Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:

CRM
e-Commerce
Contabilità
Magazzino
PoS
Progetti
MRP

All apps

Tutti gli articoli Persone Badge

Etichette (Mostra tutto)

odoo accounting v14 pos v15

Sul forum

Assistenza

How to restrict modification for some user

security rights restrict access_rules odooV8

2 Risposte

10953 Visualizzazioni

Dewilde Valentin

I have a module that store the publication of a group of person and i want to restrict the "write" permission for the person who create the publication.

Here is my situation :

-Publications must be creatable and readable for all user

-Publications must be editable just for the one who create it

-Publication must be manageable (read, write, create and delete) for member of a group.

I made some research and it seem that restrict on user who don't have a group is a bit difficult. Well is there a way i didn't see ?

Thanks

Brett Lehrer

Risposta migliore

You can accomplish this by inheriting the write() function of the publication model. Give everyone write access initially, then restrict it back down if they're not the creator or in the management group. I'll assume your module is called "publication_module" and the publications model itself is named "my.publication".

First, you'll need a management group defined:

 <record id="group_publication_manager" model="res.groups">
    <field name="name">Publication Manager</field>
    <field name="users" eval="[(4, ref('base.user_root'))]"/>
</record>

By default, I'm assuming that the built-in "admin" user (uid=1) is a Publication Manager.

Your ir.model.access.csv file would include lines for model_my_publication for general users and for managers:

id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
security_publication_user,security.publication.user,model_my_publication,base.group_user,1,1,1,0
security_publication_manager,security.publication.manager,model_my_publication,publication_module.group_publication_manager,1,1,1,1

Finally, the inherited write() function. If the user isn't a member of the management group, check if there are any records among the ones they're attempting to edit that were created by a different user, and raise an error if any are found:

 def write(self, cr, uid, ids, values, context=None):
    """User must be a member of the management group or the creator of the publication to edit it"""
    if context is None: context = {}
    if not self.pool['res.users'].has_group(cr, uid, 'publication_module.group_publication_manager'):
        # Find any instances of the current user not being the creator of the given ids
        cr.execute("""select 1
                from my_publication
                where id in %s and create_uid <> %s""", (tuple(ids), uid,))
        if bool(cr.fetchone()):
            raise orm.except_orm("Error", "You can only edit your own publications!")
    return super(my_publication, self).write(cr, uid, ids, values, context=context)

Dewilde Valentin

Autore

Sorry for the late response.

Thank you, your solution work absolutely fine. I work with the new api (v8) so i make some modification about your implementation but its exactely the same. I give your solution in the new api for people who want to know how to do this :

@api.one
def write(self, vals):
	# Check if user is not member of management's group
	if not self.env['res.users'].has_group(
                'publication_module.group_publication_manager'):
		# Test if user is not the creator
		# (and if the template is in edit mode)
		if self.create_uid and not (self.env.uid==self.create_uid.id):
			raise exceptions.ValidationError(
				_("You don't have the permission to edit this template"))
	indicator = super(Indicator, self).write(vals)
	return indicator

Ti stai godendo la conversazione? Non leggere soltanto, partecipa anche tu!

Crea un account oggi per scoprire funzionalità esclusive ed entrare a far parte della nostra fantastica community!

Registrati

Post correlati	Risposte	Visualizzazioni
Security rights model within OdooV8 security edit forms rights odooV8	0 gen 16	3474
Is it possible to restrict access to certain warehouses based on username/login? security access_rules	1 gen 17	3859
Give access to odoo model in access controls list give "No matching record found for external id" Risolto security access_rules	1 lug 16	8395
superuser rights for another user security access_rules	3 dic 23	22626
Access Rules in odoo 8 access_rules odooV8	1 mag 15	6284

La domanda è stata contrassegnata

Ti stai godendo la conversazione? Non leggere soltanto, partecipa anche tu!