Setting Access Right
We need to define who can create, read, update and delete records on adding a new data model. This includes defining a new user group when we create a new app. Odoo will not display our menus and views if we don’t have access rights.
In Odoo, we can add as many users as we need, and only the user has access to the database. We can also decide the type of information the user can access by giving access rights.
Odoo has two major data-driven approaches in order to regulate or restrict data access. Both are assigned to specific users via groups. A user can be a member of any number of groups, and the security mechanism is related to groups, which allows security mechanisms to be applied to users.
Now let us create a security directory on the module and add the ir.model.access.csv file to that.
Scenarios are
- All can see every record.
- Admins are a new group of users. They have to create, read, update, and delete the records.
Setting Access Rights
In order to create access rights, consider the following steps
1. Create a file security > groups.xml
<record id="new_user_group" model="res.groups">
<field name="name">user</field>
<field name="users" eval="[(4, ref(base.group_user'))]"/>
</record>
2.Add a file security> ir.model.access.csv
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
access_visa_application,access.visa.application,model_visa_application,,1,1,1,1
3. Add the files into the __manifest__.py
<record id="new_user_group" model="res.groups">
<field name="name">user</field>
<field name="users" eval="[(4, ref(base.group_user'))]"/>
</record>