Skip to Content
Menu
Musisz się zarejestrować, aby móc wchodzić w interakcje z tą społecznością.
To pytanie dostało ostrzeżenie
1 Odpowiedz
3690 Widoki

Just an example: An employee have some private information. An employee can see his own private information. But should not see other employee private information. In that case we can use attrs = "{'invisible': []}". It can invisible from view. But it's not secure. it's actually eye wash. if we inspect browser & go to Network-> XHR-> read-> JSON response, got the other employee private information. it's the problem of odoo security. there have any other solution for form view of odoo. It'll be helpful for us.

Awatar
Odrzuć
Najlepsza odpowiedź

Hi,

Try like below.

<record id="hr_personal_rule" model="ir.rule">
<field name="name">Employee</field>
<field ref="hr.model_hr_employee" name="model_id"/>
<field name="domain_force">[('user_id','=',user.id)]</field>
<field name="groups" eval="[(4, ref('group_name'))]"/>
</record>



if you want to show some fields in employee records to only a particular group of users, you can use the group attribute along with that field.

<field name="location_id" groups="group_name"/>

 

 

Regards

Awatar
Odrzuć
Powiązane posty Odpowiedzi Widoki Czynność
0
gru 24
969
0
kwi 22
3913
0
maj 18
4621
1
mar 25
1992
1
cze 24
3089