Skip to Content

Ultra Advanced Access Management

by
Odoo

1411.20

v 19.0 Third Party
Availability
Odoo Online
Odoo.sh
On Premise
Odoo Apps Dependencies Discuss (mail)
Lines of code 7000
Technical Name ultra_advanced_access_management_aura
LicenseOPL-1
Websitehttps://www.auraodoo.tech/
You bought this module and need support? Click here!
Availability
Odoo Online
Odoo.sh
On Premise
Odoo Apps Dependencies Discuss (mail)
Lines of code 7000
Technical Name ultra_advanced_access_management_aura
LicenseOPL-1
Websitehttps://www.auraodoo.tech/

Advanced Access Management

Enterprise-Grade User Access Control for Odoo 19

by Aura Odoo Tech

10+ Rule Types Report Control Action Rules View Type Rules Dashboard Rules API Control 2FA Enforcement Field Masking Approval Workflow IP Rules Attachment Rules Audit Logging Multi-Company Odoo 19

Complete Access Control Solution

Take full control over who sees what in your Odoo instance. Manage menus, models, fields, buttons, chatter, search options, and more with granular rule-based restrictions per user, group, or company.

Core Features

Everything you need to manage user access at every level

Menu Access Control
Menu Rules
  • Hide or show specific menus and submenus
  • Apply per user, group, or company
  • Hide/Show Only modes for flexible control
  • Include child menus option for cascading rules
  • Active/inactive toggle for quick enable/disable
Model Access Control
Model Rules
  • Block Create, Read, Write, Delete operations
  • Restrict Export, Import, Duplicate, Archive
  • Block Print and Server Actions
  • Hard block, UI hide, or warn enforcement modes
  • Apply to any model in the system
Field-Level Control
Field Rules
  • Make fields Invisible, Readonly, or Required
  • Block export of sensitive fields
  • Relational controls: No Create, No Open
  • Scope rules per view type (Form, List, etc.)
  • Conditional domain for dynamic restrictions
Button & Tab Control
Button Rules
  • Hide or disable specific buttons by name
  • Control smart buttons visibility
  • Hide notebook tabs and pages
  • Target by button name or string attribute
  • Match by header, footer, or sheet location
Search & Filter Control
Search Rules
  • Hide predefined filters from search view
  • Block custom filter creation
  • Hide Group By options
  • Disable custom group by creation
  • Hide search panel and saved favorites
Chatter Access Control
Chatter Rules
  • Hide entire chatter section
  • Block Send Message or Log Note
  • Hide Activities panel
  • Remove Followers section
  • Global or per-model scope
Domain-Based Rules
Conditional
  • Apply restrictions based on record field values
  • Odoo domain syntax for conditions
  • Hard block, soft warn, or UI hide modes
  • Block write, delete, or specific actions
  • Safe evaluation engine for security
Report Access Control
Report Rules
  • Block printing of specific QWeb reports
  • Restrict report download (PDF)
  • Block sending reports by email
  • Target specific reports or all reports per model
  • Hard block, UI hide, or warning enforcement
Action Access Control
Action Rules
  • Control server actions, crons, automated actions
  • Block execution of specific actions
  • Restrict modification or deletion of actions
  • Support for window, URL, and client actions
  • Per-model or per-action granularity
View Type Access Control
View Type Rules
  • Block list, kanban, pivot, graph, calendar views
  • Restrict gantt, map, activity, cohort views
  • Configure per model and per user/group
  • Auto redirect to allowed default view
  • All 10 Odoo view types supported
Dashboard Access Control
Dashboard Rules
  • Control spreadsheet and dashboard access
  • Block view, edit, create, delete operations
  • Restrict sharing and exporting dashboards
  • Target by action or name pattern
  • Custom, spreadsheet, and reporting dashboard types
API / Endpoint Control
API Rules
  • Restrict access to specific API routes
  • Per-method blocking (GET, POST, PUT, DELETE)
  • Built-in rate limiting per endpoint
  • JSON-RPC, HTTP, and legacy JSON support
  • Wildcard path matching for sub-routes
Notification Rules
Alerts
  • Trigger alerts on access-denied events
  • Email, Odoo chat, or channel notifications
  • Configurable severity levels
  • Throttle duplicate notifications
  • Per-model or global scope
Time-Based Rules
Schedule
  • Restrict by time of day or day of week
  • Date range windows for seasonal access
  • Allow or deny mode per rule
  • Timezone-aware evaluation
  • Combined time + day + date rules
IP-Based Rules
Network
  • Whitelist or blacklist IP addresses
  • CIDR notation for IP ranges
  • Block login, backend, or API access
  • Per-user or per-group restrictions
  • IPv4 and IPv6 support
2FA Enforcement
Security
  • Force TOTP or email-based 2FA
  • Grace period for non-compliant users
  • Block, warn, or redirect on non-compliance
  • Track compliant vs non-compliant users
  • Per-model or login-level enforcement
Field Masking
Privacy
  • Mask phone, email, or custom fields
  • Full, partial, or custom mask patterns
  • Mask in forms, lists, exports, and APIs
  • Optional reveal button for authorized groups
  • GDPR-friendly data protection
Approval Workflow
Workflow
  • Require approval before create, write, delete
  • Multi-approver with minimum threshold
  • Auto-reject timeout for stale requests
  • Notification on request, approve, reject
  • Track pending, approved, rejected counts
Record Ownership
Ownership
  • Own-only, team, or subordinate access modes
  • Configurable owner and team fields
  • Restrict read, write, delete, export, print
  • Hard block, warning, or UI-hide enforcement
  • Per-model ownership rules
Import/Export Format
Data
  • Block CSV, XLSX, PDF, XML, JSON formats
  • Max record limit for exports
  • Block specific fields from export
  • Separate import vs export direction control
  • Per-model or global format rules
Attachment Rules
Files
  • Block upload, download, delete, preview
  • MIME type and extension filtering
  • Max file size limits per rule
  • Max attachments per record
  • Per-model or global scope
Company-Wise Restrictions
Multi-Company
  • Different CRUD rules per company
  • Company-specific menu restrictions
  • Ideal for multi-company environments
  • Restrict export, import, duplicate per company
  • Automatic company detection
User Profile Control
Security
  • Set users to full Read-Only mode
  • Disable user login completely
  • Block Developer Mode access
  • Disable export, import, duplicate per user
  • Hide chatter globally per user
Audit Logging
Monitoring
  • Track all access events and blocked actions
  • 11 action types logged automatically
  • Pivot and Graph views for analysis
  • Automated cleanup via scheduled cron
  • Immutable log entries for compliance
Configuration Settings
Settings
  • Enable/disable each feature module independently
  • Configure audit log retention period
  • Toggle menu, model, field, button rules
  • Enable/disable chatter and domain rules
  • Integrated in Odoo General Settings
Security & Permissions
Access Control
  • Three-tier role system: Viewer, Manager, Admin
  • Record-level security rules
  • Granular ACL per model and role
  • Self-protection: cannot lock out own module
  • Odoo 19 privilege-based group architecture

