콘텐츠로 건너뛰기
커뮤니티에 참여하려면 회원 가입을 하시기 바랍니다.
모든 게시물 사용자 배지
태그 (모두 보기)
odoo accounting v14 pos v15
게시판 정보
신고된 질문입니다
record_rulesaccess_rulesodoov11
2 답글
7435 화면
아바타
FCarmo

Hi everyone,

I'm trying to add some security rules to my module, but I'm unable to do so.

I'm using multi company and trying to show only records that meet these requirements:
> Same company
> Same company and shared resource either True or False
> Different Company and shared resource must be True

The rules do exactly what I want, except when I try to enter a record it says that I need "read permissions"

P.S: Don't worry about the rule names. I'm trying to start this first.

This is what I have:

From the csv security file.

id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
access_neos_res_company_user,access_neos_res_company_user,base.model_res_company,neos_resource_reservation.group_neos_resource_user,1,0,0,0
access_neos_res_users_user,access_neos_res_users_user,base.model_res_users,neos_resource_reservation.group_neos_resource_user,1,1,0,0
access_neos_res_partner_user,access_neos_res_partner_user,base.model_res_partner,neos_resource_reservation.group_neos_resource_user,1,1,0,0
access_neos_resource_user,access_neos_resource_user,model_resource_reservation,neos_resource_reservation.group_neos_resource_user,1,1,1,0
access_fleet_vehicle_access_right_user,access_fleet_vehicle_access_right_user,fleet.model_fleet_vehicle,neos_resource_reservation.group_neos_resource_user,1,1,1,0
access_fleet_vehicle_model_access_right_user,access_fleet_vehicle_model_access_right_user,fleet.model_fleet_vehicle_model,neos_resource_reservation.group_neos_resource_user,1,1,1,0
access_fleet_vehicle_tag_access_right_user,access_fleet_vehicle_tag_access_right_user,fleet.model_fleet_vehicle_tag,neos_resource_reservation.group_neos_resource_user,1,1,1,0
access_fleet_vehicle_state_access_right_user,access_fleet_vehicle_state_access_right_user,fleet.model_fleet_vehicle_state,neos_resource_reservation.group_neos_resource_user,1,1,1,0
access_fleet_vehicle_model_brand_access_right_user,access_fleet_vehicle_model_brand_access_right_user,fleet.model_fleet_vehicle_model_brand,neos_resource_reservation.group_neos_resource_user,1,1,1,0
access_fleet_service_type_access_right_user,access_fleet_service_type_access_right_user,fleet.model_fleet_service_type,neos_resource_reservation.group_neos_resource_user,1,1,1,0
access_access_fleet_vehicle_cost_user,access_access_fleet_vehicle_cost_user,fleet.model_fleet_vehicle_cost,neos_resource_reservation.group_neos_resource_user,1,1,1,0
access_fleet_vehicle_odometer_access_right,access_fleet_vehicle_odometer_access_right,fleet.model_fleet_vehicle_odometer,neos_resource_reservation.group_neos_resource_user,1,1,1,0
access_fleet_vehicle_log_services_access_right_user,access_fleet_vehicle_log_services_access_right_user,fleet.model_fleet_vehicle_log_services,neos_resource_reservation.group_neos_resource_user,1,1,1,0
access_fleet_vehicle_log_contract_access_right_user,access_fleet_vehicle_log_contract_access_right_user,fleet.model_fleet_vehicle_log_contract,neos_resource_reservation.group_neos_resource_user,1,1,1,0
access_fleet_vehicle_log_fuel_access_right,access_fleet_vehicle_log_fuel_access_right,fleet.model_fleet_vehicle_log_fuel,neos_resource_reservation.group_neos_resource_user,1,1,1,0

And from the xml security file:

<?xml version="1.0" encoding="utf-8"?>
<odoo>
    <data noupdate="0">
        <!--####################### GROUPS #######################-->
        <record id="module_neos_resource_reservation" model="ir.module.category">
            <field name="name">Resource Management</field>
            <field name="description">Permissions for the resource reservation module.</field>
            <field name="sequence">20</field>
        </record>

        <record id="group_neos_resource_anon_user" model="res.groups">
            <field name="name">Anonymous</field>
            <field name="category_id" ref="module_neos_resource_reservation"/>
            <field name="implied_ids" eval="[(4, ref('base.group_public'))]" />
            <field name="comment">Anonymous User Group.</field>
        </record>

        <record id="group_neos_resource_user" model="res.groups">
            <field name="name">User</field>
            <field name="category_id" ref="module_neos_resource_reservation"/>
            <field name="implied_ids" eval="[(4, ref('base.group_user'))]"/>
            <field name="comment">Common user</field>
        </record>

