domain_force - Odoo group security read all records in custom module

Question

I'm trying to assign a security group (group_user) permission to be able to view all the records generated by the users of the group (name_group_info_med)

user_group: Can see all the records generated by group_name_information_medium_medical group_name_info_med: can only see the records generated by it

The acces_rules.xml is the following

<?xml version="1.0" encoding="utf-8"?> 
<odoo>
<data noupdate="0">

<record id="info_arch_user_rule" model="ir.rule">
    <field name="name">See all</field>
    <field name="model_id" ref="model_info_med"/>
    <field name="domain_force">
        [('create_uid', '=', user.id)]
    </field>
    <field name="groups" eval="[(4, ref('informed.group_user'))]"/>
</record>     

<record id="info_med_user_rule" model="ir.rule">
    <field name="name">Informe Medico  only for owners</field>
    <field name="model_id" ref="model_info_med"/>
    <field name="domain_force">
        [('create_uid', '=', user.id)]
    </field>
    <field name="groups" eval="[(4, ref('informed.group_name_info_med'))]"/>
</record> 

</data>
</odoo>

Any suggestion of help is welcome.

Answer 1

If you want a group to have access to view all records (no restriction), then your record rule should use a domain_force of [(1, '=', 1)].

<record id="info_arch_user_rule" model="ir.rule">
    <field name="name">See all</field>
    <field name="model_id" ref="model_info_med"/>
    <field name="domain_force">
        [(1, '=', 1)]
    </field>
    <field name="groups" eval="[(4, ref('informed.group_user'))]"/>
</record>     

Record Rules Documentation is pretty sparse, but you can view examples in the core code or in the Odoo backend (Settings > Technical > Record Rules).

---

Disclaimer: This is to have a group be able to view all records, not just records of a different group. As @CZoellner mentioned in a comment below, that wouldn't be possible to do with Record Rules alone.