devops_admin
/
odex25_standard
mirror of https://github.com/hydracp9/odex25_standard
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
odex25_standard/odex25_takaful/odex_takaful/security/security_data.xml

323 lines
16 KiB
XML
Raw Blame History

<odoo>
<data noupdate="0">
<record id="module_category_kufula" model="ir.module.category">
<field name="name">Kufula System</field>
<field name="description">Helps you manage Kafleen and Kafalat in kufula System</field>
<field name="sequence">3</field>
</record>
<!-- <record id="group_kufula_viewer" model="res.groups">
<field name="name">Viewer</field>
<field name="category_id" ref="module_category_kufula"/>
</record>
<record id="group_kufula_officer" model="res.groups">
<field name="name">Officer</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="implied_ids" eval="[(4, ref('group_kufula_viewer'))]"/>
<field name="users" eval="[(4, ref('base.group_user'))]"/>
</record>
<record id="group_kufula_manager" model="res.groups">
<field name="name">Administrator</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="implied_ids" eval="[(4, ref('group_kufula_officer'))]"/>
<field name="users" eval="[(4, ref('base.user_root'))]"/>
</record> -->
<record id="group_can_make_sponsorship_payment" model="res.groups">
<field name="name">Make Sponsorship Payments</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="comment">Can Make Payments For Sponsorships?</field>
</record>
<record id="group_can_recieve_sponsorship_payment" model="res.groups">
<field name="name">Recieve Sponsorship Payments</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="comment">Can Recieve Payments For Sponsorships?</field>
</record>
<record id="takaful_group_user_sponsor" model="res.groups">
<field name="name">Sponsor Account</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="comment">Is this user a Sponsor?</field>
</record>
<record id="group_can_activate_sponsor" model="res.groups">
<field name="name">Can Activate Inactive Sponsors</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="comment">Can make Sponsor active again?</field>
</record>
<record id="group_refund_approval" model="res.groups">
<field name="name">Refund Approval</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="comment">Can make Approval for refund?</field>
</record>
<record id="group_orphan_replacement" model="res.groups">
<field name="name">Orphan Replacement</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="comment">Orphan Replacement</field>
</record>
<record id="group_replace_sponsor" model="res.groups">
<field name="name">Replace Sponsor</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="comment">Can Replace Sponsor on Donation Lines</field>
</record>
<record id="group_show_donation_item_product" model="res.groups">
<field name="name">Show Donation Item Product</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="comment">Can Show Donation Item Product?</field>
</record>
<!-- <record id="group_donations_coordinator" model="res.groups">
<field name="name">Donations Coordinator</field>
<field name="category_id" ref="module_category_kufula"/>
</record>
<record id="group_sponsorship_coordinator" model="res.groups">
<field name="name">Sponsorship Coordinator</field>
<field name="category_id" ref="module_category_kufula"/>
</record> -->
<!-- <record id="group_branch_manager" model="res.groups">
<field name="name">Branch Manager</field>
<field name="category_id" ref="module_category_kufula"/>
</record> -->
<!-- <record id="group_sponsorship_system_manager" model="res.groups">
<field name="name">Sponsorship System Manager</field>
<field name="category_id" ref="module_category_kufula"/>
</record> -->
<!-- <record id="donations_coordinator_rule" model="ir.rule">
<field name="name">Donations Coordinator - Record Type Donation</field>
<field name="model_id" ref="model_takaful_sponsorship"/>
<field name="groups" eval="[(4, ref('group_donations_coordinator'))]"/>
<field name="domain_force">[('record_type', '=', 'donation')]</field>
<field name="perm_read" eval="1"/>
<field name="perm_write" eval="1"/>
<field name="perm_create" eval="1"/>
<field name="perm_unlink" eval="1"/>
</record> -->
<!-- <record id="sponsorship_coordinator_rule" model="ir.rule">
<field name="name">Sponsorship Coordinator - Record Type Sponsorship</field>
<field name="model_id" ref="model_takaful_sponsorship"/>
<field name="groups" eval="[(4, ref('group_sponsorship_coordinator'))]"/>
