How to hide any menu for special groups on odoo-8? - security

I'm trying to hide a top menu for a new custom group which I created :
<?xml version="1.0" encoding="UTF-8"?>
<openerp>
<data noupdate="1">
<record model="ir.module.category" id="module_sales_users">
<field name="name">Sales Users</field>
</record>
<record id="sales_simple_user" model="res.groups">
<field name="name">Simple User</field>
<field name="category_id" ref="module_sales_users"/>
</record>
<record id="mail.mail_feeds_main" model="ir.ui.menu" >
<field name="groups_id" eval="[(3,ref('sales_simple_user'))]"/>
</record>
</data>
</openerp>
But when I assign a user to this group, the menu is always shown !
Please what's the mistake in my code ?

It's probably due that this user belongs to another group (like Human Resources) with permission access to this menu

Related

Odoo hide some view type on specific model

I need the following view types on CRM hide calendar,pivot,graph,cohort,dashboard using a custom module
I tried with this without success
<record id="crm_action" model="ir.actions.act_window">
<field name="name">CRM views</field>
<field name="type">ir.actions.act_window</field>
<field name="res_model">crm.lead</field>
<field name="view_type">crm.lead.kanban</field>
<field name="view_mode">tree,form,calendar,graph</field>
</record>
thanks
UPDATE
Your module should depend on crm. Then, the code must be this:
<record model="ir.actions.act_window" id="crm.crm_lead_action_pipeline">
<field name="view_mode">kanban,tree,form</field>
</record>

Odoo 12 - Model not found even though it exists

I am porting a localization accountability model from Odoo 8 to Odoo 12, I ported a function that worked flawlessly but then right after that I tried porting some other code that does not interfere with the first on, even though, whenever it is initialized by the init.py Odoo brings up an error telling me that the model cannot be found, even though it is correctly set up.
All I've tried is to ignore the new modules I added right after setting up the one that should be perfectly working right now. Without them (or without any new module at all, because I've tried porting different ones) it works, but this shouldn't be the case at all.
wizard_nro_ctrl.py
class WizNroctrl(models.TransientModel):
_name = 'nroctrl'
_description = "Wizard that changes the invoice control number"
new_nroctrl = fields.Char('Control Number', required=True)
sure = fields.Boolean('Are you sure?')
# Change control number of the invoice
def set_noctrl(self):
if not self.sure:
raise except_orm('Error!', 'Please confirm that you want to do this by checking the option')
current_id = self._context['current_id']
inv_object = self.env['account.invoice'].browse(current_id)
inv_object.nro_ctrl = self.new_nroctrl
return True
wizard_nro_ctrl_view.xml
<?xml version='1.0' encoding='UTF-8'?>
<odoo>
<data>
<record model="ir.ui.view" id="wizard_nro_ctrl_form">
<field name="name">wizard.nro.ctrl.form</field>
<field name="model">nroctrl</field>
<field name="arch" type="xml">
<form string="Changing the Control Number">
<field name="new_nroctrl" placeholder="New control number"/>
<separator string="Are you sure you want to do this?" colspan="4"/>
<field name="sure"/>
<footer>
<button name="set_noctrl" string="Confirm" type="object"/>
<button special="cancel" string="Cancel"/>
</footer>
</form>
</field>
</record>
<record id="action_wiz_nroctrl" model="ir.actions.act_window">
<field name="name">Change control number</field>
<field name="type">ir.actions.act_window</field>
<field name="model">wiz.nroctrl</field>
<field name="view_type">form</field>
<field name="view_mode">form</field>
<field name="target">new</field>
</record>
</data>
</odoo>
The init.py has the model initialized and the folder as well.
The model should work just fine, without this error. There's no reason to my knowledge for this issue.
odoo.tools.convert.ParseError: "Error while validating constraint
Model not found: nroctrl
Please make sure that in the model action you have wrote include model name 'nroctrl'. give the below xml code (nroctrl):
<record id="action_wiz_nroctrl" model="ir.actions.act_window">
<field name="name">Change control number</field>
<field name="type">ir.actions.act_window</field>
<field name="model">nroctrl</field>
<field name="view_type">form</field>
<field name="view_mode">form</field>
<field name="target">new</field>
</record>
Also please ensure that you have given file name in init.py of wizard folder. also the folder name in ini.py of module.

