Add oca-purchase submodule with 96 purchase modules moved from oca-workflow-process

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

odoo-bringout-oca-purchase-workflow-purchase_request/doc/SECURITY.md

@@ -0,0 +1,42 @@
+# Security
+
+Access control and security definitions in purchase_request.
+
+## Access Control Lists (ACLs)
+
+Model access permissions defined in:
+- **[ir.model.access.csv](../purchase_request/security/ir.model.access.csv)**
+  - 17 model access rules
+
+## Record Rules
+
+Row-level security rules defined in:
+
+## Security Groups & Configuration
+
+Security groups and permissions defined in:
+- **[purchase_request.xml](../purchase_request/security/purchase_request.xml)**
+  - 2 security groups defined
+
+```mermaid
+graph TB
+    subgraph "Security Layers"
+        A[Users] --> B[Groups]
+        B --> C[Access Control Lists]
+        C --> D[Models]
+        B --> E[Record Rules]
+        E --> F[Individual Records]
+    end
+```
+
+Security files overview:
+- **[ir.model.access.csv](../purchase_request/security/ir.model.access.csv)**
+  - Model access permissions (CRUD rights)
+- **[purchase_request.xml](../purchase_request/security/purchase_request.xml)**
+  - Security groups, categories, and XML-based rules
+
+Notes
+- Access Control Lists define which groups can access which models
+- Record Rules provide row-level security (filter records by user/group)
+- Security groups organize users and define permission sets
+- All security is enforced at the ORM level by Odoo