<field name="domain_force">[('record_type', '=', 'sponsorship')]</field>
<field name="perm_read" eval="1"/>
<field name="perm_write" eval="1"/>
<field name="perm_create" eval="1"/>
<field name="perm_unlink" eval="1"/>
</record> -->
<!-- <record id="branch_manager_rule" model="ir.rule">
<field name="name">Branch Manager - Can Only See Their Branch</field>
<field name="model_id" ref="model_takaful_sponsorship"/>
<field name="groups" eval="[(4, ref('group_branch_manager'))]"/>
<field name="domain_force">[('manager_id.user_id', '=', user.id)]</field>
<field name="perm_read" eval="1"/>
<field name="perm_write" eval="1"/>
<field name="perm_create" eval="1"/>
<field name="perm_unlink" eval="1"/>
</record> -->
<!-- <record id="sponsorship_system_manager_rule" model="ir.rule">
<field name="name">Sponsorship System Manager</field>
<field name="model_id" ref="model_takaful_sponsorship"/>
<field name="groups" eval="[(4, ref('group_sponsorship_system_manager'))]"/>
<field name="domain_force">[(1,'=',1)]</field>
</record> -->
<record id="group_kufula_user" model="res.groups">
<field name="name">Kufula User</field>
<field name="category_id" ref="module_category_kufula"/>
</record>
<record id="group_print_receipt" model="res.groups">
<field name="name">Sponsorship Receipt</field>
<field name="category_id" ref="module_category_kufula"/>
</record>
<record id="donation_officer_group" model="res.groups">
<field name="name">Donations Officer</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="implied_ids" eval="[(4, ref('group_kufula_user'))]"/>
</record>
<record id="donation_officer_restrictions" model="ir.rule">
<field name="name">Donations Officer can only see his donations or his branch sponsors</field>
<field name="model_id" ref="model_takaful_sponsorship"/>
<field name="groups" eval="[(4, ref('donation_officer_group'))]"/>
<field name="domain_force">[
('record_type', 'in', [False, 'donation']),
('create_uid', '=', user.id)
]
</field>
<field name="perm_read" eval="1"/>
<field name="perm_write" eval="1"/>
<field name="perm_create" eval="1"/>
<field name="perm_unlink" eval="1"/>
</record>
<record id="sponsorship_officer_group" model="res.groups">
<field name="name">Sponsorships Officer</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="implied_ids" eval="[(4, ref('group_kufula_user'))]"/>
</record>
<record id="sponsorship_officer_restrictions" model="ir.rule">
<field name="name">Sponsorships Officer can only see his sponsorships or his branch sponsors</field>
<field name="model_id" ref="model_takaful_sponsorship"/>
<field name="groups" eval="[(4, ref('sponsorship_officer_group'))]"/>
<field name="domain_force">[
('record_type', 'in', [False, 'sponsorship']),
('create_uid', '=', user.id)
]
</field>
<field name="perm_read" eval="1"/>
<field name="perm_write" eval="1"/>
<field name="perm_create" eval="1"/>
<field name="perm_unlink" eval="1"/>
</record>
<record id="branch_manager_group" model="res.groups">
<field name="name">Branch Manager</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="implied_ids" eval="[(4, ref('group_kufula_user'))]"/>
</record>
<record id="branch_manager_restrictions" model="ir.rule">
<field name="name">Branch Manager can only see all his branch sponsorships and donations</field>
<field name="model_id" ref="model_takaful_sponsorship"/>
<field name="groups" eval="[(4, ref('branch_manager_group'))]"/>
<field name="domain_force">[('branch_custom_id.branch.manager_id.user_id', 'in', [user.id, False])]</field>
<field name="perm_read" eval="1"/>
<field name="perm_write" eval="1"/>
<field name="perm_create" eval="1"/>
<field name="perm_unlink" eval="1"/>
</record>
<record id="sponsorship_system_manager_group" model="res.groups">
<field name="name">Sponsorship System Manager</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="implied_ids" eval="[(4, ref('group_kufula_user'))]"/>
</record>
<record id="sponsorship_restrict_orphan_group" model="res.groups">
<field name="name">Sponsorship General Restriction</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="implied_ids" eval="[(4, ref('group_kufula_user'))]"/>
</record>
<record id="responsible_user_sponsorship_access" model="ir.rule">
<field name="name">Responsible Users can access related Sponsorships</field>
<field name="model_id" ref="model_takaful_sponsorship"/>
<field name="groups" eval="[(4, ref('group_kufula_user'))]"/>
<field name="domain_force">[('branch_custom_id.branch', 'child_of', user.employee_id.department_id.id)]</field>
