Record rules for buttons

I am struggling a bit with the following case:
I have a model which is using a workflow. Every user have read access to all the records, but only a few users have the right to click on the buttons. So far no problem, I created a special group and added the users to that group.

The problem however is that each record has a list of users from that particular group and only those users are allowed to click on the buttons. So I need some sort of rule to check the current user against that list of users. What it the best approach here? I can check in the workflow transition if the user is in the list and issue a error if not, but are there other possibilities?

No we do not have “rules” for button like we do for record (and neither for fields).

I have tested a solution which is working perfectly. But I want to make sure it’s valid so it will work in upcoming versions (I’m on 6.0)

I added a record rule which checks if a user is in the list and based on that it will add write access. For the buttons I added:

def __setup__(cls):
        'do_maintenance': {
            'readonly': Not(Eval('current_user', []).contains(Eval('context',{}).get('employee'))),
            'depends': ['current_user'],

So the button will become readonly when the user is not in the list.
Is the readonly a valid PYSON expression? It works, but I do Eval twice.

Of course you can use only the write access on the record as check to access to the button (if the button has no group base access).

For now readonly attribute are just cosmetic, there is no enforcement on server side.

You can have multiple Eval statement.

I wasn’t clear about this. I created two record rules, one record rule is there to make the record readonly. The other checks of the user exists in the list on the record and makes the record writable.
The button also have group access added.

Thanks, that was my biggest concern.