        <record id="group_neos_resource_manager" model="res.groups">
            <field name="name">Manager</field>
            <field name="category_id" ref="module_neos_resource_reservation"/>
            <field name="users" eval="[(4, ref('base.user_root'))]"/>
            <field name="implied_ids" eval="[(6, 0, [
                ref('group_neos_resource_user'),
            ])]"/>
            <field name="comment">This user will have access to all records of everyone within is own company.</field>
        </record>

        <record id="group_neos_resource_sudo_manager" model="res.groups">
            <field name="name">Super Manager</field>
            <field name="category_id" ref="module_neos_resource_reservation"/>
            <field name="users" eval="[(4, ref('base.user_root'))]"/>
            <field name="implied_ids" eval="[(6, 0, [
                ref('group_neos_resource_manager'),
            ])]"/>
            <field name="comment">This user will have access to everything.</field>
        </record>

        <!--####################### USER #######################-->
        <record id="rule_fleet_vehicle_owner_user" model="ir.rule">
            <field name="name">User owner vehicle</field>
            <field name="model_id" ref="fleet.model_fleet_vehicle"/>
            <field name="global" eval="True"/>
            <field name="groups" eval="[(4, ref('group_neos_resource_user'))]"/>
            <field name="domain_force">[('owner_id','=',user.company_id.id),'|',('shared_resource','=',True),('shared_resource','!=',True)]</field>
        </record>
        
        <record id="rule_fleet_vehicle_owner_user2" model="ir.rule">
            <field name="name">User owner vehicle</field>
            <field name="model_id" ref="fleet.model_fleet_vehicle"/>
            <field name="global" eval="True"/>
            <field name="groups" eval="[(4, ref('group_neos_resource_user'))]"/>
            <field name="domain_force">[('owner_id','!=',user.company_id.id),('shared_resource','=',True)]</field>
            <field name="perm_read" eval="True"/>
            <field name="perm_write" eval="False"/> <!-- eval="True" -->
            <field name="perm_create" eval="False"/>
            <field name="perm_unlink" eval="False"/>
        </record>
        
        <!--####-->
        
        <!--<record id="rule_fleet_vehicle_owner_user3" model="ir.rule">-->
        <!--    <field name="name">User owner vehicle</field>-->
        <!--    <field name="model_id" ref="fleet.model_fleet_vehicle"/>-->
        <!--    <field name="groups" eval="[(4, ref('group_neos_resource_user'))]"/>-->
        <!--    <field name="domain_force">[('owner_id','!=',user.company_id.id),('shared_resource','!=',True)]</field>-->
        <!--    <field name="perm_read" eval="True"/>-->
        <!--    <field name="perm_write" eval="True"/>-->
        <!--    <field name="perm_create" eval="False"/>-->
        <!--    <field name="perm_unlink" eval="False"/>-->
        <!--</record>-->
        <!---->
        <!--####-->

Funny thing is, if I uncomment the record rule above, and replace the record "rule_fleet_vehicle_owner_user2" perm_write with "True", it shows every record (which is not what I want) and I can do everything normally.


Any guesses on what is wrong?


Thank you and have a good day



아바타
취소
아바타
Tiến Paul
베스트 답변

in "rule_fleet_vehicle_owner_user2"and "rule_fleet_vehicle_owner_user3"
Not used by True or False that is 1 or 0

<field name="perm_read" eval="True"/>-->
        <!--    <field name="perm_write" eval="True"/>-->
        <!--    <field name="perm_create" eval="False"/>-->
        <!--    <field name="perm_unlink" eval="False"/>--> Must be
<field name="perm_read" eval="1"/>-->
        <!--    <field name="perm_write" eval="1"/>-->
        <!--    <field name="perm_create" eval="0"/>-->
        <!--    <field name="perm_unlink" eval="0"/>-->
Not used by True or False
아바타
취소
아바타
Arturo Ruiz
베스트 답변

Hi, in your csv security file line # 6 you use  "fleet.model_fleet_vehicle"  and the values at end of this line are "1,1,1,0".
In your xml security file, under "<record id="rule_fleet_vehicle_owner_user2" model="ir.rule"> the last 4 lines <field name> are eval as True, False, False, False.
You said "Funny thing is ...." , are you tried using  True, True, True, False  (1,1,1,0) ?




아바타
취소
관련 게시물 답글 화면 활동
Can you restrict User access to Bills / Payments v16
record_rules access_rules
아바타
아바타
아바타
2
1월 24
2980
what is different access right and record rules in odoo online 해결 완료
record_rules access_rules odooonline
아바타
아바타
아바타
2
9월 25
4020
Give a Single User Access Rights to Specific Field
groups record_rules access_rules
아바타
아바타
아바타
2
8월 23
3392
Record Rule for Contacts (A Specific Group of Users Can Only See Other Users)
res.partner record_rules access_rules
아바타
아바타
아바타
아바타
3
8월 23
6901
Record Rules related to current user 해결 완료
record_rules access_rules accessrights
아바타
아바타
1
12월 20
8046