avail.


Any ideas of why this is happening, and how to work around it? Thank you.

Avatar
Buang
Jawaban Terbai

Because you are giving read access to the source model, the user will get access to read the same. If you do not want the user to access the source model directly from front end, you can hide the menu for the group which enables the user to go to the particular screen.

Avatar
Buang
Penulis

I don't think that would solve my problem, but anyway I already got an answer on the Github issue I created.
The solution is to set the "groups" field attribute at the model level (i.e. on the Python file) rather than only on the view. That makes it so the non-admin group can access the view, but simply doesn't receive the private field on the frontend.

Post Terkait Replies Tampilan Aktivitas
2
Mar 24
2363
3
Agu 23
3886
1
Okt 22
3416
0
Sep 22
1823
3
Jul 22
2831