admin/Odoo-Modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
35399170b3a06a1b6f453a16cecd2f66559d4994
Odoo-Modules/fusion_faxes/security/security.xml
gsinghpal 34e5b46025 fix: comprehensive permission overhaul for fusion_faxes and fusion_ringcentral 
Users without fax/RC groups could not open Sale Orders, Invoices, or
Contacts because the One2many computed fields triggered AccessError
on fusion.fax. Now base.group_user gets read-only access so computed
fields work silently, while all UI elements (smart buttons, header
buttons, menus, partner fields, settings) are restricted to the
proper security groups. Both modules now use Odoo 19 privilege
pattern for the user settings dropdown.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-25 11:52:06 -05:00

66 lines
2.9 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?>
<odoo>
<!-- Module category (appears in Settings > Users) -->
<record id="module_category_fusion_faxes" model="ir.module.category">
<field name="name">Fusion Faxes</field>
<field name="sequence">47</field>
</record>
<!-- Privilege (Odoo 19 user settings dropdown) -->
<record id="res_groups_privilege_fusion_faxes" model="res.groups.privilege">
<field name="name">Fusion Faxes</field>
<field name="sequence">47</field>
<field name="category_id" ref="module_category_fusion_faxes"/>
</record>
<!-- User group: can send faxes and view own fax history -->
<record id="group_fax_user" model="res.groups">
<field name="name">User</field>
<field name="sequence">10</field>
<field name="implied_ids" eval="[(4, ref('base.group_user'))]"/>
<field name="privilege_id" ref="res_groups_privilege_fusion_faxes"/>
</record>
<!-- Manager group: can view all faxes and configure settings -->
<record id="group_fax_manager" model="res.groups">
<field name="name">Manager</field>
<field name="sequence">20</field>
<field name="implied_ids" eval="[(4, ref('group_fax_user'))]"/>
<field name="privilege_id" ref="res_groups_privilege_fusion_faxes"/>
<field name="user_ids" eval="[(4, ref('base.user_root')), (4, ref('base.user_admin'))]"/>
</record>
<data noupdate="0">
<!-- Base users can read fax records (needed for One2many computed fields on sale.order etc.) -->
<record id="rule_fax_base_read" model="ir.rule">
<field name="name">Fax: all internal users read-only</field>
<field name="model_id" ref="model_fusion_fax"/>
<field name="domain_force">[(1, '=', 1)]</field>
<field name="groups" eval="[(4, ref('base.group_user'))]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="False"/>
<field name="perm_create" eval="False"/>
<field name="perm_unlink" eval="False"/>
</record>
<!-- Fax users see only their own faxes (full CRUD minus unlink) -->
<record id="rule_fax_user_own" model="ir.rule">
<field name="name">Fax: user sees own faxes</field>
<field name="model_id" ref="model_fusion_fax"/>
<field name="domain_force">[('sent_by_id', '=', user.id)]</field>
<field name="groups" eval="[(4, ref('group_fax_user'))]"/>
</record>
<!-- Managers see all faxes -->
<record id="rule_fax_manager_all" model="ir.rule">
<field name="name">Fax: manager sees all faxes</field>
<field name="model_id" ref="model_fusion_fax"/>
<field name="domain_force">[(1, '=', 1)]</field>
<field name="groups" eval="[(4, ref('group_fax_manager'))]"/>
</record>
</data>
</odoo>
Reference in New Issue View Git Blame Copy Permalink