In some cases, we need a field to be available or not depending on particular conditions, such as the values in a particular field, like stage_id or state. This is usually handled at the view level using attributes such as states or attrs, to dynamically display or hide the field according to certain conditions. You may refer to Chapter 10, Backend Views, for a detailed description.

Note that these techniques work at the user interface level only and don't provide actual access security. For that, you should add checks in the business logic layer. Either add model methods decorated with @constrains, implementing the specific validations intended, or extend the create, write, or unlink methods to add validation logic. You can get more insight on how to do this in Chapter 6, Basic Server-Side Business Logic.