Skip to main content
The Stock Request framework provides a role-based security model to control access to stock request operations. This guide explains how to configure user permissions and understand the different security groups.

Security Groups

The framework defines three main security groups that control access to stock requests:

Stock Request User

Basic user role for creating and managing their own stock requests

Stock Request Manager

Manager role with full access to all stock requests across the organization

Stock Request User

Users assigned to the Stock Request User group (stock_request.group_stock_request_user) have the following permissions:
  • Create stock requests and stock request orders
  • Read their own stock requests and requests they follow
  • Edit their own stock requests
  • Delete their own draft stock requests
  • Follow other users’ requests (read-only access)
The Stock Request User group is automatically implied by the base User group (base.group_user), making it easy to grant basic stock request access.

Access Rules

Stock Request Users are subject to the following record rules: 
<!-- Users can fully manage their own requests -->
Domain: [('requested_by', '=', user.id)]
Permissions: Read, Write, Create, Delete

<!-- Users can read requests they follow -->
Domain: ['|', ('requested_by', '=', user.id), 
         ('message_partner_ids', 'in', [user.partner_id.id])]
Permissions: Read only

Stock Request Manager

Users assigned to the Stock Request Manager group (stock_request.group_stock_request_manager) have unrestricted access:
  • Full access to all stock requests and orders
  • Read, Write, Create, Delete permissions on all records
  • No domain restrictions - can manage any user’s requests
  • Automatically includes Stock Request User permissions
  • Automatically includes Stock User permissions (stock.group_stock_user)
By default, the administrator and root users are assigned to the Stock Request Manager group.

Assigning User Permissions

1

Navigate to Users

Go to Settings > Users & Companies > Users in the Odoo menu.
2

Select the User

Choose the user you want to configure permissions for.
3

Edit Access Rights

Click the Edit button and scroll to the Access Rights tab.
4

Configure Stock Request Permissions

Under the Inventory section, find the Stock Request category and select the appropriate permission level:
  • Stock Request User: For regular users who need to create their own requests
  • Stock Request Manager: For supervisors who need to manage all requests
5

Save Changes

Click Save to apply the permission changes.

Multi-Company Security

The Stock Request framework includes multi-company security rules that automatically filter records based on the user’s company context: 
<!-- Stock Request multi-company rule -->
Domain: ['|', ('company_id', '=', False), 
         ('company_id', 'in', company_ids)]
Users can only access stock requests for companies they are assigned to. Requests without a company (company_id = False) are visible to all users.

Configuring Multi-Company Access

1

Access User Settings

Navigate to Settings > Users & Companies > Users and select the user.
2

Assign Companies

In the user form, go to the Multi Companies field and select all companies the user should have access to.
3

Set Default Company

Choose the Default Company that will be used when the user logs in.

Location-Based Permissions

Users with the Multi-Locations group (stock.group_stock_multi_locations) can:
  • Select different warehouses and locations for stock requests
  • View warehouse and location fields in request forms
  • Access route configuration options
Users without the Multi-Locations group will have limited visibility of warehouse and location fields in the stock request interface.

Advanced Permissions

Procurement Group Access

Users with the Advanced Location group (stock.group_adv_location) can:
  • Assign procurement groups to stock requests
  • Configure advanced routing and procurement rules
  • Manage complex warehouse workflows

Stock Request Order Group

The Stock Request Order group (stock_request.group_stock_request_order) controls visibility of:
  • Stock Request Order functionality
  • Order management features
  • Bulk request operations
This is a hidden group that can be enabled via configuration settings. Navigate to Inventory > Configuration > Settings and enable Enable Orders under the Stock Request section.

Permission Testing

To verify that permissions are configured correctly:
1

Test User Access

Log in as the user whose permissions you configured.
2

Verify Stock Request Menu

Check that the Inventory > Operations > Stock Requests menu is visible.
3

Test Request Creation

Try creating a new stock request to verify write permissions.
4

Check Other Users' Requests

Attempt to view stock requests created by other users:
  • Users: Should only see their own requests
  • Managers: Should see all requests
5

Test Cross-Company Access

Switch companies (if configured) and verify that only appropriate requests are visible.

Common Permission Scenarios

Scenario 1: Department Users

Requirement: Department employees need to create stock requests for their own needs. Configuration: Assign Stock Request User group only. Result: Users can create and manage their own requests but cannot see other users’ requests.

Scenario 2: Department Managers

Requirement: Managers need to review and approve all department requests. Configuration: Assign Stock Request Manager group. Result: Managers have full visibility and can edit any stock request in the system.

Scenario 3: Warehouse Staff

Requirement: Warehouse staff need to process requests but not create them. Configuration: Assign Stock User group without Stock Request User group. Result: Staff can process transfers and pickings but cannot create new stock requests.

Scenario 4: Read-Only Auditors

Requirement: Auditors need read-only access to all stock requests. Configuration: Create a custom security group with read-only permissions or add auditors as followers on requests. Result: Auditors can view requests but cannot modify them.

Troubleshooting Permission Issues

Solution: Ensure the user has at least the Stock Request User group assigned. Check that the user has the base User group (base.group_user).
Solution: Verify the user does NOT have the Stock Request Manager group. Check if the user is a follower on those requests.
Solution: Check multi-company settings. Verify the warehouse belongs to a company the user has access to. Ensure the user has the Multi-Locations group if required.
Solution: Confirming requests may trigger procurement operations. Ensure the user has appropriate Stock User permissions for creating moves and pickings.

Best Practices

Follow the principle of least privilege: Start with minimal permissions (Stock Request User) and only grant manager access when absolutely necessary.
  • Regularly audit user permissions to ensure they align with current responsibilities
  • Use the follower mechanism to grant read-only access to specific requests
  • Configure multi-company access carefully to prevent cross-company data leakage
  • Document your organization’s permission structure for future reference
  • Test permissions in a development environment before applying to production
  • Consider creating custom groups for specialized roles if needed

Build docs developers (and LLMs) love

Get started for freeTalk to us