Initial commit: OCA Report packages (45 packages)

odoo-bringout-oca-mis-builder-mis_builder/doc/SECURITY.md

@@ -0,0 +1,45 @@
+# Security
+
+Access control and security definitions in mis_builder.
+
+## Access Control Lists (ACLs)
+
+Model access permissions defined in:
+- **[ir.model.access.csv](../mis_builder/security/ir.model.access.csv)**
+  - 23 model access rules
+
+## Record Rules
+
+Row-level security rules defined in:
+
+## Security Groups & Configuration
+
+Security groups and permissions defined in:
+- **[mis_builder_security.xml](../mis_builder/security/mis_builder_security.xml)**
+- **[res_groups.xml](../mis_builder/security/res_groups.xml)**
+  - 2 security groups defined
+
+```mermaid
+graph TB
+    subgraph "Security Layers"
+        A[Users] --> B[Groups]
+        B --> C[Access Control Lists]
+        C --> D[Models]
+        B --> E[Record Rules]
+        E --> F[Individual Records]
+    end
+```
+
+Security files overview:
+- **[ir.model.access.csv](../mis_builder/security/ir.model.access.csv)**
+  - Model access permissions (CRUD rights)
+- **[mis_builder_security.xml](../mis_builder/security/mis_builder_security.xml)**
+  - Security groups, categories, and XML-based rules
+- **[res_groups.xml](../mis_builder/security/res_groups.xml)**
+  - Security groups, categories, and XML-based rules
+
+Notes
+- Access Control Lists define which groups can access which models
+- Record Rules provide row-level security (filter records by user/group)
+- Security groups organize users and define permission sets
+- All security is enforced at the ORM level by Odoo