Reputation: 2129
How to make user can only access their own records in odoo?
I have created groups to give access rights everything seems fine but I want to custom access - rights for module issue. When user of particular group logins, I want that user only able to create/edit their own issue and can't see other users issue.Please help me out!! Thanks
Upvotes: 0
Views: 7216
Answers (2)
Reputation: 2892
User can access its own record for the project issue so we will make to add a new record security rule in our view xml file. Basically record rule is the part of the security group so we will make to within the below way :
<record model="ir.rule" id="per_user_rule">
<field name="name">User: see the individual Record</field>
<field name="model_id" ref="project.model_project_issue"/>
<field name="domain_force">['|',('user_id','=',False),('user_id','=',user.id)]</field>
<field name="groups" eval="[(4,ref('base.group_user'))]"/>
</record>
Security record rule is totally depends on domain_force and model_id attributes.They are providing the key role within the security record over the particular model. Based on the users requirements we are modify that two attributes as well as unique id of the each record rule and try to access the users record within the user security group for particular user's login.
You can go with the menu navigation for create a new security rule for the project.issue model
Settings > Technical > Security > Record Rules
and you can add a new rule as I given above as per your need.
I hope my answer may helpful for you :)
Upvotes: 0
Reputation: 2314
Providing access rule is one part of the solution. If you look at "Access Control List" in "Settings > Technical > Security > Access Controls Lists", you can see that the group Hr Employee has only read access to the model hr.employee. So first you have to provide write access also to model hr.employee for group Employee. After you have allowed write access to the group Employee for model hr.employee,
- Create a new record rule from Settings > Technical > Security > Record Rules named User_edit_own_employee_rule (As you wish).
- Provide domain for this group User_edit_own_employee_rule as [('user_id', '=', user.id)]. And this domain should apply for Read and Write. ie; by check "Apply for Read" and "Apply for Write" Boolean field.
- Create another record rule named User_edit_own_employee_rule_1
- Provide domain for this group User_edit_own_employee_rule as [('user_id', '!=', user.id)]. And this domain should apply for Read only. ie; check "Apply for Read".
Now by creating two record rule for the group Employee, we can provide access to read and write his/her own record but only to read other employee records.
Detail:
Provide write access in access control list to model hr.employee for group Employee. Create two record rule:
User_edit_own_employee_rule :
- Name : User_edit_own_employee_rule
- Object : Employee
- Apply for Read : Checked
- Apply for Write : Checked
- Rule Definition : [('user_id', '=', user.id)]
- Groups : Human Resources / Employee
User_edit_own_employee_rule_1 :
- Name : User_edit_own_employee_rule_1
- Object : Employee
- Apply for Read : Checked
- Apply for Write : Un Checked
- Rule Definition : [('user_id', '!=', user.id)]
- Groups : Human Resources / Employee
I hope this will help you.
Upvotes: 2
Related Questions
- restrict access of tasks to assigned users only in odoo 12
- Odoo - Hide button for specific user
- Modify Access Rights in Odoo 10
- Odoo restrict regular user
- Odoo/OpenERP: How can i restrict a user to his own journal entries
- Odoo v8: How to limit user access to contacts
- How can i controll the access and views of user? in Odoo
- Odoo fields access rights/rules
- OpenERP 7 Access Rights for User Roles
- Security Access rules for custom module