Role Policy

role_policy
REPOSITORY
REPOSITORYOCA/role-policy
GIT
GIThttps://github.com/OCA/role-policy.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/role-policy/tree/13.0/role_policy
VERSION
VERSION 1.3.0
CATEGORY
CATEGORYTools
LICENSE
LICENSEAGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), Noviat
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), Noviat
COMMITTERS
COMMITTERSGitHub, Luc De Meyer, oca-travis, OCA-git-bot, Kevin Graveman, oca-ci, Els Van Vossel, s j
WEBSITE
WEBSITEhttps://github.com/OCA/role-policy
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:34:21
ODOO DEPENDENCIES
ODOO DEPENDENCIES OCA/reporting-engine:
    - report_xlsx_helper
    - report_xlsx
odoo/odoo:
    - mail
    - base
    - base_setup
    - web
    - bus
    - web_tour
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES lxml
xlrd
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (28)
XML IDNameModelTypeStatus
act_report_xml_view ir.actions.report.form ir.actions.report xpath Inherits base.act_report_xml_view
assets_backend amlse assets ir.ui.view qweb Inherits web.assets_backend
edit_menu_access ir.ui.menu.form ir.ui.menu xpath Inherits base.edit_menu_access
ir_actions_client_view_form ir.actions.client.form ir.actions.client form New
ir_actions_client_view_search ir.actions.client.search ir.actions.client search New
ir_actions_client_view_tree ir.actions.client.tree ir.actions.client tree New
res_role_acl_view_search res.role.acl.search res.role.acl search New
res_role_acl_view_tree res.role.acl.tree res.role.acl tree New
res_role_view_form res.role.form res.role form New
res_role_view_search res.role.search res.role search New
res_role_view_tree res.role.tree res.role tree New
role_policy_import_view_form role.policy.import.form role.policy.import form New
role_policy_import_view_form_result role.policy.import.form.result role.policy.import form New
security_policy_tag_view_form security.policy.tag.form security.policy.tag form New
security_policy_tag_view_search security.policy.tag.search security.policy.tag search New
security_policy_tag_view_tree security.policy.tag.tree security.policy.tag tree New
view_groups_form res.groups.search res.groups field Inherits base.view_groups_form
view_groups_search res.groups.search res.groups filter Inherits base.view_groups_search
view_model_operation_view_search view.model.operation.search view.model.operation search New
view_model_operation_view_tree view.model.operation.tree view.model.operation tree New
view_modifier_rule_view_search view.modifier.rule.search view.modifier.rule search New
view_modifier_rule_view_tree view.modifier.rule.tree view.modifier.rule tree New
view_server_action_form ir.actions.server.form ir.actions.server xpath Inherits base.view_server_action_form
view_type_attribute_view_search view.type.attribute.search view.type.attribute search New
view_type_attribute_view_tree view.type.attribute.tree view.type.attribute tree New
view_users_form res.users.form res.users xpath Inherits base.view_users_form
view_users_form_simple_modif res.users.preferences.form res.users field Inherits base.view_users_form_simple_modif
view_window_action_form ir.actions.windows.form ir.actions.act_window xpath Inherits base.view_window_action_form
Models touched (22)

New fields (0)

No new fields.

Public methods (1)
  • user_has_groups(self, groups)
    @api.model
    Disable no-role groups except for user_admin & user_root.

New fields (1)
  • role_ids Many2many → res.role
    column1='act_window_id' column2='role_id' comodel_name='res.role' relation='res_role_act_window_rel' string='Roles'
Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (1)
  • get_bindings(self, model_name)
    @api.model

New fields (1)
  • role_ids Many2many → res.role
    column1='act_client_id' column2='role_id' comodel_name='res.role' relation='res_role_client_rel' string='Roles'
Public methods (0)

No public methods.

New fields (1)
  • role_ids Many2many → res.role
    column1='act_report_id' column2='role_id' comodel_name='res.role' relation='res_role_report_rel' string='Roles'
Public methods (0)

No public methods.

New fields (1)
  • role_ids Many2many → res.role
    column1='act_server_id' column2='role_id' comodel_name='res.role' relation='res_role_server_rel' string='Roles'
Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (1)
  • session_info(self)

New fields (0)

No new fields.

Public methods (0)

No public methods.

New fields (1)
  • role_ids Many2many → res.role
    column1='menu_id' column2='role_id' comodel_name='res.role' relation='res_role_menu_rel' string='Roles'
Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (5)
  • apply_inheritance_specs(self, source, specs_tree, inherit_id, pre_locate=<expr>)
    @api.model
    Avoid raise for syntax errors in web modifier rules. Those errors are logged into the logfile, cf. base/models/ir.ui.view.py, method raise_view_error: _logger.info(message)
  • create(self, vals_list)
    @api.model_create_multi
  • get_inheriting_views_arch(self, view_id, model)
    @api.model
  • read_combined(self, fields=None)
  • write(self, vals)

New fields (6)
  • active Boolean
    default=True
  • company_id Many2one → res.company
    comodel_name='res.company' related='role_id.company_id' store=True
  • method Char
    compute='_compute_model_method' help='Grant execution right for this method.' store=True string='Method'
  • model_id Many2one → ir.model
    comodel_name='ir.model' compute='_compute_model_method' store=True string='Model'
  • name Selection
    requireed=True selection='_selection_name'
  • role_id Many2one → res.role
    comodel_name='res.role' required=True string='Role'
Public methods (1)
  • check_right(self, name, raise_exception=True)
    @api.model

New fields (0)

No new fields.

