This question has been flagged
14 Replies
21956 Views

I can't create any new users after I login with the admin user that I have created. The user has the same rights as the admin ID but can't create users. I can create new users in the new user signup screen and some of the share embedded modules. I am using a multicompany setup environment.

Avatar
Discard

This is a hard question to answer without more information. Can you edit your question and specify the version of OpenERP you are having the problem with? Also, it would be more helpful to expand on what you mean by "I can't create any new users". Tell us what you are trying; where you are trying it from; and what is happening - ie: an error? something else?

Author

I have duplicated the admin user ID and rights and i can't create a new user. OpenERP version is 7.

I have this same problem in v7 and windows 7 ultimate

Author

With the latest build of openerp the error message reads "Access Denied

The requested operation cannot be completed due to security restrictions. Please contact your system administrator.

(Document type: Note Stage, Operation: read)" when you try to save the new user.

This is a known bug: https://bugs.launchpad.net/openobject-server/+bug/1021378 . The status says "Fix Released" but it's not clear to me if that means it's now included in the latest release

Apologies, after applying the patch for the bug I mentioned I get the same error as you. I opened a new bug for this: https://bugs.launchpad.net/openobject-server/+bug/1156215

These bugs are still not fixed. After creating a new user and assigning them to the Access Rights group, the following error occurs when that new user tries to add a user:

Access Denied

The requested operation cannot be completed due to security restrictions. Please contact your system administrator.

(Document type: Note Stage, Operation: read)

The same error occurs when Note Stage read access is enabled in the Groups / Administration / Access Rights settings. A comment with Needs Fixing was added to: Merge lp:~openerp-dev/openobject-server/trunk-bug-1021378-aja into lp:openobjec

Best Answer

Check that user has these groups:

  • Administration / Configuration.
  • Human Resources / Employee.
  • Contact creation.

Also, check it has not these:

  • Anonymous.
  • Portal.

Those two groups limit the privileges of an user. This is by design.

Avatar
Discard

This fixed the problem for me. All of my users had "Portal" checked. Unchecking Portal immediately allowed access.

Best Answer

I have found temporary solution. You can go to settings/security/record rules/Note Stage. Then in a group section, add any group. And then insert every non admin user (to keep rule for other users) to that group. Doing that will let you create users with another user that has admin rights.

Avatar
Discard
Best Answer

In settings -> users -> groups, I have added res.partner to the contact creation group with read, write, create and delete rights. This solved the problem for me.

Avatar
Discard
Best Answer

These bugs are still not fixed. After creating a new user and assigning them to the Access Rights group, the following error occurs when that new user tries to add a user:

Access Denied

The requested operation cannot be completed due to security restrictions. Please contact your system administrator.

(Document type: Note Stage, Operation: read)

The same error occurs when Note Stage read access is enabled in the Groups / Administration / Access Rights settings. A comment with Needs Fixing was added to: Merge lp:~openerp-dev/openobject-server/trunk-bug-1021378-aja into lp:openobjec

Avatar
Discard
Best Answer

I updated to OpenERP 7.0-20130521-231037 (Windows 7) and I also get the same error:

Access Denied The requested operation cannot be completed due to security restrictions. Please contact your system administrator. (Document type: Note Stage, Operation: read)

Is there still no solutions how to create new users without using the predefined "admin" account?

Avatar
Discard
Best Answer

For the error.

(Document type: Note Stage, Operation: read)

in Settings->Security->Record Rules

Search for Note Stage

there is this global rule

['|',('user_id','=',False),('user_id','=',user.id)]

Which says that users only have permissions over their own Note Stages, global rules cannot be bypassed, so you need to edit it to give permissions to other users to create,read,unlik,delete Note Stages of other users, one simple way is to add the user id or login to the domain.

['|','|',('user_id','=',False),('user_id','=',user.id),('user_id.login','=','youruserlogin')]

This bug is fixed in the last 7.0 version, in which case you do not need this workaround.

Avatar
Discard