I've made a custom module for the warehouse and now I want this module to be available to a new group.
This new group needs to inherit from the stock manager, so it has to have all the rights the stock manager has + access to this new module.
In my xml I defined:
<record id="group_stock_manager_editor" model="res.groups">
<field name="name">Manager Editor</field>
<field name="category_id" ref="base.module_category_warehouse_management"/>
<field name="implied_ids" eval="[(4, ref('group_stock_manager')), (4, ref('account.group_account_user'))]"/>
<field name="users" eval="[(4, ref('base.user_root'))]"/>
</record>
But this doesn't seem to work, how can I achieve this?
Solved it, the problem was that I wanted to inherit the rights from the group_stock_manager from a custom module, so instead of group_stock_manager it had to be stock.group_stock_manager
Related
Add the security to grant permissions to my groups, but when updating odoo I do not see the module installed and when entering with other users the system does not show me anything
security.xml
<record id="grupo_administrador" model="res.groups">
<field name="name">Administrador</field>
</record>
<record id="grupo_profesor" model="res.groups">
<field name="name">Profesor</field>
</record>
<record id="grupo_instructor" model="res.groups">
<field name="name">Instructor</field>
</record>
ir.model.access.csv
access_administrador_profesor,gimnasio.profesor,model_gimnasio_profesor,gimnasio.grupo_administrador,1,1,1,1
access_administrador_alumno,gimnasio.alumno,model_gimnasio_alumno,gimnasio.grupo_administrador,1,1,1,1
access_administrador_plan,gimnasio.plan,model_gimnasio_plan,gimnasio.grupo_administrador,1,1,1,1
access_administrador_reserva,gimnasio.reserva,model_gimnasio_reserva,gimnasio.grupo_administrador,1,1,1,1
access_administrador_clase,gimnasio.clase,model_gimnasio_clase,gimnasio.grupo_administrador,1,1,1,1
access_profesor_rutina,gimnasio.rutina,model_gimnasio_rutina,gimnasio.grupo_profesor,1,1,1,1
access_profesor_ejercicio,gimnasio.ejercicio,model_gimnasio_ejercicio,gimnasio.grupo_profesor,1,1,1,1
access_profesor_evaluacion,gimnasio.evaluacion,model_gimnasio_evaluacion,gimnasio.grupo_profesor,1,1,1,1
access_profesor_progreso,gimnasio.progreso,model_gimnasio_progreso,gimnasio.grupo_profesor,1,1,1,1
access_profesor_reserva,gimnasio.reserva,model_gimnasio_reserva,gimnasio.grupo_profesor,1,1,1,1
access_profesor_alumno,gimnasio.alumno,model_gimnasio_alumno,gimnasio.grupo_profesor,1,1,1,1
access_profesor_plan,gimnasio.plan,model_gimnasio_plan,gimnasio.grupo_profesor,1,1,0,0
access_instructor_reserva,gimnasio.reserva,model_gimnasio_reserva,gimnasio.grupo_instructor,1,1,0,0
access_instructor_clase,gimnasio.clase,model_gimnasio_clase,gimnasio.grupo_instructor,1,1,0,0
I need to apply two rules on res_partner table using two groups
Groups: Staff and Manager
Menuitems: Customer and 'Staff'
Model : res_partner for both views.
Users in group Staff can only see staff menu details (read access only)
But they need to have full access to Customer ( read,write,create and unlink)
users in Manager should have full access to both views.
I tried below code
<record model="ir.rule" id="staff_staff_rule">
<field name="name">Readonly for staff</field>
<field name="model_id" ref="base.model_res_partner"/>
<field name="domain_force">[(1,'=',1)]</field>
<field name="perm_create" eval="False"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="False"/>
<field name="perm_unlink" eval="False"/>
<field name="groups" eval="[(4, ref('appartment.group_appartment_staff'))]"/>
</record>
But users still can create,edit,read, and delete records from staff groups.
How can i achieve this.
you should give the right domain that show only staff. when you put the
a domain you indicate that this group is allawed to read only this records.
<record model="ir.rule" id="staff_staff_rule">
<field name="name">Readonly for staff</field>
<field name="model_id" ref="base.model_res_partner"/>
<!-- put the right domain -->
<field name="domain_force">[('partner_type','=', 'staff')]</field>
<field name="perm_create" eval="False"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="False"/>
<field name="perm_unlink" eval="False"/>
<field name="groups" eval="[(4, ref('appartment.group_appartment_staff'))]"/>
</record>
I think it will be done easily using csv (security access file).
You can manage this kind of situation directly from the csv file and that file you need to add into the openerp.py / manifest.py file.
CSV file example
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
access_res_partner,res_partner_user_access,model_res_partner,appartment.group_appartment_staff,1,0,0,0
access_manager_res_partner,res_partner_manager_access,model_res_partner,appartment.group_appartment_manager,1,1,1,1
Rules
Rules are used to applied conditions on each records while they have
been trying to access.