Public methods (0)

No public methods.

New fields (1)
  • role Boolean
Public methods (0)

No public methods.

New fields (17)
  • acl_ids One2many → res.role.acl
    comodel_name='res.role.acl' inverse_name='role_id' string='ACL Items'
  • act_client_ids Many2many → ir.actions.client
    column1='role_id' column2='act_client_id' comodel_name='ir.actions.client' relation='res_role_client_rel' string='Client Actions'
  • act_report_ids Many2many → ir.actions.report
    column1='role_id' column2='act_report_id' comodel_name='ir.actions.report' relation='res_role_act_report_rel' string='Report Actions'
  • act_server_ids Many2many → ir.actions.server
    column1='role_id' column2='act_server_id' comodel_name='ir.actions.server' relation='res_role_act_server_rel' string='Server Actions'
  • act_window_ids Many2many → ir.actions.act_window
    column1='role_id' column2='act_window_id' comodel_name='ir.actions.act_window' relation='res_role_act_window_rel' string='Window Actions'
  • active Boolean
    default=True
  • code Char
    required=True size=5
  • company_id Many2one → res.company
    comodel_name='res.company' default=<expr> string='Company'
  • group_id Many2one → res.groups
    comodel_name='res.groups' ondelete='restrict' readonly=True
  • menu_ids Many2many → ir.ui.menu
    column1='role_id' column2='menu_id' comodel_name='ir.ui.menu' relation='res_role_menu_rel' string='Menu Items'
  • model_method_ids One2many → model.method.execution.right
    comodel_name='model.method.execution.right' inverse_name='role_id' string='Method Execution Rights'
  • model_operation_ids One2many → view.model.operation
    comodel_name='view.model.operation' inverse_name='role_id' string='View Model Operation'
  • modifier_rule_ids One2many → view.modifier.rule
    comodel_name='view.modifier.rule' inverse_name='role_id' string='View Modifier Rules'
  • name Char
    required=True
  • sequence Integer
  • user_ids Many2many → res.users
    column1='role_id' column2='uid' comodel_name='res.users' relation='res_role_users_rel' string='Users'
  • view_type_attribute_ids One2many → view.type.attribute
    comodel_name='view.type.attribute' inverse_name='role_id' string='View Type Attributes'
Public methods (6)
  • create(self, vals)
    @api.model
  • export_xls(self)
  • import_policy(self)
  • init(self)
    Role groups that have been added to e.g. ir.ui.menu will be removed during 'upgrade all' processing. This happens only for those records that have the groups_id set in the base module (e.g. Settings menu). We cannot prevent this since the addons path modules are not yet imported when the xml files of the base module are loaded. As a consequence we use the init method to restore the role groups.
  • unlink(self)
  • write(self, vals)

New fields (11)
  • access_id Many2one → ir.model.access
    comodel_name='ir.model.access' ondelete='restrict' readonly=True
  • active Boolean
    default=True
  • company_id Many2one → res.company
    comodel_name='res.company' related='role_id.company_id' store=True
  • group_id Many2one → res.groups
    comodel_name='res.groups' readonly=True
  • model_id Many2one → ir.model
    comodel_name='ir.model' required=True
  • name Char
    readonly=True
  • perm_create Boolean
    string='Create Access'
  • perm_read Boolean
    string='Read Access'
  • perm_unlink Boolean
    string='Delete Access'
  • perm_write Boolean
    string='Write Access'
  • role_id Many2one → res.role
    comodel_name='res.role' required=True
Public methods (3)
  • create(self, vals)
    @api.model
  • unlink(self)
  • write(self, vals)

New fields (3)
  • enabled_role_ids Many2many → res.role
    column1='uid' column2='role_id' comodel_name='res.role' domain="[('id', 'in', role_ids)]" help='If you have multiple roles you may experience loss of functionality.\nE.g. Role 2 may hide a button which you need to do your job in Role 1.\nYou can enable here a subset of your roles.\nLeave this field blank to enable all your roles.' relation='res_role_users_enabled_rel' string='Enabled Roles'
  • exclude_from_role_policy Boolean
    compute='_compute_exclude_from_role_policy' store=True
  • role_ids Many2many → res.role
    column1='uid' column2='role_id' comodel_name='res.role' relation='res_role_users_rel' string='Roles'
Public methods (4)
  • create(self, vals_list)
    @api.model_create_multi
    Remove no role groups.
  • fields_view_get(self, view_id=None, view_type=False, toolbar=False, submenu=False)
    @api.model
  • has_role(self, code)
  • write(self, vals)

