diff --git a/README.md b/README.md
index 7c10faeba35..e10c67e71b4 100644
--- a/README.md
+++ b/README.md
@@ -96,7 +96,7 @@ addon | version | maintainers | summary
 [purchase_requisition_order_remaining_qty](purchase_requisition_order_remaining_qty/) | 15.0.1.0.0 | [![victoralmau](https://github.com/victoralmau.png?size=30px)](https://github.com/victoralmau) | Purchase Requisition Order Remaining Qty
 [purchase_requisition_tier_validation](purchase_requisition_tier_validation/) | 15.0.1.0.0 |  | Extends the functionality of Purchase Agreements to support a tier validation process.
 [purchase_rfq_number](purchase_rfq_number/) | 15.0.1.0.1 |  | Different sequence for purchase for quotations
-[purchase_security](purchase_security/) | 15.0.3.1.0 | [![pilarvargas-tecnativa](https://github.com/pilarvargas-tecnativa.png?size=30px)](https://github.com/pilarvargas-tecnativa) | See only your purchase orders
+[purchase_security](purchase_security/) | 15.0.4.0.0 | [![pilarvargas-tecnativa](https://github.com/pilarvargas-tecnativa.png?size=30px)](https://github.com/pilarvargas-tecnativa) | See only your purchase orders
 [purchase_stock_price_unit_sync](purchase_stock_price_unit_sync/) | 15.0.1.0.4 |  | Update cost price in stock moves already done
 [purchase_stock_return_request](purchase_stock_return_request/) | 15.0.1.0.1 |  | Purchase Stock Return Request
 [purchase_stock_secondary_unit](purchase_stock_secondary_unit/) | 15.0.1.1.1 |  | Get product quantities in a secondary unit
diff --git a/purchase_request_tier_validation/i18n/it.po b/purchase_request_tier_validation/i18n/it.po
index 32388304a00..c235e13b034 100644
--- a/purchase_request_tier_validation/i18n/it.po
+++ b/purchase_request_tier_validation/i18n/it.po
@@ -6,7 +6,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Odoo Server 13.0\n"
 "Report-Msgid-Bugs-To: \n"
-"PO-Revision-Date: 2023-12-22 19:34+0000\n"
+"PO-Revision-Date: 2024-02-14 16:41+0000\n"
 "Last-Translator: mymage <stefano.consolaro@mymage.it>\n"
 "Language-Team: none\n"
 "Language: it\n"
@@ -100,7 +100,7 @@ msgstr ""
 #: model:ir.model.fields,field_description:purchase_request_tier_validation.field_purchase_request__validated
 #: model_terms:ir.ui.view,arch_db:purchase_request_tier_validation.view_purchase_request_filter
 msgid "Validated"
-msgstr "Approvato"
+msgstr "Approvata"
 
 #. module: purchase_request_tier_validation
 #: model:ir.model.fields,field_description:purchase_request_tier_validation.field_purchase_request__validated_message
diff --git a/purchase_security/README.rst b/purchase_security/README.rst
index 72020cc3e72..855a4beefcb 100644
--- a/purchase_security/README.rst
+++ b/purchase_security/README.rst
@@ -7,7 +7,7 @@ Purchase Order security
    !! This file is generated by oca-gen-addon-readme !!
    !! changes will be overwritten.                   !!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-   !! source digest: sha256:84710bf6088628111e60464b0ef87243c926a836f3a0849bb2f4d8cc38d64223
+   !! source digest: sha256:42fcbc71ab83444a9fa147761ca8754acb9f77fee0ca0ea3cdfd1a81ad4425f2
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
 .. |badge1| image:: https://img.shields.io/badge/maturity-Production%2FStable-green.png
diff --git a/purchase_security/__manifest__.py b/purchase_security/__manifest__.py
index d4a42899896..1a43602e33e 100644
--- a/purchase_security/__manifest__.py
+++ b/purchase_security/__manifest__.py
@@ -2,7 +2,7 @@
 
