Skip to Content

Access Control Management for Odoo | User Permissions and Record Rules

by
Odoo

80.36

v 19.0 Third Party 2
Live Preview
Availability
Odoo Online
Odoo.sh
On Premise
Odoo Apps Dependencies Calendar (calendar)
Discuss (mail)
Lines of code 3755
Technical Name dev_access_management
LicenseLGPL-3
Websitehttps://www.devintellecs.com
Versions 16.0 17.0 18.0 19.0
You bought this module and need support? Click here!
Availability
Odoo Online
Odoo.sh
On Premise
Odoo Apps Dependencies Calendar (calendar)
Discuss (mail)
Lines of code 3755
Technical Name dev_access_management
LicenseLGPL-3
Websitehttps://www.devintellecs.com
Versions 16.0 17.0 18.0 19.0

Access Control Management in Odoo

Profile-Based User Permissions, Security and Access Control for Odoo
seprator

Access Control Management Odoo App gives administrators full control over what each user can see and do inside Odoo, without touching any code. You build an access profile once, attach it to one person or a whole team, and the restrictions take effect right away. No XML to maintain, no Python overrides to write, and no hand-built record rules.

From a single profile screen you can hide menus and sub-menus, switch off Create, Edit, Delete, Archive, or Duplicate on the models you choose, mark fields as invisible, read-only, or required, filter records by a domain expression, and tidy the form view by hiding action buttons, smart buttons, kanban links, and notebook tabs. The same profile cleans up the search bar by hiding filters and group-by options.

Global toggles cover the rest: a system-wide read-only mode, blocks for import, export, and spreadsheet insertion, full chatter and activity control, a developer-mode lockout, and a login block that does not need the user to be archived. Every profile is bound to a list of companies, and when two profiles overlap a priority order decides which one wins.

A live permission cache refreshes the moment a rule is saved, including across worker processes, so users see the change without logging out. Suitable for administrators, consultants, and audit teams who need predictable, profile-driven security in Odoo Community, Enterprise, and Odoo.sh deployments.

Community Enterprise Odoo.sh

VIDEO WALKTHROUGH

seprator

Watch the full feature walkthrough on our YouTube playlist.

Complete Access Management in Odoo playlist Watch on YouTube

KEY FEATURES

seprator

Ready-to-use restriction layers, all configured from one profile screen.

Reusable Access Profiles

Group every restriction into one profile and attach it to a user, a team, or many people. The same profile applies the same rules everywhere.

Hide Menus and Sub-Menus

Pick any menu or sub-menu and make it disappear for the profile. Use it to clean the navigation and lock access to unrelated modules.

Field-Level Visibility

Mark any field as invisible, read-only, or required for the profile. Useful for cost prices, salary fields, internal notes, or partner data.

Model CRUD Control

Switch off Create, Edit, Delete, Archive, or Duplicate on any model. Each option works on its own so you keep granular control.

System-Wide Read-Only Mode

Lock a profile out of every Create, Edit, and Delete action across the database. Administrator accounts are automatically protected.

Record-Level Domain Rules

Filter the records a user can read, create, update, or delete with a domain expression. Works with related fields and dynamic conditions.

Hide Buttons, Tabs, and Smart Links

Pick action buttons, smart buttons, kanban links, and notebook tabs to hide on any form. Available items are auto-detected from the live view.

Hide View Types per Model

Disable specific layouts such as list, kanban, pivot, calendar, graph, gantt, activity, or map, so users only see the views you allow.

Search Filter and Group By Control

Hide built-in filters and group-by entries from the search bar, and stop users from creating their own custom filters or groupings.

Chatter and Activity Control

Hide the chatter entirely, or selectively switch off Send Message, Log Note, and Schedule Activity globally or only on the models you choose.

Import, Export, and Spreadsheet Block

Stop a user from exporting data, importing CSV files, or inserting records into Odoo Spreadsheet. Apply the rule globally or per model.

Block Login and Developer Mode

Disable login without archiving the account, and stop a user from entering debug or developer mode through the URL, the settings page, or the shortcut.

Multi-Company with Priority Resolution

Each profile is bound to a list of companies. When two profiles overlap, a priority order decides which one wins, so results stay predictable.

