Skip to Content

AITSP Advanced Access Control

by
Odoo
v 19.0 Third Party 8
Download for v 19.0 Deploy on Odoo.sh
Availability
Odoo Online
Odoo.sh
On Premise
Lines of code 820
Technical Name aitsp_advanced_access_control
LicenseOPL-1
Websitehttps://alrowadit.com/
Versions 17.0 18.0 19.0
You bought this module and need support? Click here!
Advanced Access Rights

AITSP Advanced Access Control

Advanced Security Policies and UI Restrictions for Odoo

AITSP Advanced Access Control is a powerful Odoo module designed to help administrators manage advanced access policies from one centralized interface. It gives businesses more control over what users can create, edit, delete, archive, duplicate, import, export, print, view, and access across Odoo.

The module supports flexible policy assignment based on users, groups, or all users. It also provides global restrictions, model-level rules, field-level rules, button rules, notebook page rules, menu rules, action/report rules, and audit logs for denied operations.

Security Policy Center

Centralized Access Control

Manage global restrictions, model rules, field rules, buttons, pages, menus, actions, reports, and audit logs from one policy system.

Why Use This Module?

Why Use This Module?

Standard Odoo access rights are powerful, but many companies need more flexible control over forms, buttons, fields, menus, reports, and user actions. This module helps administrators apply advanced restrictions without modifying every business model manually.

Stronger internal control over sensitive data, business workflows, reports, menus, forms, and user interface visibility.
Key Features

Key Features

1

Flexible Access Policies

  • Create multiple access control policies.
  • Apply policies to specific users.
  • Apply policies to specific user groups.
  • Apply policies to specific companies.
  • Apply policies to all users.
  • Use policy sequence to organize priority.
  • Exclude Access Control Managers from restrictions to avoid accidental lockout.
2

Global Restrictions

  • Enable Global Read Only mode.
  • Hide chatter from form views.
  • Disable Developer Mode session behavior.
  • Disable Import.
  • Disable Export.
  • Disable Archive / Unarchive.
  • Disable Duplicate.
  • Disable Print.
3

Model Rules

  • Set selected models as read-only.
  • Disable create on specific models.
  • Disable write on specific models.
  • Disable delete on specific models.
  • Disable archive / unarchive on specific models.
  • Disable duplicate on specific models.
  • Disable import, export, or print on specific models.
  • Hide chatter on specific models only.
4

Field Rules

  • Hide selected fields from form views.
  • Make selected fields readonly.
  • Make selected fields required.
  • Apply field restrictions per model and per policy.
5

Button Rules

  • Hide form buttons by technical button name.
  • Hide buttons by visible button label as a fallback.
  • Support object buttons.
  • Support action buttons.
  • Support any button type.
6

Notebook Page Rules

  • Hide notebook pages / tabs from form views.
  • Hide pages by technical page name.
  • Hide pages by visible page label.
7

Menu Rules

  • Hide selected Odoo menus from users.
  • Automatically hide child menus of the selected parent menu.
  • Apply menu restrictions based on active access policies.
8

Action and Report Rules

  • Hide selected reports from the Print menu.
  • Block restricted report execution.
  • Hide selected server actions from the Action menu.
  • Block restricted server action execution.

Audit Logs

The module includes an audit log system that records denied operations when Audit Denials is enabled. This helps administrators review restricted attempts and monitor access policy behavior.

  • Track the user who attempted the restricted operation.
  • Track the policy that caused the restriction.
  • Track the model and operation type.
  • Track related record IDs when available.
  • Track the reason for denial.

How It Works

Policy Assignment

The module introduces a central access policy model where administrators define who the policy applies to and which restrictions should be enforced. A policy can be assigned to users, groups, or all users.

Automatic Evaluation

Once a policy is active, the module evaluates it automatically during Odoo operations such as create, write, delete, duplicate, archive, import, export, print, report downloads, server actions, view rendering, and menu loading.