 {
     "name": "Purchase Order security",
-    "version": "15.0.3.1.0",
+    "version": "15.0.4.0.0",
     "category": "Purchase",
     "development_status": "Production/Stable",
     "author": "Tecnativa, Odoo Community Association (OCA)",
@@ -16,6 +16,7 @@
         "security/ir.model.access.csv",
         "views/purchase_order_views.xml",
         "views/purchase_team_views.xml",
+        "views/res_partner_views.xml",
     ],
     "installable": True,
     "auto_install": False,
diff --git a/purchase_security/i18n/es.po b/purchase_security/i18n/es.po
index 7000331a2e2..73ac26eab5d 100644
--- a/purchase_security/i18n/es.po
+++ b/purchase_security/i18n/es.po
@@ -6,16 +6,16 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Odoo Server 15.0\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: \n"
-"PO-Revision-Date: 2023-07-24 20:25+0200\n"
-"Last-Translator: \n"
+"POT-Creation-Date: 2024-02-13 13:34+0000\n"
+"PO-Revision-Date: 2024-02-14 19:35+0000\n"
+"Last-Translator: Ivorra78 <informatica@totmaterial.es>\n"
 "Language-Team: \n"
-"Language: es_ES\n"
+"Language: es\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Poedit 3.0.1\n"
+"Plural-Forms: nplurals=2; plural=n != 1;\n"
+"X-Generator: Weblate 4.17\n"
 
 #. module: purchase_security
 #: model_terms:ir.ui.view,arch_db:purchase_security.purchase_team_form
@@ -31,6 +31,11 @@ msgstr ""
 msgid "Avatar"
 msgstr "Avatar"
 
+#. module: purchase_security
+#: model:ir.model,name:purchase_security.model_res_partner
+msgid "Contact"
+msgstr "Contacto"
+
 #. module: purchase_security
 #: model:ir.model.fields,field_description:purchase_security.field_purchase_team__create_uid
 msgid "Created by"
@@ -98,6 +103,29 @@ msgstr "Equipos de compra"
 msgid "Purchase Users"
 msgstr "Usuarios de compra"
 
+#. module: purchase_security
+#: model:ir.model.fields,field_description:purchase_security.field_res_partner__purchase_user_id
+#: model:ir.model.fields,field_description:purchase_security.field_res_users__purchase_user_id
+#: model_terms:ir.ui.view,arch_db:purchase_security.view_res_partner_filter
+msgid "Purchase representative"
+msgstr "Representante de compra"
+
+#. module: purchase_security
+#: model:ir.model.fields,field_description:purchase_security.field_res_partner__purchase_team_id
+#: model:ir.model.fields,field_description:purchase_security.field_res_users__purchase_team_id
+msgid "Purchase team"
+msgstr "Equipo de compra"
+
+#. module: purchase_security
+#: model:ir.model.fields,field_description:purchase_security.field_res_users__purchase_team_ids
+msgid "Purchases Teams"
+msgstr "Equipos de compras"
+
+#. module: purchase_security
+#: model:ir.model,name:purchase_security.model_ir_rule
+msgid "Record Rule"
+msgstr "Regla de Registro"
+
 #. module: purchase_security
 #: model:ir.model.fields,field_description:purchase_security.field_purchase_team__sequence
 msgid "Sequence"
@@ -118,6 +146,11 @@ msgstr "Usuario (pedidos propios)"
 msgid "User (team orders)"
 msgstr "Usuario (pedidos del equipo)"
 
+#. module: purchase_security
+#: model:ir.model,name:purchase_security.model_res_users
+msgid "Users"
+msgstr "Usuarios"
+
 #. module: purchase_security
 #: model_terms:ir.ui.view,arch_db:purchase_security.purchase_team_form
 msgid "e.g. Europe"
diff --git a/purchase_security/i18n/it.po b/purchase_security/i18n/it.po
index df6bc7db504..0847ac403a6 100644
--- a/purchase_security/i18n/it.po
+++ b/purchase_security/i18n/it.po
@@ -28,6 +28,11 @@ msgstr ""
 msgid "Avatar"
 msgstr ""
 
