Hello,
In different modules I need to display only the lines which concerns the logged in user.
example:
A view returns all registered leave requests.
User “A” logs in and opens this view. I want him to only have access to leave requests that concern him.
How can I do this?
I tried to do this directly in the “setup” function of a module but I can’t find how to filter my request or how to retrieve the “employee” context variable.
“Transaction().context.get(‘employee’)” returns “None”
Thanks
Hello,
You need to add some Record Rules to restrict which records the user is allowed to see. Once you’ve defined the rule the trytond server will filter out the records that the user is not allowed to see.
Hope it helps!
It helps me yes, I found examples in the code but it’s still a bit fuzzy. I may ask you for help again soon.
thank you 
To create the registration rules I looked at the company module.
I think I need to adapt this:
<record model="ir.rule.group" id="rule_group_sequence_companies">
<field name="name">User in companies</field>
<field name="model" search="[('model', '=', 'ir.sequence')]"/>
<field name="global_p" eval="True"/>
</record>
<record model="ir.rule" id="rule_sequence_companies1">
<field name="domain"
eval="[('company', 'in', Eval('companies', []))]"
pyson="1"/>
<field name="rule_group" ref="rule_group_sequence_companies"/>
</record>
<record model="ir.rule" id="rule_sequence_comapnies2">
<field name="domain" eval="[('company', '=', None)]" pyson="1"/>
<field name="rule_group" ref="rule_group_sequence_companies"/>
</record>
but I don’t know what to put in the “domain” fields.
I also don’t know what to put in my python script.
You need to include the domain that limites the records that the user is allowed to see.
In your example, the user is just allowed to see the records that the company is in the list of companies the user is allowed to access.
Hello,
I am resuming this project after a long break.
I tried different things but it doesn’t work.
last test:
<record model="ir.rule.group" id="rule_group_sequence_spending">
<field name="name">spending list</field>
<field name="model" search="[('model', '=', 'hr.employee.spending')]"/>
<field name="global_p" eval="True"/>
</record>
<record model="ir.rule" id="rule_sequence_spending1">
<field name="domain"
eval="[('employee', 'in', Eval('employees', []))]"
pyson="1"/>
<field name="rule_group" ref="rule_group_sequence_spending"/>
</record>
<record model="ir.rule" id="rule_sequence_spending2">
<field name="domain" eval="[('employee', '=', None)]" pyson="1"/>
<field name="rule_group" ref="rule_group_sequence_spending"/>
</record>
normal that it doesn’t work because I’m just replacing things without knowing what I’m doing.
I confirm that the user is indeed associated with an employee, that my list contains entries concerning several employees
Thanks for your help.
Hi,
your intent looks similar the own hours in the timesheet module which is defined here:
<field name="global_p" eval="False"/>
<field name="default_p" eval="True"/>
BTW also you can fiddle it out in the Tryton client UI like here:
When it works, you can move the content to the XML.
Also don’t forget to re-login into Tryton once you change the permissions.
Thank you for your help. It helped me to continue the tests.
But it still doesn’t work.
I did a test with a default value which worked:
<record model="ir.rule.group" id="rule_group_sequence_spending">
<field name="name">Dépenses employé</field>
<field name="model" search="[('model', '=', 'hr.employee.spending')]"/>
<field name="global_p" eval="True"/>
</record>
<record model="ir.rule" id="rule_sequence_spending1">
<field name="domain" eval="[('employee', '=', '2')]" pyson="1"/>
<field name="rule_group" ref="rule_group_sequence_spending"/>
</record>
I conclude that the problem comes from here:
eval="[('employee', 'in', Eval('employees', []))]"
so in the python class which defines the model hr.employee.spending you need to handle employee and employees. So maybe employees is always empty or filled with wrong values?
If it is working with '2' as value, it means that the employee field is not a Many2One but a Char.
So the Eval('employees', []) is filled by the company with a list of ids not char.
No employees is filled by the company module because rule evaluation is done with ir.rule context.
My bad. It’s work with the integer 2.
So your user has no employees set.
Here are the employee fields of the two users I tested:
tryton64_rct=# select login, employee from res_user where login='jmeuh' or login='admin';
login | employee
-------+----------
jmeuh | 2
admin | 2
But it is the employees that is used and the behavior may depend on the value of company filter.
Be sure also that the record of the rule is correctly updated in the database.
sorry I don’t understand.
I’m sure