This question has been flagged
4 Odpowiedzi
17990 Widoki

I have Created Some Options In More Button display in The Delivery Order Form, But I need to hide some options depend on the User Group permission


The Code i written is,
        <record id="action_activate_server" model="ir.actions.server">
            <field name="name">Activate</field>
            <field name="model_id" ref="model_stock_picking_out"/>
            <field name="state">code</field>
            <field name="code">self.activated(cr, uid, context.get('active_ids', []),context=context)</field>
            <field name="groups_id" eval="[(4,ref('base.group_no_one'))]"/>
        <record id="ir_open_activate_wizard" model="ir.values">
            <field eval="'client_action_multi'" name="key2"/>
            <field eval="'stock.picking.out'" name="model"/>
            <field name="name">Activate</field>
            <field eval="'ir.actions.server,%d'%action_activate_server" name="value"/>
            <field name="groups_id" eval="[(4,ref('base.group_no_one'))]"/>



I have the same issue. Did you found the solution to this problem? Thanks in advance

Best Answer

here is something more recent wich work for me :

ack_workflows = name of my module
group_manager = my group name
generate_project_task() = my method name
def generate_task_action(self):
# On test l'appartenance au groupe
flag = self.env['res.users'].has_group('ack_workflows.group_manager')
if flag:
raise UserError('Vous n\'avez pas les droits pour réaliser cette action')

very good link for the security :
import for raise UserError :
from odoo.exceptions import UserError
I hope it useful

Best Answer


Best Answer

Hi, I got it working:

1 - add groups_id field to ir.actions.server model:

class ir_actions_server(osv.osv):
    _name = 'ir.actions.server'
    _inherit = 'ir.actions.server'

    _columns = {
        'groups_id': fields.many2many('res.groups', 'res_groups_ir_actions_server_rel', 'uid', 'gid', 'Groups'),

2 - then add that field in the ir.actions.server form view:

<record id="view_ir_actions_server_form" model="ir.ui.view">
            <field name="name">ir.actions.server.form</field>
            <field name="model">ir.actions.server</field>
            <field name="inherit_id" ref="base.view_server_action_form" />
            <field name="arch" type="xml">
                <xpath expr="//notebook" position="inside">
                    <page string="Security">
                        <field name="groups_id" />

3 - then add a record rule to limit each user to see only those actions whose groups are defined for his user groups:

<record id="ir_actions_server_groups_id_rule" model="ir.rule">
            <field name="name">User can only see ir.actions.server if she belongs to its group (if defined)</field>
            <field ref="model_ir_actions_server" name="model_id"/>
            <field name="domain_force">['|', ('groups_id', '=', False), ('groups_id', 'in', [ for g in user.groups_id])]</field>