Controlling Field Visibility and Access in Odoo
Odoo offers granular control over how users interact with data by allowing you to restrict field visibility and access based on user permissions. This ensures sensitive information is only accessible to authorized personnel.
Let’s consider a scenario where the “Reduced Price” field needs to be read-only for users who lack the “Allow Changes to Reduced Price” permission. We’ll achieve this in two steps:
Creating a Permission Group:
We’ll define a new group in the security.xml file. This group will grant users the ability to modify “Reduced Price” values.
<field name=”name”>Allow changes to reduced price</field>
<field name=”category_id” ref=”base.module_category_sales_sales”/>
</record>
Implementing Field-Level Access Control:
Within the relevant Odoo model, we’ll introduce a new Boolean field named “can_edit_reduced_price”. This field will dynamically determine whether a user belongs to the “Allow Changes to Reduced Price” group.
@api.depends()
def _compute_can_edit_reduced_price(self):
group_reduced_price = self.env.ref(‘custom_module.group_reduced_price’, raise_if_not_found=False)
self.can_edit_reduced_price = bool(group_reduced_price and self.env.user in group_reduced_price.users)
Finally, we’ll leverage the can_edit_reduced_price field in the view’s XML definition to control the “Reduced Price” field’s read-only behavior.
<field name=”can_edit_reduced_price” invisible=”1″/>
The readonly attribute ensures the “Reduced Price” field becomes read-only when can_edit_reduced_price is False.
The invisible attribute hides the “can_edit_reduced_price” field from the user interface, maintaining a clean view.
Let’s explore another scenario where the “Reduced Price” field should only be visible and accessible to users with the “Allow Changes to Reduced Price” permission. This can be achieved in a simpler way compared to the previous method.
Within the Python code for your Odoo model, you can directly control access during field definition. Here’s how:
In this situation we can directly control the access in the field definition itself in python.
‘Reduced Price’,groups=”custom_module.group_reduced_price”,
help=”Reduced Price”)
By setting the groups attribute to “custom_module.group_reduced_price”, you ensure that only users belonging to that group can view and interact with the “Reduced Price” field. This approach offers a more concise way to manage field-level permissions.
Remember, both methods (using a computed field and direct field definition) achieve the same goal of restricting access based on user groups. The choice depends on your specific needs and code structure.