Live Permission Cache

Rule changes propagate to every worker process the moment a profile is saved, so users see new permissions without logging out.

Access Profiles

Build a profile once and attach it to one user or many. The profile is where every restriction lives: menus, models, fields, domain rules, UI elements, search filters, chatter, and global flags. Once saved, the rules apply to assigned users right away.

Create an Access Profile

Define the profile name, set its priority, pick the companies it applies to, and assign the users it should cover. Every restriction tab feeds off this profile record.

Profile configuration form

System-Wide Read-Only Toggle

Flip one switch on the profile and every record becomes read-only for assigned users across the whole system. Admins stay unaffected.

Read-only configuration toggle

Read-Only Behaviour in List and Form

With read-only on, the list view shows records without Create or Edit, and the form view opens in a non-editable state.

Read-only list view Read-only form view

Block System Login

Tick Block Login on the profile to stop assigned users from signing in, without archiving their account. When they try to log in, Odoo rejects the attempt with a clear message.

Login block configuration Login attempt rejected

Block Developer Mode

Stop assigned users from turning on debug or developer mode, whether through the URL, the settings page, or the keyboard shortcut. Closes a common backdoor on production.

Developer mode block configuration Developer mode unavailable

Menu Restrictions

Pick any application, menu, or sub-menu and hide it for assigned users. Keeps every workspace focused on what people actually need to use.

Select Menus to Hide

Add one or many menu entries directly from the profile form. The picker lists every available menu across installed apps.

Menu selection on the profile

Before Restriction

Without the profile, the menu is fully visible to the user in the navigation.

Menu visible before restriction

After Restriction

Once the profile is in place, the selected menu disappears completely and is no longer reachable from the navigation.

Menu hidden after restriction

Model Restrictions

Per model, switch off Create, Edit, Delete, Archive, Duplicate, Import, Export, Spreadsheet insert, reports, server actions, and chatter. Pick the model, tick the toggles, save, done.

Configure Model Operations

Choose a model, then tick the operations to block. View types, report actions, and server actions can also be selected on the same line.

Model restriction configuration

Before Restriction, Import and Kanban View

Without the profile, the Import action and the Kanban view are both available on the list.

Import and Kanban visible

After Restriction, Import and Kanban View

With the profile applied, the Import action disappears from the cog menu and the Kanban view is removed from the view switcher.

Import and Kanban hidden

Before Restriction, Report, Action, and Chatter

The Print menu, server actions, and the chatter panel are all present on the form view by default.

Reports, actions, and chatter visible

After Restriction, Report, Action, and Chatter

With the model restriction in place, reports and actions vanish from the cog menu and the chatter panel is gone from the form view.

Reports, actions, and chatter hidden

Field Restrictions

Mark any field on any model as invisible, read-only, or required for the profile. No view inheritance, no XML edits, just toggle the flag and save.

Configure Field Access

Pick a model, pick the field, then choose Make Invisible, Make Read-Only, or Make Required. Combine as many fields as you need on one profile.

Field access configuration

Before Restriction

Without the profile, the internal link to the partner is shown and the company details remain fully editable.

Fields editable before restriction

After Restriction

With the field rules in place, those fields become read-only and the internal link is hidden from the user.

Fields read-only after restriction

Domain Rules

Filter the records a user can see on any model with a domain expression, and decide whether they can create, update, or delete those records.

Add a Domain Rule

Pick the model the rule should apply to from the profile.

Select model for the domain rule

Define the Domain Filter

Build the domain expression that decides which records the user is allowed to see. Related fields and dynamic conditions are supported.

Domain expression builder

Filtered Records in List View

The list view only shows the records that match the domain. The user never sees anything outside the rule.

Filtered records visible to the user

Before Restriction, Create, Update, Delete

Without the rule, the user can freely create, update, and delete records on the model.

CRUD allowed before restriction

After Restriction, Create, Update, Delete

Once the rule disables them, Create, Update, and Delete are blocked even on the records the user can still see.

CRUD disabled after restriction

Layout Control

Hide action buttons, smart buttons, kanban links, and notebook tabs on the form and kanban views. The picker auto-detects the buttons and tabs available on the live view.

