Skip to Content
Menu
Musisz się zarejestrować, aby móc wchodzić w interakcje z tą społecznością.
To pytanie dostało ostrzeżenie
1 Odpowiedz
4047 Widoki

Hi everyone, I have a custom model "A" that has a Many2many relationship to the hr.applicant model.

I have two groups of users in my application: admin and non-admin. I want both groups to have read permission of model "A", but only the admin group should have read permissions on hr.applicant.

I thought I could achieve this by adding groups="my_admin_group" to the field in model A's views, but unfortunately this is not working.

It's important to note that the approach above works IF the field is Many2one, rather than Many2many, which results in the value of the field being hidden from the non-admin group. But if the fields is Many2many (which is required in my case) it throws a permission error.

I have also tried to make the field conditionally invisible, but to no avail.


Any ideas of why this is happening, and how to work around it? Thank you.

Awatar
Odrzuć
Najlepsza odpowiedź

Because you are giving read access to the source model, the user will get access to read the same. If you do not want the user to access the source model directly from front end, you can hide the menu for the group which enables the user to go to the particular screen.

Awatar
Odrzuć
Autor

I don't think that would solve my problem, but anyway I already got an answer on the Github issue I created.
The solution is to set the "groups" field attribute at the model level (i.e. on the Python file) rather than only on the view. That makes it so the non-admin group can access the view, but simply doesn't receive the private field on the frontend.

Powiązane posty Odpowiedzi Widoki Czynność
2
mar 24
2361
3
sie 23
3885
1
paź 22
3416
0
wrz 22
1823
3
lip 22
2831