Add the security to grant permissions to my groups, but when updating odoo I do not see the module installed and when entering with other users the system does not show me anything
security.xml
<record id="grupo_administrador" model="res.groups">
<field name="name">Administrador</field>
</record>
<record id="grupo_profesor" model="res.groups">
<field name="name">Profesor</field>
</record>
<record id="grupo_instructor" model="res.groups">
<field name="name">Instructor</field>
</record>
ir.model.access.csv
access_administrador_profesor,gimnasio.profesor,model_gimnasio_profesor,gimnasio.grupo_administrador,1,1,1,1
access_administrador_alumno,gimnasio.alumno,model_gimnasio_alumno,gimnasio.grupo_administrador,1,1,1,1
access_administrador_plan,gimnasio.plan,model_gimnasio_plan,gimnasio.grupo_administrador,1,1,1,1
access_administrador_reserva,gimnasio.reserva,model_gimnasio_reserva,gimnasio.grupo_administrador,1,1,1,1
access_administrador_clase,gimnasio.clase,model_gimnasio_clase,gimnasio.grupo_administrador,1,1,1,1
access_profesor_rutina,gimnasio.rutina,model_gimnasio_rutina,gimnasio.grupo_profesor,1,1,1,1
access_profesor_ejercicio,gimnasio.ejercicio,model_gimnasio_ejercicio,gimnasio.grupo_profesor,1,1,1,1
access_profesor_evaluacion,gimnasio.evaluacion,model_gimnasio_evaluacion,gimnasio.grupo_profesor,1,1,1,1
access_profesor_progreso,gimnasio.progreso,model_gimnasio_progreso,gimnasio.grupo_profesor,1,1,1,1
access_profesor_reserva,gimnasio.reserva,model_gimnasio_reserva,gimnasio.grupo_profesor,1,1,1,1
access_profesor_alumno,gimnasio.alumno,model_gimnasio_alumno,gimnasio.grupo_profesor,1,1,1,1
access_profesor_plan,gimnasio.plan,model_gimnasio_plan,gimnasio.grupo_profesor,1,1,0,0
access_instructor_reserva,gimnasio.reserva,model_gimnasio_reserva,gimnasio.grupo_instructor,1,1,0,0
access_instructor_clase,gimnasio.clase,model_gimnasio_clase,gimnasio.grupo_instructor,1,1,0,0
I am working access rights in odoo so trying to apply manager and user access rights on same view and action. is it possible to apply access rights on same (view) which belongs to both group-manager and group-user but having access right different?
You can give view/action access rites to more then one group.
<record id="view_order_form_editable_list" model="ir.ui.view">
<field name="name">sale.order.form.editable.list</field>
<field name="model">sale.order</field>
<field name="inherit_id" ref="sale.view_order_form"/>
<field name="groups_id" eval="[(4, ref('product.group_uos')), (4, ref('product.group_stock_packaging')), (4, ref('sale.group_mrp_properties'))]"/>
<field name="arch" type="xml">
<xpath expr="//field[#name='order_line']/tree" position="attributes">
<attribute name="editable"/>
</xpath>
</field>
</record>
You can give any number of group in group_id tab
Can anyone help me how to hide or disable Edit and/or Create button when my workflow status value is "Done"
I have workflow status "Draft > Approval > Confirmed > Done"
so when status is Done i want 'Edit' to be hidden or disabled.
Please help. thanks in advance.
You should be able to create a security rule which restricts write access when the status is done. Something like this. If you have a group you wish to specify then select it. If you have no group I am not sure however you may be able to either leave this field out or place an empty array to represent all groups.
<record id="no_edit_when_done" model="ir.rule">
<field name="name">No Edit When Done</field>
<field name="model_id" ref="model_youraddon_yourmodel"/>
<field name="groups" eval="[(4, ref('base.group_user'))]"/>
<field name="perm_read" eval="1"/>
<field name="perm_write" eval="0"/>
<field name="perm_create" eval="0"/>
<field name="perm_unlink" eval="0"/>
<field name="domain_force">
[('status','=','done')]
</field>
</record>
When you go to configuration->users in odoo as administrator, you see two groups under the category administration: Settings and Access rights. Since one of these groups are selected from a combo box, it seems to me like these groups are mutually exclusive, that is that a user can't be a member of both groups.
I need to do exactly the same with two groups under a custom category which I have created with the following data file:
<record id="FVO" model="ir.module.category">
<field name="name"> FVO </field>
</record>
<record id="FVO_nuova" model="res.groups">
<field name="name">FVO - nuova vista</field>
<field name="category_id" ref="FVO"/>
</record>
<record id="FVO_vecchia" model="res.groups">
<field name="name">FVO - vecchia vista</field>
<field name="category_id" ref="FVO"/>
</record>
But in the users form, they appear as two check boxes, which means that the user could be member of both groups.
