Security access control lists

Now, we can grant access to specific Models to the Group / To-do User. We can use the Access Rights tab of the Groups form for this. Add an item there, using these values:

• Name: To-do Item User Access
• Object: Select To-do Item from the list
• Read Access, Write Access, Create Access, and Delete Access: Checked

Model access can also be managed from the Technical | Security | Access Rights menu item.

We don't need to add access to the Partner Model because the Group is inheriting the Internal Users group, which already has access to it.

We can now try these new security settings, by adding our admin user to this new Group:

1. Select the Users & Companies | Users menu item, select the Mitchell Admin user from the list, and Edit the form:

1. In the Access Rights tab, in the Other section, we can see a To-do User checkbox to enable the security group for this user. Select it, and Save the form.

If everything was done correctly, you should be able to see the to-do top menu; use it to add to-do items. We should see only our own items and won't be able to access other users'.