Configure Layout Visibility

Pick the model, then choose the buttons, smart buttons, kanban links, or notebook tabs to hide.

Layout control configuration

Before Restriction, Kanban Links

Kanban card links are visible on the cards by default.

Kanban links visible

After Restriction, Kanban Links

Once the restriction is applied, the selected kanban links are removed from every card.

Kanban links hidden

Before Restriction, Form Buttons and Notebook Tabs

Action buttons in the header and notebook tabs in the body of the form view are all available by default.

Form buttons and tabs visible

After Restriction, Form Buttons and Notebook Tabs

The selected buttons and notebook tabs are hidden from the form for assigned users.

Form buttons and tabs hidden

Search Filters and Group By

Clean up the search bar by hiding pre-defined filters or Group By options, and optionally stop users from saving their own custom filters and groupings.

Configure Search Restrictions

Pick the model and tick the filters and group-by entries that should disappear from the search bar.

Search restriction configuration

Before Restriction

All filters and Group By options, including the Custom Filter and Custom Group By builders, are present in the search bar.

Search filters visible before restriction

After Restriction

Hidden filters and group-by entries are gone, and the custom builders are no longer offered to the user.

Search filters hidden after restriction

Chatter Visibility

Lock down the chatter area on any model. Hide it entirely, or just disable specific actions such as Send Message, Log Note, and Schedule Activity.

Configure Chatter Restrictions

Pick the model and tick the chatter elements that should be hidden for assigned users.

Chatter restriction configuration

Before Restriction

Send Message and Log Note are both available in the chatter by default.

Send Message and Log Note visible

After Restriction

Once the restriction is applied, Send Message and Log Note are hidden from the chatter and cannot be used.

Send Message and Log Note hidden

Global Restrictions

Apply system-wide restrictions from the profile in one place, covering chatter, Send Message, Schedule Activity, and Import or Export across every model.

Configure Global Restrictions

Toggle the global options on the profile. Each switch covers the whole system, so you do not have to repeat the setting per model.

Global restriction configuration

Before Restriction, Send Message and Activities

Send Message and Activities are available on every model's chatter by default.

Send Message and Activities visible

After Restriction, Send Message and Activities

Both actions are hidden across the system once the global toggles are on.

Send Message and Activities hidden

Before Restriction, Import and Export

Import and Export options are present on list views by default.

Import and Export visible

After Restriction, Import and Export

Once the global restriction is enabled, Import and Export are hidden everywhere across the system.

Import and Export hidden

Version 18.0.1.0

  • Initial Release
  • Comprehensive Access Management Profile
  • Menu, Field, Model, and Button Hiding
  • Chatter and Search Filter Control
  • Is this app compatible with Odoo Enterprise?
    • Yes, our app works with Odoo Enterprise as well as Community.
  • If need of customization in this app, How can i contact ?
    • Please contact us on odoo@devintellecs.com
  • Do i get free support?
    • Yes, you will get free support for 90days.
  • Do i get free updates?
    • Yes, you will get free updates for lifetime.
  • Do i have to buy this module for each version ?
    • Yes, you have to buy this module for each version.

Support

seprator
support
DevIntelle will provide FREE 90 days support for any doubt, queries, and bug fixing (excluding data recovery) or any type of issues related to this app. This is applicable from the date of purchase.

Why Us?

seprator
logo
DevIntelle Consulting Services Pvt Ltd is an Odoo service provider India/USA based consulting company with 12+ years of experience. We provide a wide range of services, including implementation, customization, migration, support, and training. Devintellecs experienced team of Odoo can help you get the most out of your Odoo ERP system and achieve your business goals.
More Apps
Ask for Demo

Devintelle Odoo Services

seprator

Odoo Implementation

Odoo Customization

Odoo Intergration

Odoo Migration

Odoo Training

Odoo Support

Please log in to comment on this module

  • The author can leave a single reply to each comment.
  • This section is meant to ask simple questions or leave a rating. Every report of a problem experienced while using the module should be addressed to the author directly (refer to the following point).
  • If you want to start a discussion with the author or have a question related to your purchase, please use the support page.