CriptoMart/addons-cm
2
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
addons-cm/website_sale_aplicoop/security/record_rules.xml

77 lines
4.1 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?>
<odoo>
<data>
<!-- Record Rule: Users can read only their company orders -->
<!-- Record Rule: Internal users (no specific group) - restrict to company + groups -->
<record id="rule_group_order_user_company_read_internal" model="ir.rule">
<field name="name">group.order: internal users company access read</field>
<field name="model_id" ref="model_group_order"/>
<field name="groups" eval="[(4, ref('base.group_user'))]"/>
<field name="domain_force">[('company_id', 'in', user.company_ids.ids)] if not user.share else [(0, '=', 1)]</field>
<field name="perm_read">1</field>
<field name="perm_write">0</field>
<field name="perm_create">0</field>
<field name="perm_unlink">0</field>
</record>
<record id="rule_group_order_company_read" model="ir.rule">
<field name="name">group.order: company + group access read</field>
<field name="model_id" ref="model_group_order"/>
<field name="groups" eval="[(4, ref('website_sale_aplicoop.group_group_order_user'))]"/>
<field name="domain_force">[('company_id','=', user.company_id.id)] if not user.share else [(0, '=', 1)]</field>
<field name="perm_read">1</field>
<field name="perm_write">0</field>
<field name="perm_create">0</field>
<field name="perm_unlink">0</field>
</record>
<!-- Record Rule: Managers can read/write their company orders -->
<record id="rule_group_order_company_write" model="ir.rule">
<field name="name">group.order: company access write</field>
<field name="model_id" ref="model_group_order"/>
<field name="groups" eval="[(4, ref('website_sale_aplicoop.group_group_order_manager'))]"/>
<field name="domain_force">[('company_id', '=', user.company_id.id)]</field>
<field name="perm_read">1</field>
<field name="perm_write">1</field>
<field name="perm_create">1</field>
<field name="perm_unlink">1</field>
</record>
<!-- Record Rule: Admins have global unrestricted access -->
<record id="rule_group_order_manager_global" model="ir.rule">
<field name="name">group.order: manager global access</field>
<field name="model_id" ref="model_group_order"/>
<field name="groups" eval="[(4, ref('base.group_erp_manager'))]"/>
<field name="domain_force">[]</field>
<field name="perm_read">1</field>
<field name="perm_write">1</field>
<field name="perm_create">1</field>
<field name="perm_unlink">1</field>
</record>
<!-- Record Rule: Portal users can read only orders from their company and assigned consumer groups -->
<record id="rule_group_order_portal_read" model="ir.rule">
<field name="name">group.order: portal access read (company + consumer group)</field>
<field name="model_id" ref="model_group_order"/>
<field name="groups" eval="[(4, ref('base.group_portal'))]"/>
<field name="domain_force">[('company_id', '=', user.company_id.id), ('group_ids', 'in', user.partner_id.group_ids.ids)]</field>
<field name="perm_read">1</field>
<field name="perm_write">0</field>
<field name="perm_create">0</field>
<field name="perm_unlink">0</field>
</record>
<!-- Record Rule: Portal users can read product.supplierinfo (for eskaera_shop) -->
<record id="rule_product_supplierinfo_portal_read" model="ir.rule">
<field name="name">product.supplierinfo: portal read access</field>
<field name="model_id" ref="product.model_product_supplierinfo"/>
<field name="groups" eval="[(4, ref('base.group_portal'))]"/>
<field name="domain_force">[(1, '=', 1)]</field>
<field name="perm_read">1</field>
<field name="perm_write">0</field>
<field name="perm_create">0</field>
<field name="perm_unlink">0</field>
</record>
</data>
</odoo>
Reference in a new issue View git blame Copy permalink