Record Rules
Records are filtered depending on record rules while accessing an object. So filters that restrict the records of an item a group can access are record rules or access filters. Each record has a set of requirements that must be met in order for it to be generated, read, updated (written), or removed. Records are filtered, so they don't match the requirements. Record rules can grant or reject access to individual records.
Let’s consider the below code for the record rule creation,
<record id="school_student_rule" model="ir.rule">
<field name="name">Student Records</field>
<field name="model_id" ref="model_school_student"/>
<field name="domain_force">[('user_id', '=', user.id)]</field>
<field name="groups" eval="[(4, ref('school_management.school_management_student'))]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="False"/>
<field name="perm_create" eval="False"/>
<field name="perm_unlink" eval="False"/>
</record>
As per the above code, going to create a record on ‘ir.rule’ model.
- ‘id’ of the record should be unique.
- ‘name’ is the name of record, which will be shown in the user interface.
- ‘model_id’ indicates the model where we are going to use this record rule. So the ref becomes model_modelname. Here model name is school_student, so ref = model_school_student
- ‘domain_force’ acts as a filter for this record.
- ‘groups’ indicate the groups which are going to use this record rule.
- And finally, we can set up the permission to read, write, create and unlink. If the ‘eval’ is true means, we have permission. If it is false, we don't have permission.
We can access record rules from the user interface. Activate the debug mode. Go to settings -> Technical -> Record rules.