Hi, I'm trying to restrict access to some journals for a given internal user. The user is allowed to access the other journals.
I have tried to create a new group for the Accounting application. This group inherits from the Administrator group, but I have added a new access rule that restricts access to all but 2 account journals.
This works to remove the journals from the accounting dashboard for this user. However I run into problems when this user tries to process a payment for a vendor bill. The payment wizard shows up fine and the list of journals is also filtered to exclude the two journals. However when the user selects a different journal from the default selected account I get an error. The log entry corresponding to this error is:
INFO db-name odoo.addons.base.models.ir_rule: Access Denied by record rules for operation: read on record ids: [12, 23], uid: 4, model: account.journal
INFO db-name odoo.addons.base.models.ir_rule: Access Denied by record rules for operation: read on record ids: [12, 23], uid: 4, model: account.journal
INFO db-name odoo.addons.base.models.ir_rule: Access Denied by record rules for operation: read on record ids: [12], uid: 4, model: account.journal
WARNING db-name odoo.http: Due to security restrictions, you are not allowed to access 'Journal' (account.journal) records.
Records: name-of-restricted-journal (id=12)
User: name-of-restricted user (id=4)
This restriction is due to the following rules:
- name of rule I created
Contact your administrator to request access if necessary.
This is unexpected. I just want to two journals not listed in the drop down and in the dashboard, but my rule seems to prevent the user from selecting any of the non-restricted journals as well.
What am I missing ?
