Contributors mailing list archives

contributors@odoo-community.org

Avatar

Re: Define permissions in website (frontend)

by
Camptocamp SA, Simone Orsi
- 27/09/2020 07:58:53
> It would be nice to have a generic module allowing adding a domain to a website page

You can already do this:

1. add a computed field which defines the access level on the page (based on user/group/whatever)
2. add a record rule to protect records based on that field

Watch out: the controller will still find the record and render the page -> you won't get a NotFound nor AccessError immediately.
AccessError will come only if in the template you read the object found.

On Sun, Sep 27, 2020 at 8:12 AM <admin@ygol.com> wrote:
Thanks for your help Ruben, Simone and Remi.
I ended up adding the condition in the controller.
(It would be nice to have a generic module allowing adding a domain to a website page)
Best.
 --
Yves Goldberg
--


----- Original message -----
From: "Rémi CAZENAVE - Le Filament" <remi@le-filament.com>
Subject: Re: Define permissions in website (frontend)
Date: Thursday, September 24, 2020 10:01

Hello Yves,

You can also enable authentication for specific URI in proxy configuration, depending on your target architecture it might be easier to deploy than overriding Odoo controllers but it will not be configurable by end users.

Best regards,
Rémi CAZENAVE - SCOP Le Filament


De : Simone Orsi <simahawk@gmail.com>
Envoyé : 24 septembre 2020 08:42:05 GMT+02:00
À : Contributors <contributors@odoo-community.org>
Objet : Re: Define permissions in website (frontend)

Hello,

if the goal is to simply block login, you could override the login/authenticate method and raise a proper error.

If you want to block access to a specific route only, override it and raise proper exception when condition is not matched.

Bests,

On Wed, Sep 23, 2020 at 5:07 PM Yves Goldberg <yves@ygol.com> wrote:
Hello,

How would I grant access to a website but only for a res_partner fulfilling a condition?

user case is publishing a list that is only accessible to partners who have "condition = True".

Another option would be to have a public page protected by a single password. Maybe in a popup?

Is there a module that could help? any pointer?


I was thinking to get in the controller, the user's id from the session and then conditionally return the required data but maybe there is an easier way?




Thank you




 --
Yves Goldberg
odooOfficial Partner - OCA delegate
Open Source ERP, CRM & CMS
T +972 (3) 720 8818
+972 (55) 966 1405
+32 (2) 588 2500
 
 
--

_______________________________________________



--
Simone Orsi

Full stack Python web developer, Odoo specialist, Odoo Community Board Member, Freelance in love with open source.

_______________________________________________

_______________________________________________


_______________________________________________
Mailing-List: https://odoo-community.org/groups/contributors-15
Post to: mailto:contributors@odoo-community.org
Unsubscribe: https://odoo-community.org/groups?unsubscribe



--
Simone Orsi

Full stack Python web developer, Odoo specialist, Odoo Community Board Member, Freelance in love with open source.

Reference