Hello,
I agree with you that rules is a very flexible mechanism. However at the
same time it not the complete solution. Here is my short experience for last
seven month on setting up security based on rules.
My objective was to restrict the access of the data to only the concerned
department. Say for example if a sales team is looking after a particular
account then they and only they should be able to access only the information
regarding their account.Currently I want to restrict "Partners","Contacts" and
"Products"
They way I planned to do it was to assign roles to the users. The role will
be specific to that account. For account I added a field called roles to the
"partner","Contacts" and "Product" which were made as the required field. Then
I added a rule restricting the access to only the users who belong to the role
which have been added to the roles field.
Testing the same was a nightmare. The system becomes unusable. If we add the
rules to both for partners and contact it is impossible to add the partner or
contact. If I add rule only to the partner then all the contacts are visible to
all the user. For products, adding the rule has made it impossible to add the
product. I have to add roles to all the components, and my implementation of
openerp in the organization is stuck because of this issue. Kindly let me know
if I am doing something wrong or missing something.
Apart from rules, I believe that we need to define a hierarchy of roles
which should replicate the hierarchy in the organization. The parent/managing
role should be able to see all the information of children plus its rules.
Best regards,
Amit
-------------------- m2f --------------------
--
http://www.openobject.com/forum/viewtopic.php?p=45802#45802
-------------------- m2f --------------------
_______________________________________________
Tinyerp-users mailing list
http://tiny.be/mailman2/listinfo/tinyerp-users