+#. module: purchase_security
+#: model:ir.model,name:purchase_security.model_res_partner
+msgid "Contact"
+msgstr ""
+
 #. module: purchase_security
 #: model:ir.model.fields,field_description:purchase_security.field_purchase_team__create_uid
 msgid "Created by"
@@ -95,6 +100,29 @@ msgstr ""
 msgid "Purchase Users"
 msgstr ""
 
+#. module: purchase_security
+#: model:ir.model.fields,field_description:purchase_security.field_res_partner__purchase_user_id
+#: model:ir.model.fields,field_description:purchase_security.field_res_users__purchase_user_id
+#: model_terms:ir.ui.view,arch_db:purchase_security.view_res_partner_filter
+msgid "Purchase representative"
+msgstr ""
+
+#. module: purchase_security
+#: model:ir.model.fields,field_description:purchase_security.field_res_partner__purchase_team_id
+#: model:ir.model.fields,field_description:purchase_security.field_res_users__purchase_team_id
+msgid "Purchase team"
+msgstr ""
+
+#. module: purchase_security
+#: model:ir.model.fields,field_description:purchase_security.field_res_users__purchase_team_ids
+msgid "Purchases Teams"
+msgstr ""
+
+#. module: purchase_security
+#: model:ir.model,name:purchase_security.model_ir_rule
+msgid "Record Rule"
+msgstr ""
+
 #. module: purchase_security
 #: model:ir.model.fields,field_description:purchase_security.field_purchase_team__sequence
 msgid "Sequence"
@@ -115,6 +143,11 @@ msgstr "Utente (solo propri ordini)"
 msgid "User (team orders)"
 msgstr ""
 
+#. module: purchase_security
+#: model:ir.model,name:purchase_security.model_res_users
+msgid "Users"
+msgstr ""
+
 #. module: purchase_security
 #: model_terms:ir.ui.view,arch_db:purchase_security.purchase_team_form
 msgid "e.g. Europe"
diff --git a/purchase_security/i18n/purchase_security.pot b/purchase_security/i18n/purchase_security.pot
index c74d8942dd0..f71e0bd8c55 100644
--- a/purchase_security/i18n/purchase_security.pot
+++ b/purchase_security/i18n/purchase_security.pot
@@ -23,6 +23,11 @@ msgstr ""
 msgid "Avatar"
 msgstr ""
 
+#. module: purchase_security
+#: model:ir.model,name:purchase_security.model_res_partner
+msgid "Contact"
+msgstr ""
+
 #. module: purchase_security
 #: model:ir.model.fields,field_description:purchase_security.field_purchase_team__create_uid
 msgid "Created by"
@@ -90,6 +95,29 @@ msgstr ""
 msgid "Purchase Users"
 msgstr ""
 
+#. module: purchase_security
+#: model:ir.model.fields,field_description:purchase_security.field_res_partner__purchase_user_id
+#: model:ir.model.fields,field_description:purchase_security.field_res_users__purchase_user_id
+#: model_terms:ir.ui.view,arch_db:purchase_security.view_res_partner_filter
+msgid "Purchase representative"
+msgstr ""
+
+#. module: purchase_security
+#: model:ir.model.fields,field_description:purchase_security.field_res_partner__purchase_team_id
+#: model:ir.model.fields,field_description:purchase_security.field_res_users__purchase_team_id
+msgid "Purchase team"
+msgstr ""
+
+#. module: purchase_security
+#: model:ir.model.fields,field_description:purchase_security.field_res_users__purchase_team_ids
+msgid "Purchases Teams"
+msgstr ""
+
+#. module: purchase_security
+#: model:ir.model,name:purchase_security.model_ir_rule
+msgid "Record Rule"
+msgstr ""
+
 #. module: purchase_security
 #: model:ir.model.fields,field_description:purchase_security.field_purchase_team__sequence
 msgid "Sequence"
@@ -110,6 +138,11 @@ msgstr ""
 msgid "User (team orders)"
 msgstr ""
 
