Role and responsibility model of the OpenERP is great and powerful features, It becoming mature day by day.
In the version 5.0 they come up with the idea to define the predefined groups, roles and responsibilities.
In the version 6.0 they did lots of improvements like replace the roles with the groups, so it was a very very easy to working with only one system rather then working with the groups and roles separately. In the version 6.1 they plan to improve a lot in terms of the usability and simplicity.
Application wise role assignments
Now it seems easy and clear system to manage groups + roles just in a single click. It display the list of applications which are installed on the server and allows you to select only one group / role for the user. So it is more clear system then all the previous versions of the OpenERP, If user is salesman then he/she can not be a sales manager, but if user is a sales manager, he/she can have all rights to work as a sales manager, which are manage through the group definitions.
Improvements in Access Controls
It is one more great improvement from security point of view, now it is possible apply record rules and access controls together. You can define the access control on the record rules. Previously we just define the access controls based on the object only, and that will reflect to the user through groups, This feature of the OpenERP will be continue in 6.1 and add new feature as described above.
Please go through development branch of the OpenERP:
- https://launchpad.net/openobject-addons : business application modules
- https://launchpad.net/openobject-server : the framework
- https://launchpad.net/openerp-web : web modules and frontend
- https://launchpad.net/openobject-client: native interface for OpenERP (aka GTK client)