admin/Odoo-Modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3e59f9d5f6e3d50381c055a4334ea6e59a622486
Odoo-Modules/fusion_authorizer_portal/security/portal_security.xml
gsinghpal 3e59f9d5f6 fix: simplify fusion_claims permission dropdown and restrict settings access 
Remove privilege_id from portal groups so they no longer appear in the
User settings dropdown (they are auto-assigned from Contact form).
Restrict Fusion Claims settings view to managers only.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-25 12:41:20 -05:00

138 lines
6.3 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?>
<odoo>
<!-- Portal Groups (auto-assigned from Contact form Portal Access tab) -->
<record id="group_authorizer_portal" model="res.groups">
<field name="name">Authorizer Portal User</field>
<field name="comment">Portal users who are Authorizers (OTs/Therapists)</field>
</record>
<record id="group_sales_rep_portal" model="res.groups">
<field name="name">Sales Rep Portal User</field>
<field name="comment">Portal users who are Sales Representatives</field>
</record>
<record id="group_technician_portal" model="res.groups">
<field name="name">Technician Portal User</field>
<field name="comment">Portal users who are Field Technicians for deliveries</field>
</record>
<!-- Authorizer Comment Access Rules -->
<record id="rule_comment_authorizer_own" model="ir.rule">
<field name="name">Authorizer: Own Comments</field>
<field name="model_id" ref="model_fusion_authorizer_comment"/>
<field name="domain_force">[('author_id', '=', user.partner_id.id)]</field>
<field name="groups" eval="[(4, ref('base.group_portal'))]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="True"/>
<field name="perm_create" eval="True"/>
<field name="perm_unlink" eval="False"/>
</record>
<record id="rule_comment_view_on_order" model="ir.rule">
<field name="name">Portal: View Comments on Assigned Orders</field>
<field name="model_id" ref="model_fusion_authorizer_comment"/>
<field name="domain_force">[
'|',
('sale_order_id.x_fc_authorizer_id', '=', user.partner_id.id),
('sale_order_id.user_id', '=', user.id),
('is_internal', '=', False)
]</field>
<field name="groups" eval="[(4, ref('base.group_portal'))]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="False"/>
<field name="perm_create" eval="False"/>
<field name="perm_unlink" eval="False"/>
</record>
<!-- ADP Document Access Rules -->
<record id="rule_document_portal_read" model="ir.rule">
<field name="name">Portal: Read Documents on Assigned Orders</field>
<field name="model_id" ref="model_fusion_adp_document"/>
<field name="domain_force">[
'|',
('sale_order_id.x_fc_authorizer_id', '=', user.partner_id.id),
('sale_order_id.user_id', '=', user.id)
]</field>
<field name="groups" eval="[(4, ref('base.group_portal'))]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="False"/>
<field name="perm_create" eval="False"/>
<field name="perm_unlink" eval="False"/>
</record>
<record id="rule_document_authorizer_create" model="ir.rule">
<field name="name">Authorizer: Create Documents on Assigned Orders</field>
<field name="model_id" ref="model_fusion_adp_document"/>
<field name="domain_force">[
('sale_order_id.x_fc_authorizer_id', '=', user.partner_id.id),
('document_type', '!=', 'submitted_final')
]</field>
<field name="groups" eval="[(4, ref('base.group_portal'))]"/>
<field name="perm_read" eval="False"/>
<field name="perm_write" eval="False"/>
<field name="perm_create" eval="True"/>
<field name="perm_unlink" eval="False"/>
</record>
<!-- Assessment Access Rules -->
<record id="rule_assessment_authorizer" model="ir.rule">
<field name="name">Authorizer: Own Assessments</field>
<field name="model_id" ref="model_fusion_assessment"/>
<field name="domain_force">[('authorizer_id', '=', user.partner_id.id)]</field>
<field name="groups" eval="[(4, ref('base.group_portal'))]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="True"/>
<field name="perm_create" eval="True"/>
<field name="perm_unlink" eval="False"/>
</record>
<record id="rule_assessment_sales_rep" model="ir.rule">
<field name="name">Sales Rep: Own Assessments</field>
<field name="model_id" ref="model_fusion_assessment"/>
<field name="domain_force">[('sales_rep_id', '=', user.id)]</field>
<field name="groups" eval="[(4, ref('base.group_portal'))]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="True"/>
<field name="perm_create" eval="True"/>
<field name="perm_unlink" eval="False"/>
</record>
<!-- Sale Order Access - Extend for Portal -->
<record id="rule_sale_order_authorizer_portal" model="ir.rule">
<field name="name">Authorizer Portal: Assigned Orders</field>
<field name="model_id" ref="sale.model_sale_order"/>
<field name="domain_force">[('x_fc_authorizer_id', '=', user.partner_id.id)]</field>
<field name="groups" eval="[(4, ref('base.group_portal'))]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="False"/>
<field name="perm_create" eval="False"/>
<field name="perm_unlink" eval="False"/>
</record>
<!-- Technician Portal: Access orders assigned for delivery -->
<record id="rule_sale_order_technician_portal" model="ir.rule">
<field name="name">Technician Portal: Assigned Deliveries</field>
<field name="model_id" ref="sale.model_sale_order"/>
<field name="domain_force">[('x_fc_delivery_technician_ids', 'in', [user.id])]</field>
<field name="groups" eval="[(4, ref('base.group_portal'))]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="True"/>
<field name="perm_create" eval="False"/>
<field name="perm_unlink" eval="False"/>
</record>
<!-- Sales Rep Portal: Access own orders for POD -->
<record id="rule_sale_order_sales_rep_portal" model="ir.rule">
<field name="name">Sales Rep Portal: Own Orders</field>
<field name="model_id" ref="sale.model_sale_order"/>
<field name="domain_force">[('user_id', '=', user.id)]</field>
<field name="groups" eval="[(4, ref('base.group_portal'))]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="True"/>
<field name="perm_create" eval="False"/>
<field name="perm_unlink" eval="False"/>
</record>
</odoo>
Reference in New Issue View Git Blame Copy Permalink