A build-to-order Odoo security layer that gives multi-company users different access rights, menus, and record visibility per company they operate in. ECOSIRE scopes, builds, installs, and supports it for your exact org structure. Built to order by ECOSIRE for Odoo 17, 18, 19 — indicative price from $299.00 USD; request a quote for a scoped proposal.

A build-to-order Odoo security layer that gives multi-company users different access rights, menus, and record visibility per company they operate in. ECOSIRE scopes, builds, installs, and supports it for your exact org structure.
Şimdi ödeme yok. Bu, ekibimize bir teklif talebi gönderir — fiyat ve sonraki adımlarla e-posta ile dönüş yapacağız.
Once a single Odoo database serves several legal entities, the native multi-company model shows its limits. Odoo lets a user belong to multiple companies and switch between them, but a user's security groups (groups_id) are global — a person who is Accounting Manager in the parent company carries that same manager profile into every subsidiary the moment they toggle the company selector. Record rules (ir.rule) filter which records are visible, but they do not cleanly grant a user Sales-Manager rights in Company A while pinning them to a read-only role in Company B. Finance and compliance leads discover this during audits: a shared controller can post journal entries in an entity they were only meant to review, and there is no per-company access boundary to show an auditor.
Per-company access mapping model linking user, `res.company`, and a security profile, so effective rights change with the active company
Company-aware `ir.rule` record rules whose domains reference `self.env.company` and the user-company profile mapping
Purpose-built security groups plus `ir.model.access.csv` entries for precise model-level create/read/write/unlink control per profile
Group-conditional menu and action visibility via `<menuitem groups="...">` so users never see models they are not entitled to in the current company
ORM-level enforcement (`create`/`write`/`read` overrides honoring `self.env.companies`) so the boundary holds for UI, XML-RPC, and JSON-RPC alike
Compute fields with `@api.depends` deriving the user's effective profile for the active company context
Multi-Company Access Rights closes that gap. We build a custom module that introduces a per-company access mapping — a model (models.Model) linking a user, a company, and a chosen security profile — and enforces it so that a user's effective permissions change with the active company context. Technically this is delivered through purpose-built security groups, ir.model.access.csv entries for model-level CRUD, and company-aware ir.rule record rules whose domains reference the active company and the user-company profile mapping. Where menus and actions must differ per entity, we drive visibility with group-conditional <menuitem groups="..."> and action bindings, so a user simply does not see the models, buttons, or reports they are not entitled to in the company they are currently in.
Under the hood we lean on Odoo's own primitives rather than fighting them. Compute fields with @api.depends derive the user's effective profile for the active company; overrides on the relevant models respect self.env.company and self.env.companies so that reads, writes, and create() all honor the per-company rule set. We add automated actions or server actions where a change of company must trigger a reassignment, and every enforcement path is covered by Python unit tests so the boundary holds after future upgrades. The same rules are honored by the XML-RPC/JSON-RPC API, because record rules apply at the ORM layer — an integration or a portal request cannot slip past the per-company profile the way a bolt-on UI check could. The design accounts for Community vs Enterprise differences (Enterprise-only apps such as full Accounting or Studio-generated models are wired in only when your edition includes them) and is delivered for Odoo 17.0, 18.0, or 19.0.
Because this is build-to-order, nothing ships until we have mapped your actual company tree and role matrix. Delivery starts with a short scoping call, followed by a written scope and fixed quote, development on a branch, UAT on a staging database with your real company structure, and a supervised go-live with a rollback plan. Typical delivery is 2–4 weeks from confirmed scope, depending on the number of companies and the depth of role differences. Pricing starts from $299 (indicative, single-company base scope); the number of companies, the number of distinct per-company role profiles, cross-company sharing exceptions, and any Enterprise-app coverage increase the quoted scope. You receive the installable source, the git repository, and a documented rule map so your team — or ours — can maintain it.
Runs consolidated accounting across several legal entities in one Odoo database and needs shared staff to hold different rights per entity — manager in one company, reviewer in another — with a clean boundary an auditor can inspect.
Maintains a multi-company database and is tired of global groups leaking rights across companies. Wants per-company profiles enforced at the ORM so UI, API, and portal access all obey the same rules, plus tests that survive upgrades.
Needs demonstrable segregation of duties between entities: proof that a shared user cannot post, approve, or edit records in a company they are only meant to review, exportable as an access matrix.