+#. module: purchase_security
+#: model:ir.model,name:purchase_security.model_res_users
+msgid "Users"
+msgstr ""
+
 #. module: purchase_security
 #: model_terms:ir.ui.view,arch_db:purchase_security.purchase_team_form
 msgid "e.g. Europe"
diff --git a/purchase_security/models/__init__.py b/purchase_security/models/__init__.py
index a9982affd6f..38e405adafa 100644
--- a/purchase_security/models/__init__.py
+++ b/purchase_security/models/__init__.py
@@ -1,2 +1,5 @@
+from . import ir_rule
 from . import purchase_order
 from . import purchase_team
+from . import res_partner
+from . import res_users
diff --git a/purchase_security/models/ir_rule.py b/purchase_security/models/ir_rule.py
new file mode 100644
index 00000000000..fd6467715ec
--- /dev/null
+++ b/purchase_security/models/ir_rule.py
@@ -0,0 +1,57 @@
+# Copyright 2024 Tecnativa - Víctor Martínez
+# License AGPL-3 - See http://www.gnu.org/licenses/agpl-3.0.html
+
+from odoo import api, models, tools
+from odoo.osv import expression
+from odoo.tools import config
+
+
+class IrRule(models.Model):
+    _inherit = "ir.rule"
+
+    @api.model
+    @tools.conditional(
+        "xml" not in config["dev_mode"],
+        tools.ormcache(
+            "self.env.uid",
+            "self.env.su",
+            "model_name",
+            "mode",
+            "tuple(self._compute_domain_context_values())",
+        ),
+    )
+    def _compute_domain(self, model_name, mode="read"):
+        """Inject extra domain for restricting partners when the user
+        has the group 'Purchase / User (own orders)."""
+        res = super()._compute_domain(model_name, mode=mode)
+        user = self.env.user
+        group1 = "purchase_security.group_purchase_own_orders"
+        group2 = "purchase_security.group_purchase_group_orders"
+        group3 = "purchase.group_purchase_manager"
+        if model_name == "res.partner" and not self.env.su:
+            if user.has_group(group1) and not user.has_group(group3):
+                extra_domain = [
+                    "|",
+                    ("message_partner_ids", "in", user.partner_id.ids),
+                    "|",
+                    ("id", "=", user.partner_id.id),
+                ]
+                if user.has_group(group2):
+                    extra_domain += [
+                        "|",
+                        ("purchase_team_id", "=", user.purchase_team_ids[:1].id),
+                        ("purchase_team_id", "=", False),
+                    ]
+                else:
+                    extra_domain += [
+                        "|",
+                        ("purchase_user_id", "=", user.id),
+                        "&",
+                        ("purchase_user_id", "=", False),
+                        "|",
+                        ("purchase_team_id", "=", False),
+                        ("purchase_team_id", "=", user.purchase_team_ids[:1].id),
+                    ]
+                extra_domain = expression.normalize_domain(extra_domain)
+                res = expression.AND([extra_domain] + [res])
+        return res
diff --git a/purchase_security/models/purchase_order.py b/purchase_security/models/purchase_order.py
index 9b5c88dc9ab..f92caefcc56 100644
--- a/purchase_security/models/purchase_order.py
+++ b/purchase_security/models/purchase_order.py
@@ -1,5 +1,6 @@
 # Copyright 2023 Tecnativa - Stefan Ungureanu
 # Copyright 2023 Tecnativa - Pedro M. Baeza
+# Copyright 2024 Tecnativa - Víctor Martínez
 # License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
 
 from odoo import api, fields, models
@@ -25,11 +26,18 @@ def _compute_team_id(self):
         """
         first_team = self.env["purchase.team"].search([], limit=1)
         for record in self:
-            if record.user_id:
-                team = self.env["purchase.team"].search(
-                    [("user_ids", "=", record.user_id.id)], limit=1
+            record.team_id = record.user_id.purchase_team_ids[:1] or first_team
+
+    def onchange_partner_id(self):
+        res = super().onchange_partner_id()
+        if self.partner_id:
+            partner = self.partner_id or self.partner_id.commercial_partner_id
+            if not self.env.context.get("default_user_id"):
+                self.user_id = partner.purchase_user_id or self.env.user
+            if not self.env.context.get("default_team_id"):
+                self.team_id = (
+                    partner.purchase_team_id
+                    or self.user_id.purchase_team_ids[:1]
+                    or self.env["purchase.team"].search([], limit=1)
                 )
-                if team:
-                    record.team_id = team.id
-                    continue
-            record.team_id = first_team.id
+        return res
diff --git a/purchase_security/models/purchase_team.py b/purchase_security/models/purchase_team.py
index 67e2d75226f..13126178e79 100644
--- a/purchase_security/models/purchase_team.py
+++ b/purchase_security/models/purchase_team.py
@@ -12,4 +12,10 @@ class PurchaseTeam(models.Model):
 
