<record model="ir.model.access" id="access_mymodule">
<field name="model" search="[('model', '=', 'mymodule')]"/>
<field name="perm_read" eval="True"/>
<field name="perm_write" eval="False"/>
<field name="perm_create" eval="True"/>
<field name="perm_delete" eval="False"/>
</record>
<record model="ir.rule.group" id="rule_group_creator_mymodule">
<field name="model" search="[('model', '=', 'mymodule')]"/>
<field name="global_p" eval="False"/>
<field name="default_p" eval="False"/>
<field name="perm_write" eval="True"/>
<field name="perm_delete" eval="True"/>
</record>
<record model="ir.rule" id="rule_creator_mymodule">
<field name="domain"
eval="[('create_uid', '=', Eval('user', {}).get('id', -1))]"
pyson="1"/>
<field name="rule_group" ref="rule_group_creator_mymodule"/>
</record>
As it is neither global nor default, are you sure you have added the
rule to a user when testing?
You have to create a global rule with perm_read for all (empty domain).
<record model="ir.rule.group" id="rule_group_mymodel">
<field name="model" search="[('model', '=', 'mymodel')]"/>
<field name="global_p" eval="False"/>
<field name="default_p" eval="True"/>
<field name="perm_read" eval="True"/>
<field name="perm_create" eval="True"/>
</record>
<record model="ir.rule" id="rule_group_mymodel_line1">
<field name="domain" eval="[]" pyson="1"/>
<field name="rule_group" ref="rule_group_mymodel"/>
</record>
<record model="ir.rule.group" id="rule_group_creator_mymodel">
<field name="model" search="[('model', '=', 'mymodel')]"/>
<field name="global_p" eval="False"/>
<field name="default_p" eval="True"/>
<field name="perm_write" eval="True"/>
<field name="perm_delete" eval="True"/>
</record>
<record model="ir.rule" id="rule_creator_mymodel">
<field name="domain"
eval="[('create_uid', '=', Eval('user', {}).get('id', -1))]"
pyson="1"/>
<field name="rule_group" ref="rule_group_creator_mymodel"/>
</record>
Otherwise you could try to prevent to have such error message by making
readonly (with states) record fields for which the user has no access write.
It is a little bit more work but the experience for the user will be
better
_STATES = {
'readonly': ((Eval('state') != 'draft') | (Eval('_user') != Eval('create_uid'))),
}