UI and Backend Control

UI-based restrictions such as hiding fields, buttons, pages, chatter, and menus are applied dynamically when Odoo views and menus are loaded. Backend restrictions such as create, write, delete, import, export, duplicate, archive, print, report execution, and server action execution are enforced server-side.

Policy Configuration

Policy Configuration Tabs

General

Define the users, groups, and audit behavior for the policy. You can apply the policy to all users or only to selected users and groups.

Global Restrictions

Apply general restrictions across the system for the selected users, such as readonly mode, chatter hiding, developer mode restriction, import/export blocking, archive blocking, duplicate blocking, and print blocking.

Model Rules

Apply restrictions to specific Odoo models only. For example, disable export on Inventory Transfers, make Purchase Orders readonly, or disable print on Invoices.

Fields

Control specific fields in form views. Fields can be hidden, made readonly, or made required based on the active policy.

Buttons

Hide form buttons by technical button name, visible label, and button type. This is useful for removing buttons such as Confirm, Validate, Cancel, Reset to Draft, or custom workflow buttons from selected users.

Pages

Hide notebook pages or tabs inside form views by technical page name or visible page label.

Menus

Hide selected menus and their child menus from users based on the active policy.

Actions

Restrict reports and server actions. Restricted reports are hidden from the Print menu and blocked during execution. Restricted server actions are hidden from the Action menu and blocked when executed.

Configuration Steps

Step 1: Assign Manager

Assign the responsible administrator to the Advanced Access Control Manager group.

Step 2: Create Policy

Go to Settings > Advanced Access Control > Policies and create a new policy.

Step 3: Select Users

Apply the policy to all users, selected users, selected groups, or selected companies.

Step 4: Define Rules

Configure global, model, field, button, page, menu, and action rules.

Step 5: Review Logs

Enable Audit Denials and review denied operations from Audit Logs.

Common Use Cases

  • Make selected users readonly across the system.
  • Disable export for sensitive business models.
  • Prevent users from printing invoices, purchase orders, delivery slips, or other reports.
  • Hide Accounting, Inventory, HR, or custom menus from specific users.
  • Hide workflow buttons such as Confirm, Validate, Cancel, or Reset to Draft.
  • Make sensitive fields invisible, readonly, or required for selected user groups.
  • Hide notebook tabs that contain confidential or restricted information.
  • Block selected server actions from being executed.
  • Track denied operations for internal audit and compliance.

Technical Highlights

  • Server-side checks for create, write, delete, duplicate, archive, import, export, print, report execution, and server action execution.
  • Dynamic form view modification for field, button, page, and chatter restrictions.
  • Menu visibility control using active access policies.
  • Report and server action filtering from Odoo action bindings.
  • Denied operations are logged with user, policy, model, operation, record IDs, and reason.
  • Access Control Managers are excluded from restrictions to prevent administrative lockout.
Odoo Proprietary License v1.0

This software and associated files (the "Software") may only be used (executed,
modified, executed after modifications) if you have purchased a valid license
from the authors, typically via Odoo Apps, or if you have received a written
agreement from the authors of the Software (see the COPYRIGHT file).

You may develop Odoo modules that use the Software as a library (typically
by depending on it, importing it and using its resources), but without copying
any source code or material from the Software. You may distribute those
modules under the license of your choice, provided that this license is
compatible with the terms of the Odoo Proprietary License (For example:
LGPL, MIT, or proprietary licenses similar to this one).

It is forbidden to publish, distribute, sublicense, or sell copies of the Software
or modified copies of the Software.

The above copyright notice and this permission notice must be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
DEALINGS IN THE SOFTWARE.

Please log in to comment on this module

  • The author can leave a single reply to each comment.
  • This section is meant to ask simple questions or leave a rating. Every report of a problem experienced while using the module should be addressed to the author directly (refer to the following point).
  • If you want to start a discussion with the author, please use the developer contact information. They can usually be found in the description.