A Game-Changer That Simplifies Odoo User Access Rights Management

Table of Contents

Odoo user access rights

Managing user access in Odoo can be a daunting task, especially for companies with numerous employees. Each user must have tailored access rights, specific to their roles and responsibilities within the company.

Odoo provides functionalities for system administrators to create user accounts and define access rights for various Odoo applications. However, configuring these permissions can be a technical and time-consuming process, particularly for those unfamiliar with the system.

To simplify this process, at Havi Technology, we have developed a custom solution that streamlines user access rights in Odoo, eliminating complexity and saving valuable time for companies. Let’s explore this solution in detail.

Odoo user permission and its challenges

User permissions are a fundamental aspect of user management, granting access to specific resources like Odoo applications, files, and data sources. They determine:

  • The level of access employees has within the system. For instance, a Warehouse staff may have access to process customer orders by picking and packing items for shipment but not modify order pricing. A Purchasing staff can create purchase orders, specifying the items, quantities, and preferred vendors without the ability to approve or finalise orders

  • Specific functions a user can perform based on their role. For example, administrators can configure settings or assign permissions to other users.

User permission ensures that employees can efficiently perform their tasks while maintaining data security and privacy.

With the Odoo platform, administrators can create new user accounts and grant access rights to each user or a group of users in relation to various Odoo applications. However, in real life, configuring Odoo access rights to users presents certain challenges for companies, such as:

  • Manually configuring and verifying permissions for each Odoo application can be a time-consuming and error-prone task

  • Assigning users to different groups of users requires meticulous attention to avoid access issues. In some cases, this process can become messy and burdensome, leading to frustration for both administrators and end-users

  • Managing users with identical permissions manually can also lead to wasting your valuable time.

That’s why we want to help companies simplify their user permissions management in Odoo with a custom solution.

Our custom solution to simplify Odoo user permissions management

Based on our research and understanding of the companies’ needs, Havi Technology has developed a custom module that simplifies your user permissions management with Odoo. This module will help you have role-based user management. 

Here’s how it works:

1. Define the main groups of roles within your organisation

2. Configure specific Odoo access rights for these groups of roles

3. When you have new users, instead of individually setting permissions for each user, you only need to create new user accounts and assign them to the relevant group of roles, and they will inherit the predefined permissions associated with that group. 

This module eliminates complexity and ensures that employees have the right level of access to the Odoo applications and data they need to perform their roles effectively while maintaining data security and control.

Here is a detailed explanation of how this module can help you enhance user permission management.

Manage access rights for menus or sub-menus of any Odoo applications 

The module provides you with a feature that allows you to hide any irrelevant menus or sub-menus from any users. This ensures that users only see and access Odoo apps and menus relevant to their responsibilities. 

Menu restriction by groups or users

For example:

  • Permitting warehouse staff to access only certain Odoo applications such as Inventory and Manufacturing apps. This means that they can only see two apps on the home screen when accessing your Odoo system
  • Allowing sales staff to access only Sales and CRM modules
  • Providing purchasing staff access only to Purchase, Inventory, and Manufacturing apps.

Odoo user permission - menus

Manage the level of access to any data fields

With this module, you can now control access rights to any data filed for your employees, making them read-only, invisible, or non-creatable to ensure data accuracy and privacy.

  • Read-only: When you check this option, users can solely view fields and are unable to make any modifications within the system

  • Invisible: If you wish to conceal fields from users, simply mark this checkbox

  • No create: Select this option if you wish to restrict users from generating new fields within the system

  • No quick create: Enable this checkbox if you wish to prevent users from swiftly editing fields within the system.

field restriction by groups or users

Let’s see real-life examples below:

  • Allowing inventory staff to view stock transfers, adjustments, manufacturing orders, and bills of materials while restricting access to all financial information including sales pricing or product costs.

With Odoo default: Show all of the product information

Odoo user permission - inventory with cost

With Havi's module: Hide all financial information including sales pricing or product costs.

Odoo user permission - no cost

  • Enabling sales staff to only view projects and associated tasks, with no access to financial information on the project page

  • Granting purchase staff access to only Request for Quote (RFQ), and Purchase Order (PO) if they are assigned to which they are working. However, they cannot see the dollar amount info in the RFQ/PO.

Control access rights to buttons/ tabs/ labels

You can hide any buttons, label tag elements, and tabs from the view of users or groups of users for any model.

 

view restrictions

  • Hiding the “Request for Quote” button for a specific group or user

  • Concealing labels that display product price or cost.

Define Odoo access rights to model domains

You can configure read, write, create, and delete access rights of any model for the chosen users only. Also, you can tailor the domain to access model records based on specific fields.

Odoo user access rights- model restriction

Odoo domain restriction

For examples:

  • Domain restriction: You decide to restrict access to the “Stock Valuation” field within the inventory model for these warehouse staff. This means they can view all other information related to inventory but won’t have access to the valuation details

  • Model restriction: You may choose to restrict the creation of new inventory locations for this group of warehouse staff. With this restriction, they won’t be able to create new locations within the inventory system from any source. If they attempt to do so, the system will provide a warning

It’s important to note that you can configure access rights for a group of users or for a specific individual. For instance, if you need to assign special access rights to a specific user only, then you can set up it for that user only.

Conclusion

Simplifying user permission management in Odoo will save you time and enable you to focus on growing your business. With Havi’s solution, you can ensure that employees have the right level of access to perform their roles effectively while maintaining data security, making Odoo a powerful asset for your business operations. 

If you’re interested in exploring more about how our solution works for your business, don’t hesitate to reach out to us with your detailed requirements.

Frequently asked questions

1. What is a user in Odoo?

In Odoo, a user is an individual who interacts with the system, typically employees, managers, or other stakeholders who require access to Odoo’s applications. Each user has a unique login, and their activities and access can be controlled and monitored.

Odoo provides a flexible method for handling security and user access. Users can be assigned to multiple groups, and groups can be inherited to easily manage complex Odoo security and access restrictions. 

 If you'd like to learn about creating users, see Manage Users.

2. What is a group in Odoo?

In Odoo, a group of users is a way to categorise and manage users based on their roles or responsibilities within a company. Think of it as creating different teams or departments within your organisation.

From a business perspective, let's say you have a medium-sized company with various departments like Sales, Marketing, and Accounting. Each department has employees who need access to specific tools and data related to their job functions. In this scenario, you can create user groups in Odoo, such as "Sales Team," "Marketing Team," and "Accounting Team."

3. What are Odoo's access rights?

Odoo access rights rules are the first level of rights that define a user’s access to a particular object. These global rights are defined per document type or model. For example, you can define access rights for accounting/accountant group users to read, write, create, and delete access to accounts/charts of account records.

4. What are Odoo record rules?

Odoo record rules are the second layer of editing and visibility rules. They overwrite or refine access rights using domains, which are conditions used to filter or search data. For each rule, you can specify read, write, create, and delete values. For example, a user can only see invoices of the companies they belong to.

5. What is a Model or domain in Odoo?

In Odoo, a “model” typically refers to a database table or an object in the Odoo data model. You can define models in Odoo to represent various entities such as customers, products, sales orders, and more. These models can have fields, methods, and various other attributes that define their behavior.