| Availability |
Odoo Online
Odoo.sh
On Premise
|
| Odoo Apps Dependencies |
Discuss (mail)
|
| Lines of code | 2316 |
| Technical Name |
access_rights_engine_cft |
| License | OPL-1 |
| Website | https://craftsync.com/ |
| Versions | 16.0 17.0 18.0 19.0 |
| Availability |
Odoo Online
Odoo.sh
On Premise
|
| Odoo Apps Dependencies |
Discuss (mail)
|
| Lines of code | 2316 |
| Technical Name |
access_rights_engine_cft |
| License | OPL-1 |
| Website | https://craftsync.com/ |
| Versions | 16.0 17.0 18.0 19.0 |
Access Rights Engine
The most powerful and simplest way to manage access rights in Odoo.
One centralized engine. Total control. Zero complexity.
Menus Models Fields Views Actions Chatter Reports
Instant Effect
Rules apply immediately. No reload needed.
Multi-User & Company
Per-user, per-company access rules.
No Technical Skills
Configure everything from the UI.
One Control Center
Manage all access from a single place.
Why Access Rights Engine?
Managing access rights in Odoo typically involves creating multiple security groups, writing complex record rules, and navigating scattered settings. Access Rights Engine replaces all that with a single, centralized control panel. Define who sees what â menus, models, fields, buttons, views, chatter, reports, and actions â all from one place, with changes taking effect immediately.
Complete Feature Set
Everything you need to control access â all in one module.
Menu Access Control
Hide or restrict access to any main menu or submenu for selected users. Users only see the menus relevant to their role.
Model Access Rights
Control Create, Edit, Delete, Archive, Unarchive, Duplicate, and Export permissions on any model, per user.
Field Access Control
Make any field Invisible, Read-Only, or Required. Applies across form, list, kanban, pivot, and export views.
Button / Tab Access
Hide any button, action link, or tab/page from any view. Full control over what users can click or interact with.
View Access Control
Restrict access to specific view types â form, list, kanban, pivot, graph, calendar, or activity â per user.
Hide Filters & Group By
Remove filter options and group-by selections from search views â globally or per model, per user.
Chatter Access (Model-Wise)
Control access to chatter parts â Send Message, Log Note, Activities, Followers, and Attachments â per model.
Global Chatter Access
Hide the entire chatter, send message, log notes, activities, or followers globally across the whole system.
Report & Action Restriction
Hide specific report buttons and server actions from the print and action menus for selected users.
Read-Only User Mode
Make any user completely read-only across the entire system. They can view everything but edit nothing.
Disable Developer Mode
Prevent selected users from activating debug/developer mode, keeping the interface clean and secure.
Disable User Login
Block specific users from logging into the system without deleting their account or changing their password.
Hide Import / Export
Remove the import and export options from the interface to prevent data extraction or bulk uploads by restricted users.
Hide Duplicate / Archive
Remove the Duplicate and Archive/Unarchive options from model actions for selected users.
Hide External Links
Disable the external link icon on relational fields (Many2one) to prevent users from navigating to linked records.
Kanban Record Link Control
Hide clickable links on kanban cards to prevent users from opening records from the kanban view.
Company-Wise Restrictions
Apply different access rules for each company in a multi-company environment. Full isolation per organization.
Domain-Based Access
Restrict Create, Edit, Delete, and Read access conditionally using domain filters on any model.
Hide Print Options
Remove the print button and related print actions from any model to restrict document printing.
Hide Spreadsheet View
Disable the spreadsheet view option for selected users to prevent data manipulation in spreadsheets.
Make Any Field Required
Force any optional field to become mandatory for selected users, ensuring important data is always captured.
Before vs After
See how this module transforms access management.
Without This Module
| Scattered security groups per module |
| Complex record rules for visibility |
| No field-level control (invisible/required) |
| Cannot hide specific buttons or tabs |
| No chatter control per model or globally |
| Cannot disable developer mode per user |
| No easy way to make users read-only |
| Technical knowledge required |
With Access Rights Engine
| One centralized access control panel |
| Domain-based conditional record access |
| Full field-level control (invisible/required/read-only) |
| Hide any button, tab, or action |
| Chatter control per model or globally |
| Disable developer mode per user |
| Make any user read-only in one click |
| No technical skills needed |
Feature Details
Deep dive into each access control capability.
