New

Unlock the Power of Odoo with Cybrosys Mobile App

Google Play Store App Store
< Prev Next >

Development Book V18: Access rights

Access rights in a database system are fundamental rules that determine how users can interact with different objects. These permissions follow the CRUD principle—Create, Read, Update, and Delete—each representing a specific type of interaction:

  • Create: Allows users to add new records for a given object.
  • Read: Grants users permission to view existing records.
  • Update: Enables users to make changes to existing records.
  • Delete: Authorizes users to remove records from the system.

In Odoo, these access rights also influence the user interface—menus and views associated with a model are only visible to users with the necessary permissions.

Users in a database are identified through their login credentials and are considered unique entities. By default, a new user has no access privileges. It’s important to understand that not every employee in an organization is an Odoo user—only those who actively use the platform are considered as such.

Odoo enforces access control using two primary mechanisms: group-based permissions and custom logic. A user can belong to multiple groups, and access rights are typically assigned to these groups, thereby applying those rights to all group members.

When building a custom model in Odoo, user access to that model must be explicitly defined. This is handled through the security directory within the module. The key file responsible for managing these permissions is ir.model.access.csv , which outlines the access rules assigned to various user groups.

Consider the following example, which demonstrates how to define access rights for a custom model in Odoo using the ir.model.access.csv file: 

id,name,model_id/id,group_id/id,perm_read,perm_write,perm_create,perm_unlink
access_test_model, access_test_model, model_test_model, base.group_user,1,0,0,0

Breakdown of ir.model.access.csv Fields:

  • id: A unique external identifier for the access rule.
  • name: A descriptive name for the access control entry.
  • model_id/id: Specifies the target model for which access is being defined, typically written as model_.
  • group_id/id: Indicates the user group that the access rule applies to.
  • >perm_read, perm_write, perm_create, perm_unlink: Represent the access permissions—Read, Write, Create, and Delete (unlink), respectively—where 1 enables the permission and 0 disables it.

Registering the Access File:

To ensure that these access rules are recognized by Odoo, you must declare the ir.model.access.csv file in your module’s __manifest__.py:

'data': [
   'security/ir.model.access.csv',
],
< Prev Next >
whatsapp_icon
location

Calicut

Cybrosys Technologies Pvt. Ltd.
Neospace, Kinfra Techno Park
Kakkancherry, Calicut
Kerala, India - 673635

location

Kochi

Cybrosys Technologies Pvt. Ltd.
1st Floor, Thapasya Building,
Infopark, Kakkanad,
Kochi, India - 682030.

location

Bangalore

Cybrosys Techno Solutions
The Estate, 8th Floor,
Dickenson Road,
Bangalore, India - 560042

Send Us A Message


Quick Links

Services

Reference

STAY IN TOUCH

phone +91 8606827707

envelope info@cybrosys.com

whatsapp +91 8606827707

Connect socially

facebook twitter facebook linkedin instagram youtube

Copyright © 2025 Cybrosys Technologies. All Rights Reserved. Privacy Policy