Oversees several trading companies sharing one system and wants each brand's team to see only their menus, products, and reports when working in that company, without maintaining separate databases.
Lisansı ecosire.com adresinden satın alın ve hesap kontrol panelinizden Multi-Company Access Rights modülünün ZIP dosyasını indirin.
ZIP'i sunucudaki Odoo özel eklentiler klasörünüze çıkarın (veya Uygulamalar > Odoo.sh / runbot'taki dosyadan yükle yoluyla yükleyin).
Geliştirici Modunu etkinleştirin, Uygulamalar'ı açın, Uygulama Listesini Güncelle'ye tıklayın, Multi-Company Access Rights'i arayın ve Yükle'ye basın.
Yeni menüyü açın, ECOSIRE lisans anahtarınızı yapıştırın, tüm harici kimlik bilgilerini (Shopify, Amazon, Stripe vb.) bağlayın ve kaydedin.
Yerleşik bağlantı testini çalıştırın, ilk 10 kaydınızı senkronize edin ve yinelenen cronu planlayın. Herhangi bir sorun olursa desteğe başvurun.
| Kriter | ECOSIRE | Özel Yapı | Rakip | Odoo Yerlisi |
|---|---|---|---|---|
| Per-company rights for one shared user | Core capability — profile mapped per user per company | Achievable but you design the model yourself | Usually one global role, limited per-company nuance | |
| Enforcement layer | ORM-level `ir.rule` + access CSV, honored by UI and API | Depends on how you build it | Often UI-focused, may leak via API | |
| Menu & action isolation per company | Group-conditional menus/actions tailored to your entities | Possible with in-house effort | Partial, generic toggles | |
| Fit to your org structure | Built from your actual company tree and role matrix | Fully bespoke but you own the whole build | Generic; you bend your setup to fit it | |
| Audit / segregation of duties evidence | Exportable access matrix and documented rule map | Only if you build reporting for it | Rarely provided | |
| Upgrade safety across 17/18/19 | Unit-tested enforcement; migration quoted per release | You maintain and re-test each upgrade | Depends on vendor's update cadence | |
| Support & accountability | Post-go-live support window, single vendor | Internal team owns all fixes | Vendor support varies, no scope ownership | |
| Time to running solution | 2–4 weeks from confirmed scope, fixed quote | Longer — full design, build, and test cycle | Fast to install but may not fit |
No. This is a build-to-order module that ECOSIRE designs, builds, installs, and supports for your specific company structure. We start from your actual org chart and role matrix rather than shipping a generic package, so there is no instant download — you request a quotation and we build your version.
Typical delivery is 2–4 weeks from confirmed scope. The exact timeline depends on how many companies are involved and how different the per-company roles need to be. After the scoping call we give you a written scope and a target date before any development begins.
Pricing starts from $299 (indicative, single-company base scope). We hold a short scoping call, then send a fixed quote. Cost is driven by the number of companies, the number of distinct per-company role profiles, cross-company sharing exceptions, and any Enterprise-app coverage. You approve the fixed quote before work starts — no open-ended billing.
Every build includes a post-go-live support window for defect fixes and adjustments. Because enforcement lives at the ORM layer and is covered by unit tests, the module is designed to survive version upgrades; when you move to a newer Odoo release (17.0 → 18.0 → 19.0) we can quote a migration and re-validation pass.
Odoo's native multi-company lets a user belong to several companies but applies one global set of security groups everywhere. Our module maps a security profile per user per company, enforced through company-aware record rules and access controls, so the same person can hold different rights in each company they operate in.
Yes. Because the per-company profile is enforced with `ir.rule` record rules and access controls at the ORM level, the same boundaries apply to XML-RPC and JSON-RPC calls and to portal requests — an integration cannot bypass the per-company rules the way a UI-only check could.
Yes. Beyond model-level access, we can scope field-level restrictions (for example cost, margin, or salary fields) so they are hidden or read-only for a given profile in a given company, while remaining editable for authorized roles elsewhere.

A build-to-order 2Checkout (Verifone) payment integration for ERPNext, giving global digital-goods sellers card acceptance, 45+ local payment methods, multi-currency checkout, and reconciled invoices. ECOSIRE scopes, builds, installs, and supports it on your ERPNext v15/v16 instance.

A build-to-order 2Checkout / Verifone payment gateway for Magento 2 and Adobe Commerce: localized checkout in 12 languages, iDEAL, Giropay and regional methods, multi-currency global selling, subscription billing and tax/invoicing automation — engineered, installed and supported by ECOSIRE.

A build-to-order ERPNext application for anonymous 360-degree reviews — configurable peer, manager, report and self rater groups, weighted competency scoring, and aggregated gap-analysis and heatmap reports. ECOSIRE scopes, builds, installs and supports it on your Frappe/ERPNext v15/v16 instance.
A build-to-order Odoo security layer that gives multi-company users different access rights, menus, and record visibility per company they operate in. ECOSIRE scopes, builds, installs, and supports it for your exact org structure.