     name = fields.Char(required=True)
     sequence = fields.Integer(default=10)
-    user_ids = fields.Many2many("res.users", string="Purchase Users")
+    user_ids = fields.Many2many(
+        comodel_name="res.users",
+        relation="purchase_team_res_users_rel",
+        column1="purchase_team_id",
+        column2="res_users_id",
+        string="Purchase Users",
+    )
diff --git a/purchase_security/models/res_partner.py b/purchase_security/models/res_partner.py
new file mode 100644
index 00000000000..9e889e487de
--- /dev/null
+++ b/purchase_security/models/res_partner.py
@@ -0,0 +1,20 @@
+# Copyright 2024 Tecnativa - Víctor Martínez
+# License AGPL-3 - See http://www.gnu.org/licenses/agpl-3.0.html
+
+from odoo import fields, models
+
+
+class ResPartner(models.Model):
+    _inherit = "res.partner"
+
+    purchase_user_id = fields.Many2one(
+        comodel_name="res.users",
+        domain="[('share', '=', False)]",
+        string="Purchase representative",
+        index=True,
+    )
+    purchase_team_id = fields.Many2one(
+        comodel_name="purchase.team",
+        string="Purchase team",
+        index=True,
+    )
diff --git a/purchase_security/models/res_users.py b/purchase_security/models/res_users.py
new file mode 100644
index 00000000000..663ce99e091
--- /dev/null
+++ b/purchase_security/models/res_users.py
@@ -0,0 +1,19 @@
+# Copyright 2024 Tecnativa - Víctor Martínez
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
+
+from odoo import fields, models
+
+
+class ResUsers(models.Model):
+    _inherit = "res.users"
+
+    purchase_team_ids = fields.Many2many(
+        comodel_name="purchase.team",
+        relation="purchase_team_res_users_rel",
+        column1="res_users_id",
+        column2="purchase_team_id",
+        string="Purchases Teams",
+        check_company=True,
+        copy=False,
+        readonly=True,
+    )
diff --git a/purchase_security/static/description/index.html b/purchase_security/static/description/index.html
index 465b66dd80a..9a4275a2ea6 100644
--- a/purchase_security/static/description/index.html
+++ b/purchase_security/static/description/index.html
@@ -1,4 +1,3 @@
-<?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 <head>
@@ -367,7 +366,7 @@ <h1 class="title">Purchase Order security</h1>
 !! This file is generated by oca-gen-addon-readme !!
 !! changes will be overwritten.                   !!
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-!! source digest: sha256:84710bf6088628111e60464b0ef87243c926a836f3a0849bb2f4d8cc38d64223
+!! source digest: sha256:42fcbc71ab83444a9fa147761ca8754acb9f77fee0ca0ea3cdfd1a81ad4425f2
 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
 <p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Production/Stable" src="https://img.shields.io/badge/maturity-Production%2FStable-green.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/purchase-workflow/tree/15.0/purchase_security"><img alt="OCA/purchase-workflow" src="https://img.shields.io/badge/github-OCA%2Fpurchase--workflow-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/purchase-workflow-15-0/purchase-workflow-15-0-purchase_security"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/purchase-workflow&amp;target_branch=15.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
 <p>This addon creates a new group called “Purchase (own orders)” in Purchase.</p>
diff --git a/purchase_security/tests/test_access_rights.py b/purchase_security/tests/test_access_rights.py
index 83d1d2c53a4..cbdc2b1c289 100644
--- a/purchase_security/tests/test_access_rights.py
+++ b/purchase_security/tests/test_access_rights.py
@@ -1,17 +1,14 @@
 # Copyright 2020 Tecnativa - Víctor Martínez
 # Copyright 2023 Tecnativa - Stefan Ungureanu
 # Copyright 2023 Tecnativa - Pedro M. Baeza
+# Copyright 2024 Tecnativa - Víctor Martínez
 # License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl.html).
 
