I have several groups of users and one of those groups is 'group_reporter'. And this group can create requests and report it. While they create a new request it will be in 'Draft' stage and once they report it, it will be moved to 'Report'.
They should only be able to edit the request when it is in the 'Draft' stage. In the 'Report' stage it has to be in read-only state.
So I've written these two record rules:-
</record> -->
<!--
Name: Request Reporter - Edit
Group(s): group_reporter
Records: Incidents
Condition: if (user is owner of the record AND incident is in Draft stage)
Access Rights: Read/Write/Create
-->
<record id="rule_request_basic_reporter_edit" model="ir.rule">
<field name="name">Request Reporter - Edit</field>
<field name="model_id" ref="generic_request.model_request_request"/>
<field name="domain_force">[('created_by_id', '=', user.id), ('stage_type_name', '=', 'Draft')]</field>
<field name="groups" eval="[(4, ref('generic_request.group_reporter'))]"/>
<field eval="0" name="perm_unlink"/>
<field eval="1" name="perm_write"/>
<field eval="1" name="perm_read"/>
<field eval="1" name="perm_create"/>
</record>
<!--
Name: Request Reporter - Edit
Group(s): group_reporter
Records: Incidents
Condition: if (user is owner of the record AND (incident is in Report stage))
Access Rights: Read-only
-->
<record id="rule_request_basic_reporter_read_only" model="ir.rule">
<field name="name">Request Reporter - Read-only</field>
<field name="model_id" ref="generic_request.model_request_request"/>
<field name="domain_force">[('created_by_id', '=', user.id),('stage_type_name', '=', 'Report')]</field>
<field name="groups" eval="[(4, ref('generic_request.group_reporter'))]"/>
<field eval="0" name="perm_unlink"/>
<field eval="0" name="perm_write"/>
<field eval="1" name="perm_read"/>
<field eval="0" name="perm_create"/>
</record>
But for some reason I am still able to edit the requests that are in 'Report' stage. I'm not sure what's wrong.
