I am showing certain notebook/page according to user groups in Odoo11 form.
As per my architecture i am unable to use access record rule as per groups for all employee but as an alternative i made all fields invisible employee form(except employee name) for other employee and user can see full information for his/her record only. But now i can see security issue with inspect element(developer tool) where users able to see other employee information by removing class(.o_invisible_modifier) from developer tool. So, how i can secure my system by removing this issue?
Note: I am already block keyboard short-cuts and events for inspect element by J query.
Please suggest me best solution.
Thanks in advance.
For same reason Employee model is changed starting form Odoo 13. Now its split between 2 models. Where personal info is present on one model and public info is on the other model.
But you can maybe do extra manual check. When you overwrite write
and i think it was read
.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.