-import logging
+from odoo.tests import Form, common, new_test_user
+from odoo.tests.common import users
 
-from odoo.tests import new_test_user
-from odoo.tests.common import TransactionCase
 
-_logger = logging.getLogger(__name__)
-
-
-class TestPurchaseOrderSecurity(TransactionCase):
+class TestPurchaseOrderSecurity(common.TransactionCase):
     @classmethod
     def setUpClass(cls):
         super().setUpClass()
@@ -99,6 +96,50 @@ def setUpClass(cls):
             )
         )
 
+    @users("group_purchase_team_1_orders")
+    def test_new_purchase_order(self):
+        order_form_1 = Form(self.env["purchase.order"])
+        self.assertEqual(order_form_1.user_id, self.user_group_team_1)
+        self.assertEqual(order_form_1.team_id, self.team1)
+        order_form_1.partner_id = self.partner_po
+        self.assertEqual(order_form_1.user_id, self.user_group_team_1)
+        self.assertEqual(order_form_1.team_id, self.team1)
+        # order_form with default_user_id (user_group_team_2 > team_2)
+        self.team1.write({"user_ids": [(3, self.user_group_team_2.id)]})
+        self.team2.write({"user_ids": [(4, self.user_group_team_2.id)]})
+        order_form_2 = Form(
+            self.env["purchase.order"].with_context(
+                default_user_id=self.user_group_team_2.id
+            )
+        )
+        self.assertEqual(order_form_2.user_id, self.user_group_team_2)
+        self.assertEqual(order_form_2.team_id, self.team2)
+        order_form_2.partner_id = self.partner_po
+        self.assertEqual(order_form_2.user_id, self.user_group_team_2)
+        self.assertEqual(order_form_2.team_id, self.team2)
+        # order_form with default_user_id (user_group_team_3 > without team)
+        order_form_2 = Form(
+            self.env["purchase.order"].with_context(
+                default_user_id=self.user_group_team_3.id
+            )
+        )
+        self.assertEqual(order_form_2.user_id, self.user_group_team_3)
+        self.assertEqual(order_form_2.team_id, self.team1)
+        order_form_2.partner_id = self.partner_po
+        self.assertEqual(order_form_2.user_id, self.user_group_team_3)
+        self.assertEqual(order_form_2.team_id, self.team1)
+
+    def _check_permission(self, user, team, expected):
+        self.partner_po.write(
+            {
+                "purchase_user_id": user.id if user else user,
+                "purchase_team_id": team.id if team else team,
+            }
+        )
+        domain = [("id", "=", self.partner_po.id)]
+        obj = self.env[self.partner_po._name]
+        self.assertEqual(bool(obj.search(domain)), expected)
+
     def test_po_auto_team(self):
         order = self.env["purchase.order"].search([("name", "=", "po_security_2")])
         self.assertEqual(order.team_id, self.team1)
@@ -183,3 +224,143 @@ def test_access_user_user_group_purchase_group_orders_3(self):
             ),
             1,
         )
+
+    @users("po_user")
+    def test_partner_permissions_01(self):
+        """User with purchase.group_purchase_user group."""
+        self._check_permission(False, False, True)
+        self._check_permission(False, self.team1, True)
+        self._check_permission(False, self.team2, True)
+        self._check_permission(self.user_group_purchase_own_orders, False, True)
+        self._check_permission(self.user_group_purchase_own_orders, self.team1, True)
+        self._check_permission(self.user_group_purchase_own_orders, self.team2, True)
+        self._check_permission(self.user_group_team_1, False, True)
+        self._check_permission(self.user_group_team_1, self.team1, True)
+        self._check_permission(self.user_group_team_1, self.team2, True)
+        self._check_permission(self.user_group_team_2, False, True)
+        self._check_permission(self.user_group_team_2, self.team1, True)
+        self._check_permission(self.user_group_team_2, self.team2, True)
+        self._check_permission(self.user_group_team_3, False, True)
+        self._check_permission(self.user_group_team_3, self.team1, True)
+        self._check_permission(self.user_group_team_3, self.team2, True)
+        self._check_permission(self.user_po_user, False, True)
+        self._check_permission(self.user_po_user, self.team1, True)