Technical Highlights

Odoo 19 Native

Built with models.Constraint, list views, jsonrpc routes, and res.groups.privilege

OWL 2 Components

Client-side patches for FormController, ListController, Chatter, and developer mode

Cache Optimized

Rule results cached in session with automatic invalidation on rule changes

Multi-Company

Full multi-company support with company-scoped rules and record rules

How It Works

1
Install the Module

Install Advanced Access Management from Apps. Enable desired features in Settings.

2
Create Rules

Navigate to Access Management menu. Create rules for menus, models, fields, buttons, and more.

3
Monitor & Audit

Review audit logs to track blocked actions and access events. Analyze with pivot and graph views.

Module Screenshots

A look at the module in action

Menu Rules Configuration

Model Access Rules

Field-Level Restrictions

Audit Log Dashboard

alt alt alt alt alt alt alt alt alt alt alt alt

Aura Odoo Tech

Advanced Access Management for Odoo 19 | Licensed under

Odoo Proprietary License v1.0

This software and associated files (the "Software") may only be used (executed,
modified, executed after modifications) if you have purchased a valid license
from the authors, typically via Odoo Apps, or if you have received a written
agreement from the authors of the Software (see the COPYRIGHT file).

You may develop Odoo modules that use the Software as a library (typically
by depending on it, importing it and using its resources), but without copying
any source code or material from the Software. You may distribute those
modules under the license of your choice, provided that this license is
compatible with the terms of the Odoo Proprietary License (For example:
LGPL, MIT, or proprietary licenses similar to this one).

It is forbidden to publish, distribute, sublicense, or sell copies of the Software
or modified copies of the Software.

The above copyright notice and this permission notice must be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
DEALINGS IN THE SOFTWARE.

Please log in to comment on this module

  • The author can leave a single reply to each comment.
  • This section is meant to ask simple questions or leave a rating. Every report of a problem experienced while using the module should be addressed to the author directly (refer to the following point).
  • If you want to start a discussion with the author or have a question related to your purchase, please use the support page.