Hi, i am confused in Access Right and Record Rules base on several conditions.
I had created Access Right for 3 groups:
<record model="ir.module.category" id="module_category_password">
<field name="name">Password Authentication</field>
<field name="description">Password Authentication</field>
<field name="sequence">30</field>
</record>
<record id="password_user_id" model="res.groups">
<field name="name">Low</field>
<field name="category_id" ref="module_category_password"></field>
<field name="comment">Low Permission can only view password.</field>
</record>
<record id="password_officer_id" model="res.groups">
<field name="name">Medium</field>
<field name="category_id" ref="module_category_password"></field>
<field name="implied_ids" eval="[(4, ref('password_user_id'))]"/>
<field name="comment">Medium Permission will have certain right for Password Authentication.</field>
</record>
<record id="password_manager_id" model="res.groups">
<field name="name">High</field>
<field name="category_id" ref="module_category_password"></field>
<field name="implied_ids" eval="[(4, ref('password_officer_id'))]"/>
<field name="comment">High Permission will have all access right for Password Authentication.</field>
</record>
The columns created:
_columns = {
'account_name': fields.char('Account Name', required=True),
'username': fields.char('Username/Email', required=True),
'password': fields.char('Password', required=True),
'confirm_password': fields.char('Confirm Password', required=True),
'confidential_level': fields.selection([("High", "High"), ("Medium", "Medium"), ("Low", "Low")], 'Confidential Level', required=True),
'security_question': fields .text('Security Question'),
'note': fields .text('Note'),
}
The ir.model.access:
id,name,model_id/id,group_id/id,perm_read,perm_write,perm_create,perm_unlink
access_password_authentication_manager,password.authentication.manager,model_password_authentication,password_manager_id,1,1,1,1
access_password_authentication_officer,password.authentication.officer,model_password_authentication,password_officer_id,1,1,1,1
access_password_authentication_user,password.authentication.user,model_password_authentication,password_user_id,1,0,0,0
My conditions needed in this custom module are:
High - Have all access
Medium - Can create, view, edit, delete low and medium confidential level password
Low - Only can view Low Confidential Password
Low and High Group is working perfectly. However, for medium group it is not working, it seems that the High Confidential is not view-able (it should be viewable but not editable).
The Record Rule added:
<record model="ir.rule" id="module_category_password_rule">
<field name="name">Password Rule Medium</field>
<field name="model_id" ref="model_password_authentication"></field>
<field name="groups" eval="[(4,ref('password_officer_id'))]"></field>
<field name="domain_force">[('confidential_level', '!=', 'High')]</field>
<field eval="0" name="perm_write"></field>
<field eval="1" name="perm_read"></field>
<field eval="1" name="perm_unlink"></field>
<field eval="1" name="perm_create"></field>
</record>
Can someone please advise? Thank you.
I might need to post my correction. Odoo does not let me edit my post.
My problems are:
High: Can't view high confidential password (It should be view-able)
Medium: Can't view high confidential password, can't edit medium and low confidential password (it should be view-able and not editable in High, editable in Medium and Low)
Low: Works perfectly