+        self._check_permission(self.user_po_user, self.team2, True)
+        self._check_permission(self.user_po_manager, False, True)
+        self._check_permission(self.user_po_manager, self.team1, True)
+        self._check_permission(self.user_po_manager, self.team2, True)
+        self._check_permission(self.user_without_groups, False, True)
+        self._check_permission(self.user_without_groups, self.team1, True)
+        self._check_permission(self.user_without_groups, self.team2, True)
+
+    @users("group_purchase_own_orders")
+    def test_partner_permissions_02(self):
+        """User with purchase_security.group_purchase_own_orders group."""
+        self._check_permission(False, False, True)
+        self._check_permission(False, self.team1, False)
+        self._check_permission(False, self.team2, False)
+        self._check_permission(self.user_group_purchase_own_orders, False, True)
+        self._check_permission(self.user_group_purchase_own_orders, self.team1, True)
+        self._check_permission(self.user_group_purchase_own_orders, self.team2, True)
+        self._check_permission(self.user_group_team_1, False, False)
+        self._check_permission(self.user_group_team_1, self.team1, False)
+        self._check_permission(self.user_group_team_1, self.team2, False)
+        self._check_permission(self.user_group_team_2, False, False)
+        self._check_permission(self.user_group_team_2, self.team1, False)
+        self._check_permission(self.user_group_team_2, self.team2, False)
+        self._check_permission(self.user_group_team_3, False, False)
+        self._check_permission(self.user_group_team_3, self.team1, False)
+        self._check_permission(self.user_group_team_3, self.team2, False)
+        self._check_permission(self.user_po_user, False, False)
+        self._check_permission(self.user_po_user, self.team1, False)
+        self._check_permission(self.user_po_user, self.team2, False)
+        self._check_permission(self.user_po_manager, False, False)
+        self._check_permission(self.user_po_manager, self.team1, False)
+        self._check_permission(self.user_po_manager, self.team2, False)
+        self._check_permission(self.user_without_groups, False, False)
+        self._check_permission(self.user_without_groups, self.team1, False)
+        self._check_permission(self.user_without_groups, self.team2, False)
+
+    @users("group_purchase_team_1_orders")
+    def test_partner_permissions_03(self):
+        """User with purchase_security.group_purchase_group_orders group."""
+        self._check_permission(False, False, True)
+        self._check_permission(False, self.team1, True)
+        self._check_permission(False, self.team2, False)
+        self._check_permission(self.user_group_purchase_own_orders, False, True)
+        self._check_permission(self.user_group_purchase_own_orders, self.team1, True)
+        self._check_permission(self.user_group_purchase_own_orders, self.team2, False)
+        self._check_permission(self.user_group_team_1, False, True)
+        self._check_permission(self.user_group_team_1, self.team1, True)
+        self._check_permission(self.user_group_team_1, self.team2, False)
+        self._check_permission(self.user_group_team_2, False, True)
+        self._check_permission(self.user_group_team_2, self.team1, True)
+        self._check_permission(self.user_group_team_2, self.team2, False)
+        self._check_permission(self.user_group_team_3, False, True)
+        self._check_permission(self.user_group_team_3, self.team1, True)
+        self._check_permission(self.user_group_team_3, self.team2, False)
+        self._check_permission(self.user_po_user, False, True)
+        self._check_permission(self.user_po_user, self.team1, True)
+        self._check_permission(self.user_po_user, self.team2, False)
+        self._check_permission(self.user_po_manager, False, True)
+        self._check_permission(self.user_po_manager, self.team1, True)
+        self._check_permission(self.user_po_manager, self.team2, False)
+        self._check_permission(self.user_without_groups, False, True)
+        self._check_permission(self.user_without_groups, self.team1, True)
+        self._check_permission(self.user_without_groups, self.team2, False)
+
+    @users("po_manager")
