Skip to Content
  2. Mailing Lists
  3. Contributors
  4. Define permissions in website (frontend)

Archives

Contributors

Petty Cash Odoo App

Weird issue: database does not run tests

Define permissions in website (frontend)

Hello,

How would I grant access to a website but only for a res_partner fulfilling a condition?

user case is publishing a list that is only accessible to partners who have "condition = True".

Another option would be to have a public page protected by a single password. Maybe in a popup?

Is there a module that could help? any pointer?


I was thinking to get in the controller, the user's id from the session and then conditionally return the required data but maybe there is an easier way?




Thank you




 --
Yves Goldberg
odooOfficial Partner - OCA delegate
Open Source ERP, CRM & CMS
T +972 (3) 720 8818
+972 (55) 966 1405
+32 (2) 588 2500
 
 
--

by Yves Goldberg - 05:06 - 23 Sep 2020

Follow-Ups

  • Re: Define permissions in website (frontend)
    > It would be nice to have a generic module allowing adding a domain to a website page

    You can already do this:

    1. add a computed field which defines the access level on the page (based on user/group/whatever)
    2. add a record rule to protect records based on that field

    Watch out: the controller will still find the record and render the page -> you won't get a NotFound nor AccessError immediately.
    AccessError will come only if in the template you read the object found.

    On Sun, Sep 27, 2020 at 8:12 AM <admin@ygol.com> wrote:
    Thanks for your help Ruben, Simone and Remi.
    I ended up adding the condition in the controller.
    (It would be nice to have a generic module allowing adding a domain to a website page)
    Best.
     --
    Yves Goldberg
    --


    ----- Original message -----
    From: "Rémi CAZENAVE - Le Filament" <remi@le-filament.com>
    Subject: Re: Define permissions in website (frontend)
    Date: Thursday, September 24, 2020 10:01

    Hello Yves,

    You can also enable authentication for specific URI in proxy configuration, depending on your target architecture it might be easier to deploy than overriding Odoo controllers but it will not be configurable by end users.

    Best regards,
    Rémi CAZENAVE - SCOP Le Filament

    De : Simone Orsi <simahawk@gmail.com>
    Envoyé : 24 septembre 2020 08:42:05 GMT+02:00
    À : Contributors <contributors@odoo-community.org>
    Objet : Re: Define permissions in website (frontend)

    Hello,

    if the goal is to simply block login, you could override the login/authenticate method and raise a proper error.

    If you want to block access to a specific route only, override it and raise proper exception when condition is not matched.

    Bests,

    On Wed, Sep 23, 2020 at 5:07 PM Yves Goldberg <yves@ygol.com> wrote:
    Hello,

    How would I grant access to a website but only for a res_partner fulfilling a condition?

    user case is publishing a list that is only accessible to partners who have "condition = True".

    Another option would be to have a public page protected by a single password. Maybe in a popup?

    Is there a module that could help? any pointer?


    I was thinking to get in the controller, the user's id from the session and then conditionally return the required data but maybe there is an easier way?




    Thank you




     --
    Yves Goldberg
    odooOfficial Partner - OCA delegate
    Open Source ERP, CRM & CMS
    T +972 (3) 720 8818
    +972 (55) 966 1405
    +32 (2) 588 2500
     
     
    --

    _______________________________________________



    --
    Simone Orsi

    Full stack Python web developer, Odoo specialist, Odoo Community Board Member, Freelance in love with open source.

    _______________________________________________

    _______________________________________________


    _______________________________________________
    Mailing-List: https://odoo-community.org/groups/contributors-15
    Post to: mailto:contributors@odoo-community.org
    Unsubscribe: https://odoo-community.org/groups?unsubscribe



    --
    Simone Orsi

    Full stack Python web developer, Odoo specialist, Odoo Community Board Member, Freelance in love with open source.
    by Simone Orsi - 10:01 - 27 Sep 2020
  • Re: Define permissions in website (frontend)
    Thanks for your help Ruben, Simone and Remi.
    I ended up adding the condition in the controller.
    (It would be nice to have a generic module allowing adding a domain to a website page)
    Best.
     --
    Yves Goldberg
    --


    ----- Original message -----
    From: "Rémi CAZENAVE - Le Filament" <remi@le-filament.com>
    Subject: Re: Define permissions in website (frontend)
    Date: Thursday, September 24, 2020 10:01

    Hello Yves,

    You can also enable authentication for specific URI in proxy configuration, depending on your target architecture it might be easier to deploy than overriding Odoo controllers but it will not be configurable by end users.

    Best regards,
    Rémi CAZENAVE - SCOP Le Filament

    De : Simone Orsi <simahawk@gmail.com>
    Envoyé : 24 septembre 2020 08:42:05 GMT+02:00
    À : Contributors <contributors@odoo-community.org>
    Objet : Re: Define permissions in website (frontend)

    Hello,

    if the goal is to simply block login, you could override the login/authenticate method and raise a proper error.

    If you want to block access to a specific route only, override it and raise proper exception when condition is not matched.

    Bests,

    On Wed, Sep 23, 2020 at 5:07 PM Yves Goldberg <yves@ygol.com> wrote:
    Hello,

    How would I grant access to a website but only for a res_partner fulfilling a condition?

    user case is publishing a list that is only accessible to partners who have "condition = True".

    Another option would be to have a public page protected by a single password. Maybe in a popup?

    Is there a module that could help? any pointer?


    I was thinking to get in the controller, the user's id from the session and then conditionally return the required data but maybe there is an easier way?




