Record rules in Odoo are used to define conditions that control a
user’s access to specific records within a model. These rules act as
filters, determining whether users can create, read, update, or
delete records based on certain criteria. Record rules are typically
assigned to user groups, allowing you to either grant or restrict
access to records dynamically at runtime.
Below is an example of how to define a record rule that limits users
to viewing only the records they have created:
<record id="school_student_rule" model="ir.rule">
<field name="name">Student Records</field>
<field name="model_id" ref="model_school_student"/>
<field name="domain_force">[('user_id', '=', user.id)]</field>
<field name="groups" eval="[(4, ref('school_management.school_management_student'))]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="False"/>
<field name="perm_create" eval="False"/>
<field name="perm_unlink" eval="False"/>
</record>
Breakdown of the Record Rule Components:
- id: A unique external identifier for the record rule.
- name: The display name that will appear in the user
interface.
- model_id: Specifies the model the rule applies to,
using a reference in the format model_.
Example:If the model is school.student, the reference
becomes model_school_student.
- domain_force: Defines the condition or filter that
restricts access to specific records based on field values.
- groups: Indicates which user groups the rule applies
to. The eval syntax with (4, ref(...)) is used to link the
group.
- perm_read, perm_write, perm_create, perm_unlink:
Boolean fields that determine whether the user has permission to
perform the respective operations. A value of True grants
access, while False restricts it.