Setting up access security
You might have noticed that, upon loading, our module gets a warning message in the server log:
The model todo.task has no access rules, consider adding one.
The message is pretty clear—our new model has no access rules, so it can't be used by anyone yet. We already have the security groups for this app, and we now need to give them access to the app's models.
Note
Before Odoo 12, admin
was a superuser that bypassed access security, and so had automatic access to all data models. In Odoo 12, this is no longer the case, and we need to set up ACLs on new models before the administrator user can see them.
Adding access control security
To get a picture of what information is needed to add access rules to a model, use the web client and go to Settings
| Technical
| Security
| Access Rights
:
Here, we can see the ACL for some models. It indicates, per security group, what actions are allowed on records. This information has to be provided by the module using a data file...