New fields (8)
  • codepage Char
    default=<expr> help='Code Page of the system that has generated the file.' string='Code Page'
  • file_type Selection
    default=<expr> selection='_selection_file_type'
  • note Text
    args: 'Log'
  • policy_data Binary
    required=True string='File'
  • policy_fname Char
    string='Filename'
  • sheet Selection
    help='Specify the Excel sheet.\nIf not specified all sheets will be imported.' selection='_selection_sheet'
  • skip_checks Boolean
    help='Skip Sanity Checks.\nSetting this option will increase import performance by skipping a number of resource intensive rule sanity checks.'
  • warning Text
    readonly=True
Public methods (1)
  • role_policy_import(self)

New fields (0)

No new fields.

Public methods (2)
  • create(self, vals_list)
    @api.model_create_multi
  • write(self, vals)

New fields (6)
  • active Boolean
    default=True
  • code Char
    required=True
  • company_id Many2one → res.company
    comodel_name='res.company' default=<expr> string='Company'
  • modifier_ids Many2many → view.modifier.rule
    column1='tag_id' column2='modifier_id' comodel_name='view.modifier.rule' help='Security Policy reporting tags' relation='policy_tag_modifier_rel' string='Tags'
  • name Char
    required=True
  • note Text
    name='Description'
Public methods (0)

No public methods.

New fields (8)
  • active Boolean
    default=True
  • company_id Many2one → res.company
    comodel_name='res.company' related='role_id.company_id' store=True
  • disable Boolean
    default=True help='Disable this operation'
  • model Char
    help="Specify 'default' or a 'model name, e.g. sale.order" required=True
  • operation Selection
    required=True selection='_selection_operation'
  • priority Integer
    default=16 help='The priority determines which rule will be selected in case of conflicting rules. Rule conflicts may exist for users with multiple roles or inconsistent role definitions.' required=True
  • role_id Many2one → res.role
    comodel_name='res.role' required=True string='Role'
  • sort Char
    compute='_compute_sort' store=True
Public methods (0)

No public methods.

New fields (17)
  • active Boolean
    default=True
  • company_id Many2one → res.company
    comodel_name='res.company' related='role_id.company_id' store=True
  • element Char
    compute='_compute_element' help='Technical field containt the element after XML_ID resolution' store=True string='Element (internal)'
  • element_ui Char
    help='Specify the view element. E.g.\nbutton name="button_cancel"\nxpath expr="//page[@id=\'invoice_tab\\]"' string='Element'
  • model Char
    related='model_id.model' store=True string='model_name'
  • model_id Many2one → ir.model
    comodel_name='ir.model' string='Model'
  • modifier_invisible Char
    help='Specify 1 (True), 0 (False) or a domain expression.' string='Invisible'
  • modifier_readonly Char
    help='Specify 1 (True), 0 (False) or a domain expression.' string='Readonly'
  • modifier_required Char
    help='Specify 1 (True), 0 (False) or a domain expression.' string='Required'
  • priority Integer
    default=16 group_operator=False help='The priority determines which rule will be selected in case of conflicting rules. Rule conflicts may exist for users with multiple roles or inconsistent role definitions.' required=True
  • remove Boolean
    help="Remove this view or view element from the user interface. You should use this option in stead of 'Invisible' in order to hide view elements for which the user's role does not have read Access rights."
  • role_id Many2one → res.role
    comodel_name='res.role' required=True string='Role'
  • sequence Integer
    default=16 required=True
  • tag_ids Many2many → security.policy.tag
    column1='modifier_id' column2='tag_id' comodel_name='security.policy.tag' help='Security Policy reporting tags' relation='policy_tag_modifier_rel' string='Tags'
  • view_id Many2one → ir.ui.view
    comodel_name='ir.ui.view' domain="['|', ('model', '=', model), ('model', '=', '')]"
  • view_type Selection
    selection='_selection_view_type'
  • view_xml_id Char
    related='view_id.xml_id' store=True string='View External Identifier'
Public methods (0)

No public methods.

New fields (10)
  • active Boolean
    default=True
  • attrib Char
    required=True string='Attribute'
  • attrib_val Char
    required=True string='Attribute Value'
  • company_id Many2one → res.company
    comodel_name='res.company' related='role_id.company_id' store=True
  • priority Integer
    default=16 help='The priority determines which attribute rule will be selected in case of conflicting attribute rules. Rule conflicts may exist for users with multiple roles or inconsistent role definitions.' required=True
  • role_id Many2one → res.role
    comodel_name='res.role' required=True string='Role'
  • sequence Integer
    default=16 required=True
  • view_id Many2one → ir.ui.view
    comodel_name='ir.ui.view' required=True
  • view_type Selection
    related='view_id.type'
  • view_xml_id Char
    related='view_id.xml_id' store=True string='View External Identifier'
Public methods (0)

No public methods.