How to make website menu item invisible in specific group?

I'm working on a private sale website. If the user is a manager, the menu2 will look, else user is a salesman, the menu3 will look. How can I do that?
What is the best solution?
Here is my code:
<record id="menu_shop_sales" model="website.menu">
<field name="name">menu2</field>
<field name="url">/shop_sales</field>
<field name="parent_id" ref="website.main_menu"/>
<field name="sequence" type="int">21</field>
</record>
<record id="menu_shop_dealer" model="website.menu">
<field name="name">menu3</field>
<field name="url">/shop_dealer</field>
<field name="parent_id" ref="website.main_menu"/>
<field name="sequence" type="int">22</field>
</record>
Add groups like this.
<field name="groups" eval="[(6, 0, [ref('base.group_user')])]"/>
Or write access rule in csv.
Add groups attribute.
groups="base.group_user"
example:
<record id="menu_shop_dealer" model="website.menu">
<field name="name">menu3</field>
<field name="url">/shop_dealer</field>
<field name="parent_id" ref="website.main_menu"/>
<field name="sequence" type="int">22</field>
<field name="groups">base.group_user</field>
</record>

How to restrict access to partners by create_uid

I need to limit user access only to partners added himself.
That's what I have made:
security.xml of my module:
<odoo>
<data noupdate="1">
<record model="ir.rule" id="partner_access_user_rule">
<field name="name">Parners only for editors</field>
<field name="model_id" ref="base.model_res_partner"/>
<field name="domain_force"> [('create_uid','=',user.id)] </field>
<field name="groups" eval="[(4,ref('base.group_user'))]"/>
</record>
</data>
</odoo>
Update I have changed ref="base.model_res_partner" as Lucas told, and my module have installed, but the rule didn't uppear in settings > security>"record rules" and didn't apply. I've added record rule via web interface and it works. How I to export it to apply to my module? The record rule settings I've added to question.
Export file:
id,"perm_create","perm_unlink","perm_read","perm_write","domain_force","groups/id","name","model_id/id"
__export__.ir_rule_97,"True","True","True","True","[('create_uid','=',user.id)]","base.group_user","Partners only for editors","account.model_res_partner"
Your code is looking for the model res.partner on mail.partner.access, when it should look on base.
Try the following:
<field name="model_id" ref="base.model_res_partner"/>
If your row-level access rule doesn't work, create and test it using Odoo interface, export it to csv and change your original XML. Or create xml directly from CSV (look at attached picture). In my case I've found mistake: model_id should refer to base.model_res_partner

How to give access rights to users with certain conditions?

If there are four records created by four users. The Manager can be able to see all the records of all users. But a user should not be able view another user's record.
user – Can create/view/edit only his/her own record.
This is my need.
Thank You in advance.
you need to create ir.rules. For example in your case it would be something like this:
For administrators:
<record id="manager_rule" model="ir.rule">
<field name="name">My first rule</field>
<field name="model_id" ref="model_your_model"/>
<field name="domain_force">[(1,'=',1)]</field>
<field name="groups" eval="[(4,ref('your_manager_group'))]"/>
</record>
For other users:
<record id="others_rule" model="ir.rule">
<field name="name">My second rule</field>
<field name="model_id" ref="model_your_model"/>
<field name="domain_force">[('user_id','=',user.id)]</field>
<field name="groups" eval="[(4,ref('base.group_user'))]"/>
</record>
For more information about access rules you could visit odoo_security, access_rules.
I hope this help you!
Your problem solved using domain like
Eg.
domain = [('user_id','=',user.id)]
i hope it helps you

Resources