<field name="perm_read" eval="1"/>
<field name="perm_write" eval="1"/>
<field name="perm_create" eval="1"/>
<field name="perm_unlink" eval="1"/>
</record>
<record id="kufula_user_donations_details_lines_access" model="ir.rule">
<field name="name">Users can access related Donations Details Lines</field>
<field name="model_id" ref="model_donations_details_lines"/>
<field name="groups" eval="[(4, ref('group_kufula_user'))]"/>
<field name="domain_force">[('branch_group_id.branch', 'child_of', user.employee_id.department_id.id)]</field>
<field name="perm_read" eval="1"/>
<field name="perm_write" eval="1"/>
<field name="perm_create" eval="1"/>
<field name="perm_unlink" eval="1"/>
</record>
<record id="sponsorship_system_manager_restrictions" model="ir.rule">
<field name="name">Sponsorship System Manager can see everything and settings</field>
<field name="model_id" ref="model_takaful_sponsorship"/>
<field name="groups" eval="[(4, ref('sponsorship_system_manager_group'))]"/>
<field name="domain_force">[(1, '=', 1)]</field>
<field name="perm_read" eval="1"/>
<field name="perm_write" eval="1"/>
<field name="perm_create" eval="1"/>
<field name="perm_unlink" eval="1"/>
</record>
<!-- Groups for Department-based Access Control -->
<!-- <record id="group_beneficiary_department_access" model="res.groups">
<field name="name">Beneficiary - Department Access</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="implied_ids" eval="[(4, ref('group_kufula_user'))]"/>
<field name="comment">Limits beneficiary records to user's department</field>
</record> -->
<record id="group_sponsor_department_access" model="res.groups">
<field name="name">Sponsor - Department Access</field>
<field name="category_id" ref="module_category_kufula"/>
<field name="comment">Limits sponsor records to user's department</field>
</record>
<!-- Record Rules for Department-based Access Control -->
<!-- <record id="grant_benefit_department_rule" model="ir.rule">
<field name="name">Grant Benefit - Department Based Access</field>
<field name="model_id" ref="odex_benefit.model_grant_benefit"/>
<field name="groups" eval="[(4, ref('group_beneficiary_department_access'))]"/>
<field name="domain_force">[('branch_custom_id.branch', '=', user.employee_id.department_id.id)]</field>
<field name="perm_read" eval="1"/>
<field name="perm_write" eval="1"/>
<field name="perm_create" eval="1"/>
<field name="perm_unlink" eval="1"/>
</record>
<record id="family_member_department_rule" model="ir.rule">
<field name="name">Family Member - Department Based Access</field>
<field name="model_id" ref="odex_benefit.model_family_member"/>
<field name="groups" eval="[(4, ref('group_beneficiary_department_access'))]"/>
<field name="domain_force">[('benefit_id.branch_custom_id.branch', '=', user.employee_id.department_id.id)]</field>
<field name="perm_read" eval="1"/>
<field name="perm_write" eval="1"/>
<field name="perm_create" eval="1"/>
<field name="perm_unlink" eval="1"/>
</record> -->
<record id="sponsor_department_rule" model="ir.rule">
<field name="name">Sponsor - Department Based Access</field>
<field name="model_id" ref="odex_takaful.model_takaful_sponsor"/>
<field name="groups" eval="[(4, ref('group_sponsor_department_access'))]"/>
<field name="domain_force">[('branch_custom_id.branch', 'child_of', user.employee_id.department_id.id)]
</field>
<field name="perm_read" eval="1"/>
<field name="perm_write" eval="1"/>
<field name="perm_create" eval="1"/>
<field name="perm_unlink" eval="1"/>
</record>
<record id="sponsorship_marketer_restrictions" model="ir.rule">
<!-- <field name="name">Sponsorship Marketer can see and select all employees</field>-->
<field name="name">Sponsorship Marketer can see his employees</field>
<field name="model_id" ref="hr.model_hr_employee"/>
<field name="groups" eval="[(4, ref('donation_officer_group'))]"/>
<!-- <field name="domain_force">[(1, '=', 1)]</field>-->
<field name="domain_force">['|', '|', ('user_id','=',user.id), ('department_id.manager_id.user_id','=',
user.id), ('parent_id.user_id','=', user.id)]
</field>
<field name="perm_read" eval="1"/>
<field name="perm_write" eval="1"/>
<field name="perm_create" eval="0"/>
<field name="perm_unlink" eval="0"/>
</record>
<record id="group_update_sensible_fields" model="res.groups">
<field name="name">Updating Months Count &amp; Start Date</field>
<field name="category_id" ref="module_category_kufula"/>
</record>
</data>
</odoo>
Reference in New Issue View Git Blame Copy Permalink