Embed Size (px)
Citation preview
Nom du fichier – à compléterOpenERP 6.1. Offer
Security in OpenERPHarshad Modi & Raphael Collet
Nom du fichier – à compléterOpenERP 6.1. Offer
Overview
- sales tool for partners who can propose to their customers. 2-4 slides/big feature.
Nom du fichier – à compléterOpenERP 6.1. Offer
- sales tool for partners who can propose to their customers. 2-4 slides/big feature.
Authentication Process
• OpenERP Authentication Handlero Plain password (default)o Encrypted password (base_crypt)
• Third Party Authentication Handler (LDAP, OpenID)
Nom du fichier – à compléterOpenERP 6.1. Offer
Connect with OpenId
Nom du fichier – à compléterOpenERP 6.1. Offer
Connect with LDAP
Nom du fichier – à compléterOpenERP 6.1. Offer
Data Level Security
Nom du fichier – à compléterOpenERP 6.1. Offer
Data Level Security
Nom du fichier – à compléterOpenERP 6.1. Offer
Example: Customer Group
!record {model: res.groups, id: base.group_sale_customer}:
name: Customer
category_id: base.module_category_sales_management
Example: Saleman Group
!record {model: res.groups, id: base.group_sale_salesman}:
name: Sales Person
category_id: base.module_category_sales_management
implied_ids: - base.group_sale_customer
Example: User
!record {model: res.users, id: user_john}:
name: Mr.John
groups_id: base.group_sale_saleman
Nom du fichier – à compléterOpenERP 6.1. Offer
Record Rules
• Rule Definitiono Condition for restrict access to subset of
recordso On Access Rights (Create, Read, Write,
Delete)• Global or Group Specific
Nom du fichier – à compléterOpenERP 6.1. Offer
Example:
!record {model: ir.rule, id:sale_order_personal_rule}: name: Personal Orders model_id: model_sale_order domain_force: ['|',('user_id','=',user.id),
('user_id','=',False)] groups: - base.group_sale_saleman
Nom du fichier – à compléterOpenERP 6.1. Offer
UI Level SecurityRestrict Menu to groups of users
!record {model: ir.ui.menu, id:menu_sale_order}: name: Configuration parent: base.menu_sales sequence: 4 groups: - base.base.group_sale_manager
Restrict Workflow Transition to groups of users!record {model:workflow.transition, id:trans_draft_router}: act_from: act_draft act_to: act_router signal: order_confirm group: - base.group_sale_customer - base.group_sale_saleman - base.base.group_sale_manager
Restrict/Hide Fields in Forms to groups of users
<field name="product_uom" string="UoM" groups="product.group_uom"/>
Nom du fichier – à compléterOpenERP 6.1. Offer
Portal and Share
• Portal
Define Portal group Configured Record Rules and Access
Rights• Share Record Access
Create on-the-fly user from email address
Create on-the-fly group with specific record rules
