ERP software contains a huge amount of data. Ensuring vital data are not accessed by unauthorized persons is very important to ensure that system is not compromised.
Access control is used to provide convenient access to authorized users while also ensuring that unauthorized persons are kept away from important information. User can be described as any person who has access to the database for performing various tasks.
Parameters for Authorizing & restricting users to view information differs in each organization. Access rights are mostly dependent on the job position or role of the individual in the concerned organization.
Employees in a higher hierarchy like those in Management Board are given access to nearly most of the information; while employees can only access information pertaining to their work. We can ensure that by granting Access Rights to Users by applying different rules.
In this blog we will discuss how to create users as well as managing access-rights for them.
- Open the Settings App
- Inside Settings, Click on Manage Users under Users.
- Click on the Create button to Create a New User.
- We also have Menu Users & Companies; under which we can Select Users.
Fill in all required details including Name & Email Address. Under Access Rights, Select Companies. All Applications installed in the Database will be listed.
After filling in the required fields, click on Save Button to save it. Email is sent to the newly created User’s Email Address. Users then have to create a login after receiving an invitation using link provided in mail.
Settings >Users >Access Rights Tab >Multi Companies
Many businesses have several companies, certain employees are to be given access to different companies. For enabling that, we have a Multi-Company provision. After enabling Multi Companies; Under User’s Access Rights Tab we Have Multi Companies. We can add Allowed Companies & Default company.
Few activities require special provisions, as in this case. Here, we have to activate the Developer Mode. In the Settings, scroll down until we can see the following option:
After activating Developer Mode, select User Type in the User:
Internal User: Can have full access to applications
Portal User: Could be customers or suppliers with access only to relevant information
Public Users: can only access website
Portal & Public does not have option to choose access rights. Members have restricted menus using Rules & Groups that does not belong to usual groups in Odoo.
Activate Developer Mode in Settings.
Settings >Users & Companies >Groups.
Creating Groups allows us to put several users together that needs specific Access Rights. Groups are created to define rules to models within an application. We can view Groups menu after activating Developer Mode.
- List of the current users can be viewed under Users.
- Users with administrative rights are shown in black.
Users added to this group are automatically added to the Groups shown below. In the example shown below; Users who have access to Administrator Group of Sales also have access to the website/Restricted Editor & Sales/User: All Documents.
Under Menus, we can add the models (menus) for which users will have access rights.
Rules defined act as first level of access rights. We can enable rights to each model as required.
- Read: Users can only see values of selected object
- Write: User can edit values of the object.
- Create: User can create values for that object.
- Delete: Values can be deleted by the user
Record Rules can be framed as a second layer where we can refine Access Rights using Domains.
Domain expression has a list of conditions. We can choose from the following options for each rule: Read; Write; Create & Delete.
- Changes in Access Rights could make big impact on database. We suggest you to seek help from professionals unless you are having good knowledge of Domains.
- Always Test the changes made to make sure that they are being applied to appropriate users.
Feel free to contact us for any further Assistance.