Access Control List
ir.model.access / Access control list is used to manage permissions
(only model access whether user can read / write / create / delete or
not).
#Cherif Odoo has explained rules and here is the access control list. By these two way odoo manage securities.
When you go to configuration->users in odoo as administrator, you see two groups under the category administration: Settings and Access rights. Since one of these groups are selected from a combo box, it seems to me like these groups are mutually exclusive, that is that a user can't be a member of both groups.
I need to do exactly the same with two groups under a custom category which I have created with the following data file:
<record id="FVO" model="ir.module.category">
<field name="name"> FVO </field>
</record>
<record id="FVO_nuova" model="res.groups">
<field name="name">FVO - nuova vista</field>
<field name="category_id" ref="FVO"/>
</record>
<record id="FVO_vecchia" model="res.groups">
<field name="name">FVO - vecchia vista</field>
<field name="category_id" ref="FVO"/>
</record>
But in the users form, they appear as two check boxes, which means that the user could be member of both groups.
Now I've studied both of these groups, and it's category, inspecting also the tables in which they are stored, to try to find out which flag they have so that Settings and Access rights can't be applied to one user at the same time, but for the life of me, I can't find anything special nor in the record for the group, nor in the record for the category.
Is someone able to point out what I'm missing?
I don't know the meaning of vecchia vista and nuova vista so i cannot understand if they are cascade or not, if they are cascade (inherited) rights (like 'see_own_leads' and 'see_all_leads'), you should use
<field name="implied_ids" eval="[(4, ref('FVO_nuova'))]"/> in your FVO_vecchia group so odoo will understand the user should select one of your groups not both of them.
If your groups are not meant to be cascade, i should define 3 groups like this:
`
<record id="FVO_none" model="res.groups">
<field name="name">FVO - no access</field>
<field name="category_id" ref="FVO"/>
</record>
<record id="FVO_nuova" model="res.groups">
<field name="name">FVO - nuova vista</field>
<field name="implied_ids" eval="[(4, ref('FVO_none'))]"/>
<field name="category_id" ref="FVO"/>
</record>
<record id="FVO_vecchia" model="res.groups">
<field name="name">FVO - vecchia vista</field>
<field name="implied_ids" eval="[(4, ref('FVO_none'))]"/>
<field name="category_id" ref="FVO"/>
</record>
`
Do you know how to insert the column create_date on the Odoo Customers Tree View? It would let me see the most recent clients created on the system.
Thank you,
Eduardo
for insert the column create_date on the Odoo Customers Tree View follow the following steps:-
1:- inherit in .py file
from openerp import models, fields, api, _
class ResPartner(models.Model):
_inherit = 'res.partner'
create_date = fields.Datetime("Date")
2:- extend res.partner tree view.
<record id="view_inherit_res_partner_tree" model="ir.ui.view">
<field name="name">res.partner</field>
<field name="model">res.partner</field>
<field name="inherit_id" ref="base.view_partner_tree"/>
<field name="arch" type="xml">
<xpath expr="//field[#name='function']" position="before">
<field name="create_date"/>
</xpath>
</field>
</record>
I would advise against changing the _order attribute on the model as that changes the order in the database, which may not be what you are trying to achieve. Instead, add a default_order="create_date desc" attribute to the tree element of the list view. In the arch:
<tree position="attributes">
<attribute name="default_order">create_date desc</attribute>
</tree>
Follow this step
1/ Inherit res_partner class.
In your .py file, add this code.[redefine _order attribute]
class res_partner(osv.Model):
_inherit = "res.partner"
_order = "create_date desc"
res_partner()
2/ In your view file, inherit the partner's tree-view and add create_date field.
<record id="view_partner_tree_extended" model="ir.ui.view">
<field name="name">res.partner.extended</field>
<field name="model">res.partner</field>
<field name="inherit_id" ref="base.view_partner_tree"/>
<field name="arch" type="xml">
<xpath expr="//field[#name='display_name']" position="before">
<field name="create_date"/>
</xpath>
</field>
</record>
Note : No need to add create_date field in python file because it comes from osv.model base class.
_order atttribute is used for sort the records as your requirement.
Restart server and update your module.
Hope It will work for you !!
Let me know if you have any query.
As create_date is Automatic fields in Odoo, you can directly access it in the tree view.
Example:-
<record id="customer_list_view" model="ir.ui.view">
<field name="name">customer.tree</field>
<field name="model">bank.customer</field>
<field name="arch" type="xml">
<tree string="Customer View">
<field name="name"/>
<field name="contact"/>
<field name="create_date"/> // Directly access from database(no need to declare in model)
</tree>
</field>
</record>
I'd suggest that you'll use xpath and inherit the tree view from the customers. The following xml should work:
<record id="inherit_customer_tree_view" model="ir.ui.view">
<field name="name">res.partner.tree.inherit</field>
<field name="model">res.partner</field>
<field name="inherit_id" ref="base.view_partner_tree" />
<field name="arch" type="xml">
<xpath expr="//field[#name='display_name']" position="before">
<field name="create_date" />
</xpath>
</field>
</record>
To insert create_date into the tree view
first create a field with the same name ['create_date'] in your .py file
'create_date':fields.datetime('Create Date')
then put it in your tree view. It will work.
