+91 9818211679, +91 9998040067       [email protected]

How To Create "Access Rights" In Custom Module

Access rights are rules that define the access a user can have on a particular object. Each access right is associate to a model, a group, and a set of permissions: read, write, create, unlink(delete). Access rights are usually created in a CSV file, and its model name is ir.model.access.csv.

Earlier, there was no need to create any access right or CSV file while installing a module. But starting Odoo 12, we need to provide access rights manually to any custom model that we create. A user will only be able to use the features he was granted to access.

Through access rights, we can control the user’s access on a module.

Create a Access Rights

First of all, we need to create a security folder. This folder needs to be placed inside our module.

create access rights in custom module

After that,  create an ir.model.access.csv file & security.xml file. This file needs to be placed inside the security folder.

create access rights in custom module

The given file is ir.model.access.csv file.

create access rights in custom module

In this file, we create two groups, first is manager and second is a user. Manage, and user have different level rights according to their own needs.

n this code:- id, name, model_id/id, group_id/id, perm_read, perm_write, perm_create, perm_unlink

   id - We can write any unique name in the id.

   name – We can write any name, which you want.

   model_id/id – Write the model name of your class. Syntax: model_id/id- model is a default syntax, then we write a model name(Ex- product_details) like this: model_product_details.

   group_id/id – Here we write the group name(id), which we created in (.xml) file like this: group_manager. Here manager specifies that this rule is for manager group.

create access rights in custom module

Now that we have written the groups in the CSV file, we have the rules, but in the CSV file, they link to a (group_manager & group_user), which we still have not made anywhere.

So, let’s create .xml file:-

First of all, we create a category because groups are defined under the category.

create access rights in custom module

In this code:         

          id=”module_shop_management” , id is also a unique id.

          Shop is the category name of this group.

Then we’ll create a group after creating a category:

create access rights in custom module

In this code we have created two groups named Shop Manager and Shop User, you can call (name) it whatever you want.

           Each groups id have a unique id.

           ref=”module_shop_management”, reference name and category id are the same because groups under the category.

Then we’ll set the permissions of different users, where 1means True and 0 means False:

create access rights in custom module

In this code:

           ref=”model_product_details” it is the main model name of your class.

           eval=”[(4, ref(‘shop.group_manager/user’))]”    in this code school is the category name(base) and group_manager/user is the group name, which we created.

                       4, ref(‘id’) that means adds an existing record of id to the set. Can not be used on One2many.

Domain Force = we can also use domain force. Domain force can be used to apply domain on our groups so that we can limit a specific field/fields to a particular user based on this domain. Mostly this domain force is used for the ‘user’ groups to apply certain limitations.

Finally, your .xml code looks like this:

create access rights in custom module

At the end, we need to add both files in __manifest__.py file of our module.

create access rights in custom module

Creating Access Rights For Menu Item

In this section, we’ll be discussing how to create access rights on the menu item.

Menu item is used to create menus for our views so that they are easily accessible.

First of all, we’ll create a menu item:

create access rights in custom module

In this code,

   id = unique id

   name = name of our menu

   parent = if this menu is the child of another menu, then we mention the id of the parent menu


Then we’ll add the security(or permissions) for this menu item using groups:

create access rights in custom module

Here, groups = the custom groups that we have created for restricting the access right of our menu item. You can also mention the id of the view that is called inside the action.

Final .xml code for menu:

create access rights in custom module

You can also use these groups using the syntax:

           “groups = your group name,”

inside any field, groups, pages of your view file to limit their access to those particular groups.

If You have any query related to Odoo, feel free to ask in comment section.

You Can Contact Kanak Infosystems LLP. For Odoo & Open Soure ERP Services with best Client Support. We also provide Customized Odoo Apps & Themes. Check out our latest apps on Odoo App Store and KanakInfosystems App Store. You can Call Us on @ +91-9818211679, 011-42143250 or mail us at [email protected]

There are no comments for now.