New type of access rule to restrict permissions based on groups
Project description
This module adds a new model to configure Odoo permissions, the “Model Access Restrictions”
This model allows to restrict the access to a model for all users except the ones that belong to at least one group of a list of allowed groups.
While Odoo’s default access rules provide permissions, and having one already gives you access, these new rules remove them, and failing to comply with one restricts your access.
Table of contents
Configuration
To configure this module, you need to:
Go to Settings / Technical / Security / Model Access Restrictions
Create a new access restriction
Select the model to restrict the access
Select the operations the rule applies to. If the operation is not selected the restriction won’t apply to that operation which means users will access the model as always.
Select the groups that will have access to the model. The rest of groups will have the access disabled.
Interaction between access records
Normal access records give permissions. Access restriction records remove permissions. If a user does not have one group of a restriction, the access will be forbidden.
Detailed algorithm:
Normal access records are combined together with a logical OR operator. If a user has the group of an access record, access will be granted.
Access restriction records are applied before normal access, and combined together with a logical AND operator. If a restriction is not met, the access is forbidden.
A restriction is not met if the user does not belong to any of the allowed groups.
Example: ACCESS_1 OR ACCESS_2 AND (ACCESS_RESTRICTION_1 AND ACCESS_RESTRICTION_2)
ACCESS_1: Group: Internal Users
ACCESS_2 Group: Administrator
****: Allowed Groups: Internal Users
ACCESS_RESTRICTION_2 Allowed Groups: Administrator
Bug Tracker
Bugs are tracked on GitHub Issues. In case of trouble, please check there if your issue has already been reported. If you spotted it first, help us to smash it by providing a detailed and welcomed feedback.
Do not contact contributors directly about support or help with technical issues.
Credits
Contributors
-
Alberto Martínez
Manuel Regidor
Valentin Vinagre
Harald Panten
Maintainers
Current maintainer:
This module is part of the sygel-technology/sy-server-backend project on GitHub.
You are welcome to contribute.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file odoo_addon_model_access_restriction-16.0.1.0.0.1-py3-none-any.whl.
File metadata
- Download URL: odoo_addon_model_access_restriction-16.0.1.0.0.1-py3-none-any.whl
- Upload date:
- Size: 52.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b3a1613ca2ad50d7ef9ef5316cf922bf8572055381a6a6d975613d2f9f16f1c1
|
|
| MD5 |
c79ed8f78419e03406510bfd1af4d9b6
|
|
| BLAKE2b-256 |
5f2265331a9fdafa728dfbd7b26a7a02b30ff727ef23a6066cca570f1d8ee1f0
|