    Thank you




     --
    Yves Goldberg
    odooOfficial Partner - OCA delegate
    Open Source ERP, CRM & CMS
    T +972 (3) 720 8818
    +972 (55) 966 1405
    +32 (2) 588 2500
     
     
    --

    _______________________________________________



    --
    Simone Orsi

    Full stack Python web developer, Odoo specialist, Odoo Community Board Member, Freelance in love with open source.

    _______________________________________________
    Post to: mailto:contributors@odoo-community.org

    _______________________________________________
    Post to: mailto:contributors@odoo-community.org


    by Yves Goldberg - 08:11 - 27 Sep 2020
  • Re: Define permissions in website (frontend)

    Hello Yves,

    You can also enable authentication for specific URI in proxy configuration, depending on your target architecture it might be easier to deploy than overriding Odoo controllers but it will not be configurable by end users.

    Best regards,
    Rémi CAZENAVE - SCOP Le Filament
    https://le-filament.com

    De : Simone Orsi <simahawk@gmail.com>
    Envoyé : 24 septembre 2020 08:42:05 GMT+02:00
    À : Contributors <contributors@odoo-community.org>
    Objet : Re: Define permissions in website (frontend)

    Hello,

    if the goal is to simply block login, you could override the login/authenticate method and raise a proper error.

    If you want to block access to a specific route only, override it and raise proper exception when condition is not matched.

    Bests,

    On Wed, Sep 23, 2020 at 5:07 PM Yves Goldberg <yves@ygol.com> wrote:
    Hello,

    How would I grant access to a website but only for a res_partner fulfilling a condition?

    user case is publishing a list that is only accessible to partners who have "condition = True".

    Another option would be to have a public page protected by a single password. Maybe in a popup?

    Is there a module that could help? any pointer?


    I was thinking to get in the controller, the user's id from the session and then conditionally return the required data but maybe there is an easier way?




    Thank you




     --
    Yves Goldberg
    odooOfficial Partner - OCA delegate
    Open Source ERP, CRM & CMS
    T +972 (3) 720 8818
    +972 (55) 966 1405
    +32 (2) 588 2500
     
     
    --

    _______________________________________________
    Mailing-List: https://odoo-community.org/groups/contributors-15
    Post to: mailto:contributors@odoo-community.org
    Unsubscribe: https://odoo-community.org/groups?unsubscribe



    --
    Simone Orsi

    Full stack Python web developer, Odoo specialist, Odoo Community Board Member, Freelance in love with open source.

    _______________________________________________
    Mailing-List: https://odoo-community.org/groups/contributors-15
    Post to: mailto:contributors@odoo-community.org
    Unsubscribe: https://odoo-community.org/groups?unsubscribe

    by Rémi Cazenave - 09:01 - 24 Sep 2020
  • Re: Define permissions in website (frontend)
    Hello,

    if the goal is to simply block login, you could override the login/authenticate method and raise a proper error.

    If you want to block access to a specific route only, override it and raise proper exception when condition is not matched.

    Bests,

    On Wed, Sep 23, 2020 at 5:07 PM Yves Goldberg <yves@ygol.com> wrote:
    Hello,

    How would I grant access to a website but only for a res_partner fulfilling a condition?

    user case is publishing a list that is only accessible to partners who have "condition = True".

    Another option would be to have a public page protected by a single password. Maybe in a popup?

    Is there a module that could help? any pointer?


    I was thinking to get in the controller, the user's id from the session and then conditionally return the required data but maybe there is an easier way?




    Thank you




     --
    Yves Goldberg
    odooOfficial Partner - OCA delegate
    Open Source ERP, CRM & CMS
    T +972 (3) 720 8818
    +972 (55) 966 1405
    +32 (2) 588 2500
     
     
    --

    _______________________________________________
    Mailing-List: https://odoo-community.org/groups/contributors-15
    Post to: mailto:contributors@odoo-community.org
    Unsubscribe: https://odoo-community.org/groups?unsubscribe



    --
    Simone Orsi

    Full stack Python web developer, Odoo specialist, Odoo Community Board Member, Freelance in love with open source.
    by Simone Orsi - 08:41 - 24 Sep 2020
  • Re: Define permissions in website (frontend)
    Hi,

    With module auth_signup you have a auth_signup_uninvited system parameter, then if you set it to False only users with login can access your website. That access can be granted by portal wizard action to users you wish as well.

    Saludos!

    Rubén Seijas
    Analista Programador Web
    Tfno: 982 81 48 05 Ext: 104



    El mié., 23 sept. 2020 a las 17:07, Yves Goldberg (<yves@ygol.com>) escribió:
    Hello,

    How would I grant access to a website but only for a res_partner fulfilling a condition?

    user case is publishing a list that is only accessible to partners who have "condition = True".

    Another option would be to have a public page protected by a single password. Maybe in a popup?

    Is there a module that could help? any pointer?


    I was thinking to get in the controller, the user's id from the session and then conditionally return the required data but maybe there is an easier way?




    Thank you




     --
    Yves Goldberg
    odooOfficial Partner - OCA delegate
    Open Source ERP, CRM & CMS
    T +972 (3) 720 8818
    +972 (55) 966 1405
    +32 (2) 588 2500
     
     
    --

    _______________________________________________
    Mailing-List: https://odoo-community.org/groups/contributors-15
    Post to: mailto:contributors@odoo-community.org
    Unsubscribe: https://odoo-community.org/groups?unsubscribe

    by Rubén Seijas - 05:31 - 23 Sep 2020