I have this message:
The requested operation can not be completed due to security restrictions. Document type: Employee (hr.employee) Operation: read User: 23 Fields: - contract_id (allowed for groups 'Employees / Officer')
I would not like to add the user to the mentioned group because I want to restrict his actions, and this group has too many permissions. How can I know what permission is required for that specific field?
Create a module with just these lines. I am trying to overwrite the field by deleting the group but it doesn't work for me. What am I doing something wrong?
# -*- coding: utf-8 -*-
# Part of Odoo. See LICENSE file for full copyright and licensing details.
from odoo import api, fields, models
from odoo.osv import expression
class Employee(models.Model):
_inherit = "hr.employee"
contract_id = fields.Many2one('hr.contract', string='Current Contract',
domain="[('company_id', '=', company_id)]", help='Current contract of the employee')
Odoo is nice for once and is telling you which field on which model is restricted. So in this case you should look into the field definition and will find:
contract_id = fields.Many2one(
'hr.contract', string='Current Contract',
groups="hr.group_hr_user",
domain="[('company_id', '=', company_id), ('employee_id', '=', id)]",
help='Current contract of the employee')
You can see the groups parameter which will lead to a restriction of this field to the following groups. Here it is one: hr.group_hr_user which is created with the hr App and also mentioned in Odoo's Access Error: "Employees / Officer".
So you could change the field definition, but i don't advise to do that. I'm not sure why there is no possibility for an Employee to atleast see some of the current contract information of his own contract.