Skip to Content

Database Delete Guard

by
Odoo
v 18.0 Third Party 4
Download for v 18.0 Deploy on Odoo.sh
Availability
Odoo Online
Odoo.sh
On Premise
Lines of code 97
Technical Name database_delete_guard
LicenseLGPL-3
You bought this module and need support? Click here!
Availability
Odoo Online
Odoo.sh
On Premise
Lines of code 97
Technical Name database_delete_guard
LicenseLGPL-3
Database Delete Guard

Why this module?

Odoo's built-in database manager exposes a Delete button and an RPC endpoint that can drop a database with a single confirmation. On shared or production servers, one wrong click — or one stolen master password — can wipe out a live database in seconds.

Database Delete Guard patches the database service at the server layer and disables the Delete button in the UI for databases you mark as protected.

Key Features

Server-side enforcement

Blocks exp_drop and exp_rename calls at the Odoo service layer, so RPC, JSON-RPC, and database manager calls are all covered — not just the UI.

Pattern matching

Protect specific names (prod, main_live) or use shell-style wildcards (prod_*, *) to cover whole groups of databases.

UI feedback

The Delete button in the database manager is replaced with a disabled Protected indicator, so operators see at a glance that the database is guarded.

Zero-database config

Configured via odoo.conf. Works as a server-wide module — active even before any database is selected.

Rename protection

Protected databases also cannot be renamed, which prevents the common "rename then delete" workaround.

Legacy alias support

Reads db_delete_restrict as a fallback, so migrations from older in-house modules work without rewriting odoo.conf.

Configuration

Add the module to server_wide_modules so the guard is active even when no database is selected, then list the databases (or patterns) to protect: 

[options]
server_wide_modules = web,database_delete_guard
db_delete_guard = prod,main_live,prod_*

db_delete_guard accepts comma-separated database names or shell-style patterns (fnmatch syntax). Use * to block deletion of every database through Odoo.

After updating odoo.conf, restart the Odoo service.

See it in action

Guarded databases show a disabled Protected button in place of Delete. Unguarded databases keep the standard Delete action.

Database Manager with Protected buttons

How it works

  1. On Odoo startup the module monkey-patches odoo.service.db.exp_drop and odoo.service.db.exp_rename.
  2. Each call checks the target database name against the configured patterns.
  3. If a match is found, a DatabaseDeleteGuardError is raised before the underlying drop/rename runs.
  4. The database manager controller is extended to swap the Delete button for a disabled "Protected" button for guarded databases.

Scope & limitations

This module protects Odoo's database manager and RPC deletion/rename endpoints only. It cannot stop a PostgreSQL superuser from dropping databases directly with DROP DATABASE outside Odoo. Combine it with proper PostgreSQL role management for full protection.

Support

Need help or want to report an issue? Get in touch:

tinmyowin11@gmail.com

Please log in to comment on this module

  • The author can leave a single reply to each comment.
  • This section is meant to ask simple questions or leave a rating. Every report of a problem experienced while using the module should be addressed to the author directly (refer to the following point).
  • If you want to start a discussion with the author, please use the developer contact information. They can usually be found in the description.
Please choose a rating from 1 to 5 for this module.