diff --git a/security/security.xml b/security/security.xml
index d5de381d6904e129367ea8c59e43a516d6feb089..dabf0ad374735e2dc0e81e7aed26f9dedf936380 100644
--- a/security/security.xml
+++ b/security/security.xml
@@ -37,8 +37,11 @@
             <field name="model_id" ref="acc_operation.model_acc_contract" />
             <field
                 name="domain_force"
-            >[('seller_id','in',[user.partner_id.parent_id.id, user.partner_id.id])]</field>
+            >[('seller_id','in',[user.partner_id.parent_id.id or -1, user.partner_id.id])]</field>
             <field name="groups" eval="[(4, ref('base.group_portal'))]" />
+            <field name="perm_write" eval="False"/>
+            <field name="perm_create" eval="False"/>
+            <field name="perm_unlink" eval="False"/>
         </record>
 
         <record id="acc_contract_rule_portal_cont2" model="ir.rule">
@@ -46,18 +49,25 @@
             <field name="model_id" ref="acc_operation.model_acc_contract" />
             <field
                 name="domain_force"
-            >[('buyer_id','in',[user.partner_id.parent_id.id, user.partner_id.id])]</field>
+            >[('buyer_id','in',[user.partner_id.parent_id.id or -1, user.partner_id.id])]</field>
             <field name="groups" eval="[(4, ref('base.group_portal'))]" />
+            <field name="perm_write" eval="False"/>
+            <field name="perm_create" eval="False"/>
+            <field name="perm_unlink" eval="False"/>
+        </record>
+
+        <record id="acc_contract_rule_portal_all" model="ir.rule">
+            <field name="name">Portail : Contrats pour tous</field>
+            <field name="model_id" ref="acc_operation.model_acc_contract" />
+            <field
+                name="domain_force"
+            >[('type', '=', 'all'), ('acc_operation_id', 'in', [user.partner_id.parent_id.injection_counter_ids.acc_operation_id.id, user.partner_id.injection_counter_ids.acc_operation_id.id])]</field>
+            <field name="groups" eval="[(4, ref('base.group_portal'))]" />
+            <field name="perm_write" eval="False"/>
+            <field name="perm_create" eval="False"/>
+            <field name="perm_unlink" eval="False"/>
         </record>
 
-<!--        <record id="acc_account_rule_portal_pmo" model="ir.rule">-->
-<!--            <field name="name">Portail : Factures pour les pmo</field>-->
-<!--            <field name="model_id" ref="acc_account.model_acc_contract" />-->
-<!--            <field-->
-<!--                name="domain_force"-->
-<!--            >[('pmo_id','in',[user.partner_id.parent_id.id, user.partner_id.id])]</field>-->
-<!--            <field name="groups" eval="[(4, ref('base.group_portal'))]" />-->
-<!--        </record>-->
     </data>
 
 </odoo>