Skip to Content
Trebuie să fiți înregistrat pentru a interacționa cu comunitatea.
All Posts Oameni Insigne
Etichete (View all)
odoo accounting v14 pos v15
Despre acest forum
Această întrebare a fost marcată
record_rulesdomain_filteraccess rights
1 Răspunde
5530 Vizualizări
Imagine profil
Benedikt Schnörr

Hey guys,
I'm setting up a new Odoo db right now and I want to create an access group that has read and write access to contacts, only if the custom selection field x_type in a contact has the value "value1".
This is my only access right in this group:
name: ​model: ​read: ​write:

res.partner ​contact ​yes ​yes

This is the only record rule:
name: ​​model: ​domain: ​read: ​write:

value1 ​​contact ​[('x_type','=','value1')] ​yes ​yes

The problem is that the user in this group can still read and write to all contacts even though he is in no other access groups besides "internal user". Also "creating contact" in the user settings is deactivated.
Apparently, the access right works, but the record rule is not restricting the access right.

I have the free version 16 installed on debian 11 with the crm, contacts and mass mailing modules.

Can anyone help me with this problem? Is the domain maybe wrong or is there anything else I have to set up? 

Imagine profil
Abandonează
Chris TRINGHAM

Limiting access on Contacts can be tricky. This might be helpful: https://odootricks.tips/about/building-blocks/security/record-rules/

Benedikt Schnörr
Autor

@Chris Thank you for the link, it helped a bit!

Imagine profil
Benedikt Schnörr
Autor Cel mai bun răspuns

Edit: I figured it out.

There is a record rule in the predefined group "Internal User" called "res.partner.rule.private.employee" which grants full access to all contact entries by default. This rule overwrote my own rule so it couldn't work. I limited the predefined rule's access to read only or deleted it, then my own rule worked.

Imagine profil
Abandonează
Related Posts Răspunsuri Vizualizări Activitate
Domain Filtering help: Is there any operator like 'includes' or 'contains', which will do the inverse of 'child_of' operator? Rezolvat
record_rules domain_filter
Imagine profil
Imagine profil
2
oct. 22
12655
Access Rights in Odoo 15 Rezolvat
record_rules access rights odoo15
Imagine profil
Imagine profil
Imagine profil
2
oct. 24
1681
How to limit the view of other contacts for different users Rezolvat
contacts record_rules access rights
Imagine profil
1
iul. 24
2390
What should be the domain filter for filtering all customers of a salesteam?
salesteams record_rules domain_filter
Imagine profil
0
mar. 15
4483
How can we ensure that portal users can see models from all companies?
portal record_rules multicompany access rights
Imagine profil
0
oct. 25
615