Odoo 16 Development Book

Setting Access Right

We need to define who can create, read, update and delete records on adding a new data model. This includes defining a new user group when we create a new app. Odoo will not display our menus and views if we don’t have access rights.

In Odoo, we can add as many users as we need, and only the user has access to the database. We can also decide the type of information the user can access by giving access rights.

Odoo has two major data-driven approaches in order to regulate or restrict data access. Both are assigned to specific users via groups. A user can be a member of any number of groups, and the security mechanism is related to groups, which allows security mechanisms to be applied to users.

Now let us create a security directory on the module and add the ir.model.access.csv file to that.

Scenarios are

  • All can see every record.
  • Admins are a new group of users. They have to create, read, update, and delete the records.

Setting Access Rights

In order to create access rights, consider the following steps

1. Create a file security > groups.xml

<record id="new_user_group" model="res.groups">
            <field name="name">user</field>
            <field name="users" eval="[(4, ref(base.group_user'))]"/>

2.Add a file security> ir.model.access.csv



3. Add the files into the __manifest__.py

<record id="new_user_group" model="res.groups">
            <field name="name">user</field>
            <field name="users" eval="[(4, ref(base.group_user'))]"/>


Cybrosys Technologies Pvt. Ltd.
Neospace, Kinfra Techno Park
Kakkancherry, Calicut
Kerala, India - 673635



Cybrosys Limited
Alpha House,
100 Borough High Street, London,
SE1 1LB, United Kingdom



Cybrosys Technologies Pvt. Ltd.
1st Floor, Thapasya Building,
Infopark, Kakkanad,
Kochi, India - 682030.



Cybrosys Techno Solutions
The Estate, 8th Floor,
Dickenson Road,
Bangalore, India - 560042

Send Us A Message