You might have noticed, upon loading our module is getting a warning message in the server log: The model todo.task has no access rules, consider adding one.
The message is pretty clear: our new model has no access rules, so it can't be used by anyone other than the admin
super user. As a super user the admin
ignores data access rules, that's why we were able to use the form without errors. But we must fix this before other users can use it.
To get a picture of what information is needed to add access rules to a model, use the web client and go to: Settings|
Technical|
Security|
Access Controls List.
Here we can see the ACL for the mail.mail
model. It indicates, per group, what actions are allowed on records.
This information needs to be provided by the module, using a data file to load the lines into the ir.model.access
model. We will add full access on the model to the employee group. Employee is the basic access group nearly everyone belongs to.
This is usually...