Geek Answers Handbook

How to restrict an employee to delete a calendar event in Odoo?

I tried to remove the delete access in the folder calendar-> security → calendar_event_all, but gave no result

access_calendar_attendee_employee,calendar.attendee_employee,model_calendar_attendee,base.group_user,1,1,1,1

this is the access security string in the calendar security csv file

+6
source share
4 answers

you change the access right below for the calendar event:

 access_calendar_event_all_employee,calendar.event_all_employee,model_calendar_event,base.group_user,1,1,1,0

Limited calendar event for database base.group_user = Employee.

if you want to create your own group add the following code like

Example:

  <record model="res.groups" id="group_user"> <field name="implied_ids" eval="[(4, ref('group_no_one'))]"/> <field name="users" eval="[(4, ref('base.user_root'))]"/> </record>
0
source

The idea here is, try overriding the unlock method

 def unlink(self,cr,uid,ids,context=None): ... ...

like whenever we try to delete an entry, the unlink method is called, and in uid, the current user ID. therefore, if you want to limit deletion to all users, then throw an exception in the method with some appropriate message. If you want to limit deletion to other users, compare the current uid with the uid record type. If they differ from each other, then exception exclusion is otherwise permitted.

0
source

You can use JavaScript to control your goal. Create a JS file in your src/static folder of your custom module and add this code (do not forget to include this JS file in the data __openerp__.py your module):

 openerp.your_module_name = function(instance) { var _t = instance.web._t; var Users = new openerp.web.Model('res.users'); var Events = new openerp.web.Model('calendar.event'); instance.web_calendar.CalendarView.include({ remove_event: function(id) { var self = this; do_removal = function() { return $.when(self.dataset.unlink([id])).then(function() { self.$calendar.fullCalendar('removeEvents', id); }); }; confirm_removal = function() { if (self.options.confirm_on_delete) { if (confirm(_t("Are you sure you want to delete this record?"))) { do_removal(); } } else { do_removal(); } }; Users.call('has_group', ['put_here_the_module_name_where_the_group_which_can_remove_is_declared.put_here_the_group_which_can_remove']) .done(function(result) { if (result == true) { confirm_removal(); } else { alert(_t("Your user has not permission to delete this event")); } }); },

With this code, only users belonging to the specified group (in the Users.call method) can delete calendar events (they will receive a confirmation dialog: are you sure you want to delete this entry?). Users who do not belong to this group will receive a warning message: your user does not have permission to delete this event.

0
source

You can extend the unlock method like this.

 from openerp import models, api, exceptions class CalendarEvent(models.Model): _inherit = "calendar.event" @api.multi def unlink(self): for record in self: if record.create_uid != self.uid: raise exceptions.Warning(('Error'), ('You cannot delete an event that you did not create.')) return super(ClassName, self).unlink()

You can use recording rules

 <record model="ir.rule" id="calendar_event_rule"> <field name="name">Calendar Event : cannot delete someone else event</field> <field name="model_id" ref="model_calendar_event"></field> <!-- Omitting group as you want it to be global --> <field name="domain_force">[('create_uid', '!=', user.id)]</field> <field eval="0" name="perm_write"></field> <field eval="1" name="perm_read"></field> <field eval="0" name="perm_unlink"></field> <field eval="1" name="perm_create"></field> </record>

Please note that with this rule they will also not be able to edit it.

0
source

More articles:


All Articles