Now I've studied both of these groups, and it's category, inspecting also the tables in which they are stored, to try to find out which flag they have so that Settings and Access rights can't be applied to one user at the same time, but for the life of me, I can't find anything special nor in the record for the group, nor in the record for the category.
Is someone able to point out what I'm missing?
I don't know the meaning of vecchia vista and nuova vista so i cannot understand if they are cascade or not, if they are cascade (inherited) rights (like 'see_own_leads' and 'see_all_leads'), you should use
<field name="implied_ids" eval="[(4, ref('FVO_nuova'))]"/> in your FVO_vecchia group so odoo will understand the user should select one of your groups not both of them.
If your groups are not meant to be cascade, i should define 3 groups like this:
`
<record id="FVO_none" model="res.groups">
<field name="name">FVO - no access</field>
<field name="category_id" ref="FVO"/>
</record>
<record id="FVO_nuova" model="res.groups">
<field name="name">FVO - nuova vista</field>
<field name="implied_ids" eval="[(4, ref('FVO_none'))]"/>
<field name="category_id" ref="FVO"/>
</record>
<record id="FVO_vecchia" model="res.groups">
<field name="name">FVO - vecchia vista</field>
<field name="implied_ids" eval="[(4, ref('FVO_none'))]"/>
<field name="category_id" ref="FVO"/>
</record>
`
I want to make field readonly based on group, and status. Like I have two groups:
Manager Group
User Group
If I give User Group to any user and then change Status to Done, then field will be readonly for this user.
Hope I was able to make it clear to understand. Thanks.
Create a functional field of type boolean. If the logged in user is under user group and state is done, then return true. Then in the view, specify attrs="{'readonly':[('boolean_field_name','=',True)]}"
OR
First create your form view. Then inherit the view also specify the groups. for example in sale order form view, i want to make the customer reference field readonly for group user when state is not in draft or sent.
<record id="view_order_form_cust_ref_readonly" model="ir.ui.view">
<field name="name">sale.order.form.readonly.cust</field>
<field name="model">sale.order</field>
<field name="inherit_id" ref="sale.view_order_form"/>
<field name="groups_id" eval="[(6, 0, [ref('base.group_user') ])]"/>
<field name="arch" type="xml">
<field name='client_order_ref'" position="attributes">
<attribute name="attrs">{'readonly':[('state','not in',['draft','sent'])]}</attribute>
</field>
</field>
</record>
you can apply access rule on field level in OpenERP, like in py
'name': fields.char('Name', size=128, required=True, select=True,
read=['base.group_user'] ),
And for status in xml:
<field name="name " attrs="{'readonly': [('state','=','done')]}"/>
There is another sweet way to achieve this. Create one functional field and in that check for group assigned to that user and do not store that field. In View use that field in attrs.
Let say in product you don't want to allow any user to modify Internal Reference if user does not belongs to Product Modify group.
Create one group.
<data noupdate="1" >
<record model="res.groups" id="group_product_modify">
<field name="name">Product Modify</field>
<field name="users" eval="[(4, ref('base.user_root'))]"/>
</record>
</data>
Python file
class product_template(models.Model):
_inherit="product.template"
#api.one
def set_access_for_product(self):
self.able_to_modify_product = self.env['res.users'].has_group('product_extended_ecom_ept.group_product_modify')
able_to_modify_product = fields.Boolean(compute=set_access_for_product, string='Is user able to modify product?')
XMl file should be looking like,
<record model="ir.ui.view" id="product_template_update_internal_code_ept">
<field name="name">Product Template extension</field>
<field name="inherit_id" ref="product.product_template_only_form_view"/>
<field name="model">product.template</field>
<field name="priority" eval="50" />
<field name="arch" type="xml">
<field name="default_code" position="before">
<field name="able_to_modify_product" invisible="1" />
</field>
<field name="default_code" position="attributes">
<attribute name="attrs">{'readonly' : [('able_to_modify_product','=',False)]}</attribute>
</field>
</field>
</record>
In case if you are using Odoo web client(GUI) instead of code then there is a bit unorthodox way to do it.
Just make a copy of the field which will contain same value as the original one(giving original field name in Related Field under Advanced Properties) and mark it as read-only.
Then you can hide original field from the users which cannot edit that field and hide the copy field from those who can edit by using groups attribute.