Traditionally, access-control lists (ACLs – refer to Chapter 11, Access Security) are a type of data that is loaded through CSV files:
- Add security/ir.model.access.csv to your data files:
'data': [ ... 'security/ir.model.access.csv', ],
- Add an ACL for our books in this file (we already have a few records from the Adding access security recipe from Chapter 4,Creating Odoo Add-On Modules):
id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink
acl_library_book_user,ACL for books,model_library_book,base.group_user,1,0,0,0
We now have an ACL that permits normal users to read book records, but does not allow them to edit, create, or delete them.