Write code in your specific tree view
<record id="my_tree_view_id" model="ir.ui.view">
<field name="name">my.mode.view.tree</field>
<field name="model">my.model</field>
<field name="mode">primary</field>
<field name="arch" type="xml">
<tree string="My model tree view">
<field name="name" />
<field name="product_count" />
<field name="write_date" />
</tree>
</field>
</record>
Using the write_date in field tag then print date with time in specific tree view.
you can direct declare in xml. No need to define .py file. Because create_date is a odoo magic field. so, you can declare directly in tree view.
<data>
<xpath expr="//field[#name='display_name'][not(ancestor::field)]" position="after">
<field name="create_date"/>
</xpath>
<xpath expr="//field[#name='create_date'][not(ancestor::field)]" position="after">
<field name="create_uid"/>
</xpath>
</data>
Place this code in a view using the developers tool button in the partner tree
create_date = date
create_uid = the user that created the partner
In Odoo/OpenERP we can inherit or use existing modules object/class/model and views. We can also inherit single field of existing modules. The question is why we need such inheritance.
The purpose of inheritance or why we need inheritance is given below:
To change attributes of some fields which exists on existing/custom
model (e.g. making fields readonly,invisible)
To add/modify/delete old or new fields in existing/custom model
(e.g. Product, Sales, HR, Fleet Management, Attendance modules model
etc)
We can also add buttons in already existing/custom model (form and
tree) view by using inheritance
I want to make field readonly based on group, and status. Like I have two groups:
Manager Group
User Group
If I give User Group to any user and then change Status to Done, then field will be readonly for this user.
Hope I was able to make it clear to understand. Thanks.
Create a functional field of type boolean. If the logged in user is under user group and state is done, then return true. Then in the view, specify attrs="{'readonly':[('boolean_field_name','=',True)]}"
OR
First create your form view. Then inherit the view also specify the groups. for example in sale order form view, i want to make the customer reference field readonly for group user when state is not in draft or sent.
<record id="view_order_form_cust_ref_readonly" model="ir.ui.view">
<field name="name">sale.order.form.readonly.cust</field>
<field name="model">sale.order</field>
<field name="inherit_id" ref="sale.view_order_form"/>
<field name="groups_id" eval="[(6, 0, [ref('base.group_user') ])]"/>
<field name="arch" type="xml">
<field name='client_order_ref'" position="attributes">
<attribute name="attrs">{'readonly':[('state','not in',['draft','sent'])]}</attribute>
</field>
</field>
</record>
you can apply access rule on field level in OpenERP, like in py
'name': fields.char('Name', size=128, required=True, select=True,
read=['base.group_user'] ),
And for status in xml:
<field name="name " attrs="{'readonly': [('state','=','done')]}"/>
There is another sweet way to achieve this. Create one functional field and in that check for group assigned to that user and do not store that field. In View use that field in attrs.
Let say in product you don't want to allow any user to modify Internal Reference if user does not belongs to Product Modify group.
Create one group.
<data noupdate="1" >
<record model="res.groups" id="group_product_modify">
<field name="name">Product Modify</field>
<field name="users" eval="[(4, ref('base.user_root'))]"/>
</record>
</data>
Python file
class product_template(models.Model):
_inherit="product.template"
#api.one
def set_access_for_product(self):
self.able_to_modify_product = self.env['res.users'].has_group('product_extended_ecom_ept.group_product_modify')
able_to_modify_product = fields.Boolean(compute=set_access_for_product, string='Is user able to modify product?')
XMl file should be looking like,
<record model="ir.ui.view" id="product_template_update_internal_code_ept">
<field name="name">Product Template extension</field>
<field name="inherit_id" ref="product.product_template_only_form_view"/>
<field name="model">product.template</field>
<field name="priority" eval="50" />
<field name="arch" type="xml">
<field name="default_code" position="before">
<field name="able_to_modify_product" invisible="1" />
</field>
<field name="default_code" position="attributes">
<attribute name="attrs">{'readonly' : [('able_to_modify_product','=',False)]}</attribute>
</field>
</field>
</record>
In case if you are using Odoo web client(GUI) instead of code then there is a bit unorthodox way to do it.
Just make a copy of the field which will contain same value as the original one(giving original field name in Related Field under Advanced Properties) and mark it as read-only.
Then you can hide original field from the users which cannot edit that field and hide the copy field from those who can edit by using groups attribute.