Hoppa till innehåll
Du måste vara registrerad för att kunna interagera med communityn.
Alla inlägg Personer Utmärkelser
Etiketter (Visa alla)
odoo accounting v14 pos v15
Om detta forum
Denna fråga har flaggats
record_rulesSecurityaccess rights
2 Svar
3371 Vyer
Avatar
Guhan

Hi,

In our company we have a external  sales man, therefore he has to see only the contacts  in odoo which  was created by him. I tried it with the  record rule  [("create_uid", "=", user.id)] but however I  get  the following error, still I can close this error and proceed. but the  error pop up comes  often.


because  the followers in contact app  are related  to  res.user eventhough the follower  is he himself.  Anyhelp  would be appreciated . Thanks  

Avatar
Avbryt
Avatar
Guhan
Författare Bästa svar

['|', '|',

('create_uid', '=', user.partner_id.id),

]


For now  got  this working with the above code, but the user  gets error when he opens  a  contact where he  is  a follower assigned by some one in res.partner.  Is  there a way  to  handle this case as well,  where  the user can see the contact where he a follower  and along with it he has access to  the one who created  that contact or  all the followers  of that contact.

Avatar
Avbryt
Avatar
Jens Bölscher
Bästa svar

The issue arises because the record rule you applied restricts access based on the create_uid, but certain actions (like adding followers) attempt to fetch related data (e.g., followers) that are not covered by the rule. This inconsistency leads to the error.


Here’s how you can fix it:


Solution: Adjust Record Rule and Consider Followers

1. Modify the Record Rule

The record rule [("create_uid", "=", user.id)] is too restrictive in this case because it doesn’t account for the linked followers model. You need to extend the rule to include records where the user is either the creator or a follower.


Adjusted Rule (Python):


[("|", ("create_uid", "=", user.id), ("message_partner_ids", "in", [user.partner_id.id]))]


Clear Cache and restart Server

Avatar
Avbryt
Guhan
Författare

Hi,
I tried it but i get thefollowing errorwhen trying to save the record rule
Validation error

Invalid domain: Invalid field res.partner.| in leaf (‘|’, (‘create_uid’, ‘=’, 100), (‘message_partner_ids’, ‘in’, [5589]))

J.A. Daniel Göppner

There is a small typo but the appraoch is correct
try
['|',("create_uid", "=", user.id),('message_partner_ids','in', [user.partner_id.id])]

Relaterade inlägg Svar Vyer Verksamhet
Some users cannot see chatter messages (tracking / history) for a custom model – access rights & record rules seem fine Löst
chatter record_rules access rights
Avatar
Avatar
Avatar
2
feb. 26
1171
Leaves Approval through hierarchical manner
record_rules
Avatar
1
apr. 26
4536
SECURITY: How to stop brute force attack creating > 100 fake orders and trying sql injection?
Security
Avatar
Avatar
1
apr. 25
3598
How Can I Use Record Rules to Restrict Speacific Record To Users? Löst
record_rules
Avatar
Avatar
2
jan. 24
6027
Suggest Record Rule
record_rules
Avatar
0
jan. 24
3420