Menu & Submenu Access Control
Control exactly which menus and submenus each user can see. When a menu is hidden, the user cannot access it from the navigation â even if they know the URL. Submenus can also be hidden individually while keeping parent menus visible.
| Capability | Description |
|---|---|
| Hide main app menus | Remove entire app entries from the top navigation |
| Hide submenus | Selectively hide submenu items within visible apps |
| Per-user assignment | Each user can have a different set of visible menus |
Model Access Rights
Fine-grained control over what operations a user can perform on any Odoo model. Unlike standard access rights that are tied to groups, this applies per-user overrides from a central configuration.
Field Access Control
The most granular level of control. Change any field's behavior per user â make it invisible, read-only, or required. Changes apply everywhere the field appears: form views, list views, kanban cards, pivot tables, filters, group-by, and data exports.
| Option | Effect |
|---|---|
| Invisible | Field is completely hidden from all views, filters, and exports |
| Read-Only | Field is visible but cannot be edited by the user |
| Required | Field must be filled before saving â even if optional by default |
| No External Link | Removes the external link icon from relational fields |
Chatter Access Management
Two levels of chatter control: model-wise (restrict chatter on specific models) and global (restrict chatter across the entire system). Each chatter component can be controlled independently.
Per-Model Control
- Hide full chatter on specific models
- Hide Send Message button
- Hide Log Note button
- Hide Activities
- Hide Followers
- Hide Attachments
Global Control
- Hide chatter across all models
- Disable Send Message globally
- Disable Log Notes globally
- Disable Activities globally
- Disable Followers globally
- Hide Add Property button
Domain (Conditional) Access Rights
Apply access restrictions conditionally based on field values using Odoo domain filters. For example: prevent editing Sales Orders where the status is "confirmed", or restrict deletion of invoices older than 30 days.
| Condition | Restriction |
|---|---|
| Custom domain filter | Restrict Create / Edit / Delete / Read based on field values |
| Date-based filter | Apply restrictions based on date field conditions |
| Model-wide read-only | Make the entire model read-only when conditions are met |
Button / Tab Access
- Hide any button from form views
- Hide any tab/page from form views
- Hide smart buttons on any model
- Hide clickable links on kanban cards
- Control navbar button visibility
View Access Control
- Hide Form View
- Hide List / Tree View
- Hide Kanban View
- Hide Pivot / Graph View
- Hide Calendar / Activity View
How It Works
Get started in 3 simple steps.
Install the Module
Install Access Rights Engine from the Apps menu. A new access configuration menu will appear under Settings.
Configure Access Rules
Define what each user can see and do â select models, fields, menus, buttons, views, chatter options, and more.
Rules Apply Instantly
When the user logs in, all configured rules are enforced immediately. No server restart or manual reload required.
Complete Feature Checklist
| Hide menus and submenus |
| Model-level CRUD control |
| Field invisible / read-only / required |
| Hide buttons, tabs, smart buttons |
| View-type restrictions (form, list, kanban, etc.) |
| Hide filters and group-by options |
| Chatter control (model-wise) |
| Chatter control (global) |
| Report and action restrictions |
| Domain-based conditional access |
| Read-only user mode |
| Disable developer mode per user |
| Disable user login |
| Hide import and export |
| Hide duplicate and archive |
| Hide external links on relational fields |
| Kanban record link control |
| Company-wise restrictions |
| Hide print options |
| Hide spreadsheet view |
Important Note
Before upgrading your database to a newer Odoo version, please uninstall the Access Rights Engine module first. After the upgrade is complete, you can reinstall it. This prevents potential conflicts during the database migration process.
Need Help or Customization?
Our team is here to help you set up access rules or build custom restrictions for your business.
Email SupportOdoo Proprietary License v1.0 This software and associated files (the "Software") may only be used (executed, modified, executed after modifications) if you have purchased a valid license from the authors, typically via Odoo Apps, or if you have received a written agreement from the authors of the Software (see the COPYRIGHT file). You may develop Odoo modules that use the Software as a library (typically by depending on it, importing it and using its resources), but without copying any source code or material from the Software. You may distribute those modules under the license of your choice, provided that this license is compatible with the terms of the Odoo Proprietary License (For example: LGPL, MIT, or proprietary licenses similar to this one). It is forbidden to publish, distribute, sublicense, or sell copies of the Software or modified copies of the Software. The above copyright notice and this permission notice must be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Please log in to comment on this module