I have 3 group roles: user, manager and logist. And need that user and manager on states 'approved', and 'to_approve_second' do not have write right.
all the users have write right and there are ir.rules:
<field name="name">Follow Purchase Request</field>
<field name="model_id" ref="model_purchase_request"/>
<field name="groups" eval="[(6,0, [ref('group_purchase_request_user')])]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="False"/>
<field name="perm_create" eval="False"/>
<field name="perm_unlink" eval="False"/>
<field name="domain_force">['|',('requested_by','=',user.id),
('message_partner_ids', 'in', [user.partner_id.id])]</field>
</record>
<record id="purchase_request_rule" model="ir.rule">
<field name="name">Purchase Request User</field>
<field name="model_id" ref="model_purchase_request"/>
<field name="groups" eval="[(6,0, [ref('group_purchase_request_user')])]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="True"/>
<field name="perm_create" eval="True"/>
<field name="perm_unlink" eval="True"/>
<field name="domain_force">[('requested_by','=',user.id)]</field>
</record>
<record id="purchase_request_manager_rule" model="ir.rule">
<field name="name">Purchase Request Manager</field>
<field name="model_id" ref="model_purchase_request"/>
<field name="groups" eval="[(6,0, [ref('group_purchase_request_manager')])]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="True"/>
<field name="perm_create" eval="True"/>
<field name="perm_unlink" eval="True"/>
</record>
I tried to add:
<field name="name">Purchase Request User Rule</field>
<field name="model_id" ref="model_purchase_request"/>
<field name="groups" eval="[(6,0, [ref('group_purchase_request_user')])]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="False"/>
<field name="perm_create" eval="False"/>
<field name="perm_unlink" eval="False"/>
<field name="domain_force">[('state','in',('approved', 'to_approve_second'))]</field>
</record>
<field name="name">Purchase Request Manager Rule</field>
<field name="model_id" ref="model_purchase_request"/>
<field name="groups" eval="[(6,0, [ref('group_purchase_request_manager')])]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="False"/>
<field name="perm_create" eval="False"/>
<field name="perm_unlink" eval="False"/>
<field name="domain_force">[('state','in',('approved', 'to_approve_second'))]</field>
</record>
But nothing happens. User and manager can edit the document on 'approved' and 'to_approve_second' states. What can be wrong?
I found a solution that works!
<record id="purchase_request_followers_rule" model="ir.rule">
<field name="name">Follow Purchase Request</field>
<field name="model_id" ref="model_purchase_request"/>
<field name="groups" eval="[(6,0, [ref('group_purchase_request_user')])]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="False"/>
<field name="perm_create" eval="False"/>
<field name="perm_unlink" eval="False"/>
<field name="domain_force">['|',('requested_by','=',user.id),
('message_partner_ids', 'in', [user.partner_id.id])]</field>
</record>
<record id="purchase_request_rule" model="ir.rule">
<field name="name">Purchase Request User</field>
<field name="model_id" ref="model_purchase_request"/>
<field name="groups" eval="[(6,0, [ref('group_purchase_request_user')])]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="False"/>
<field name="perm_create" eval="False"/>
<field name="perm_unlink" eval="False"/>
<field name="domain_force">[('requested_by','=',user.id)]</field>
</record>
<record id="no_edit_rule" model="ir.rule">
<field name="name">No Edit Rule</field>
<field name="model_id" ref="model_purchase_request"/>
<field name="groups" eval="[(6,0, [ref('group_purchase_request_user')])]"/>
<field name="perm_read" eval="False"/>
<field name="perm_write" eval="True"/>
<field name="perm_create" eval="False"/>
<field name="perm_unlink" eval="False"/>
<field name="domain_force">[('requested_by','=',user.id),('state','not in',('approved', 'to_approve_second'))]
<record id="purchase_request_manager_rule" model="ir.rule">
<field name="name">Purchase Request Manager</field>
<field name="model_id" ref="model_purchase_request"/>
<field name="groups" eval="[(6,0, [ref('group_purchase_request_manager')])]"/>
<field name="perm_read" eval="False"/>
<field name="perm_write" eval="True"/>
<field name="perm_create" eval="False"/>
<field name="perm_unlink" eval="False"/>
<field name="domain_force">[('assigned_to','=',user.id),('state','in',('to_approve_first', 'create_order'))]
<record id="manager_manager_rule" model="ir.rule">
<field name="name">Manager manager</field>
<field name="model_id" ref="model_purchase_request"/>
<field name="groups" eval="[(6,0, [ref('group_purchase_request_manager')])]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="False"/>
<field name="perm_create" eval="False"/>
<field name="perm_unlink" eval="False"/>
<field name="domain_force">[('assigned_to','=',user.id)]</field>
</record>