| Availability |
Odoo Online
Odoo.sh
On Premise
|
| Odoo Apps Dependencies |
Discuss (mail)
|
| Lines of code | 2829 |
| Technical Name |
eh_access_studio |
| License | LGPL-3 |
| Website | https://www.erpheritage.com.au/ |
| Versions | 16.0 17.0 18.0 19.0 |
User Access Studio
Hide menus, fields, buttons, tabs, filters and chatter, and apply per model record rules with smart placeholder domains, from one access profile.
Why this module
User Access Studio
Hide without code
From one profile, hide menus, fields, buttons, tabs, filters and the chatter, and toggle behaviours like debug mode and login, so a role sees only what it needs, configured in the user interface rather than in XML.
Record rules with placeholders
Define per model record rules whose domains accept smart placeholders resolved at runtime, so a rule like records of the current user's company or team is expressed once and stays correct as context changes.
Guards that prevent regret
A profile cannot be saved in a state that would lock an administrator out of readonly, profiles can carry an active date window, and active resolution is cached and invalidated on change so the overlay is both safe and fast.
Day in the life
Locking a role down to exactly what it needs
An administrator builds a profile for a front desk role: hide the accounting menus, make a handful of fields readonly, hide the chatter on contacts, and add a record rule limiting visible records to the user's own branch with a smart placeholder. They try to also remove their own admin access and the profile refuses to save, because the guard will not let an administrator be stripped to readonly. They give the profile a start and end date for a seasonal team. The overlay resolves per user and is cached, so day to day use is fast, and any change invalidates the cache immediately.
Edge cases
The cases most modules quietly ignore.
In the shipped code today, each one a place where a cheaper module silently does the wrong thing.
A constraint refuses to save a profile that would put an administrator into a readonly or stripped state, so the tool cannot be used to lock the system's own administrators out.
A profile can carry an active date window, so temporary or seasonal access expires on its own rather than relying on someone remembering to remove it.
Record rule domains support placeholders resolved at runtime against the current user and context, so one rule expresses own company or own team without hard coded ids.
A malformed rule domain is caught and logged rather than crashing the request, and it blocks access instead of silently granting it, so a configuration mistake never opens a hole.
The active profile resolution is cached for speed and invalidated on any profile create, write or unlink, so changes take effect at once without a slow per request recompute.
What is inside
Built to do the job, end to end.
- Access profile. One record carrying the hide toggles (menus, fields, buttons, tabs, filters, chatter), behaviour switches, an optional date window, and the assigned users, with computed counts of what it affects.
- UI hiding. Field, menu, chatter and view node models plus view and base model hooks that remove elements per profile from the rendered interface.
- Record rules with a resolver. A domain model and resolver that build per model record rules with smart placeholders evaluated at runtime.
- Safety and caching. Constraints (no admin lockout, unique name, valid date window) and an active profile cache invalidated on every change.
Honest about the edges
What this does not do, so nothing surprises you.
- This is an overlay on top of Odoo's own access rights and groups, not a replacement for them. It shapes the interface and adds record rules; it does not rewrite the underlying ACL model.
- Blocked access shows Odoo's standard access denied dialog, and rule evaluation errors are written to the server log. The module does not ship a stored, per event audit log of every blocked operation.
- The Odoo superuser bypasses record rules by design, so rules constrain regular users, not the technical superuser account.
Odoo access rights, hide menu field button Odoo, record rules Odoo, restrict access Odoo, readonly user Odoo, access management Odoo 19, per model domain rule, hide chatter Odoo, UI access control, user access overlay
Languages
Available in 19 languages
The interface ships translated out of the box. Switch language in Odoo and the fields, menus, and messages follow.
Modules teams pair with this one.
Premium ERP Heritage modules that extend the same stack, each built to the same engineering bar.
The United Kingdom country pack for the ERP Heritage Employment Hero integration
Sync Employment Hero employees, departments and payroll bank details into standard Odoo Community HR over the pla...
Inbound webhook receiver for the Employment Hero people and payroll platform on Odoo 19 Community
Real-time fiscalisation of customer invoices and credit notes with the Mauritius Revenue Authority e-Invoicing (E...
One click install of the full Employment Hero integration for Odoo Community, covering the connector, two way syn...
The Malaysia country pack for the ERP Heritage Employment Hero integration
Please log in to comment on this module