+    def test_partner_permissions_04(self):
+        """User with purchase.group_purchase_manager group."""
+        self._check_permission(False, False, True)
+        self._check_permission(False, self.team1, True)
+        self._check_permission(False, self.team2, True)
+        self._check_permission(self.user_group_purchase_own_orders, False, True)
+        self._check_permission(self.user_group_purchase_own_orders, self.team1, True)
+        self._check_permission(self.user_group_purchase_own_orders, self.team2, True)
+        self._check_permission(self.user_group_team_1, False, True)
+        self._check_permission(self.user_group_team_1, self.team1, True)
+        self._check_permission(self.user_group_team_1, self.team2, True)
+        self._check_permission(self.user_group_team_2, False, True)
+        self._check_permission(self.user_group_team_2, self.team1, True)
+        self._check_permission(self.user_group_team_2, self.team2, True)
+        self._check_permission(self.user_group_team_3, False, True)
+        self._check_permission(self.user_group_team_3, self.team1, True)
+        self._check_permission(self.user_group_team_3, self.team2, True)
+        self._check_permission(self.user_po_user, False, True)
+        self._check_permission(self.user_po_user, self.team1, True)
+        self._check_permission(self.user_po_user, self.team2, True)
+        self._check_permission(self.user_po_manager, False, True)
+        self._check_permission(self.user_po_manager, self.team1, True)
+        self._check_permission(self.user_po_manager, self.team2, True)
+        self._check_permission(self.user_without_groups, False, True)
+        self._check_permission(self.user_without_groups, self.team1, True)
+        self._check_permission(self.user_without_groups, self.team2, True)
+
+    @users("without_groups")
+    def test_partner_permissions_05(self):
+        """User witout groups"""
+        self._check_permission(False, False, True)
+        self._check_permission(False, self.team1, True)
+        self._check_permission(False, self.team2, True)
+        self._check_permission(self.user_group_purchase_own_orders, False, True)
+        self._check_permission(self.user_group_purchase_own_orders, self.team1, True)
+        self._check_permission(self.user_group_purchase_own_orders, self.team2, True)
+        self._check_permission(self.user_group_team_1, False, True)
+        self._check_permission(self.user_group_team_1, self.team1, True)
+        self._check_permission(self.user_group_team_1, self.team2, True)
+        self._check_permission(self.user_group_team_2, False, True)
+        self._check_permission(self.user_group_team_2, self.team1, True)
+        self._check_permission(self.user_group_team_2, self.team2, True)
+        self._check_permission(self.user_group_team_3, False, True)
+        self._check_permission(self.user_group_team_3, self.team1, True)
+        self._check_permission(self.user_group_team_3, self.team2, True)
+        self._check_permission(self.user_po_user, False, True)
+        self._check_permission(self.user_po_user, self.team1, True)
+        self._check_permission(self.user_po_user, self.team2, True)
+        self._check_permission(self.user_po_manager, False, True)
+        self._check_permission(self.user_po_manager, self.team1, True)
+        self._check_permission(self.user_po_manager, self.team2, True)
+        self._check_permission(self.user_without_groups, False, True)
+        self._check_permission(self.user_without_groups, self.team1, True)
+        self._check_permission(self.user_without_groups, self.team2, True)
diff --git a/purchase_security/views/res_partner_views.xml b/purchase_security/views/res_partner_views.xml
new file mode 100644
index 00000000000..841b367fe5e
--- /dev/null
+++ b/purchase_security/views/res_partner_views.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<odoo>
+    <record id="view_res_partner_filter" model="ir.ui.view">
+        <field name="name">res.partner.select</field>
+        <field name="model">res.partner</field>
+        <field name="inherit_id" ref="base.view_res_partner_filter" />
+        <field name="groups_id" eval="[(4, ref('group_purchase_own_orders'))]" />
+        <field name="arch" type="xml">
+            <field name="user_id" position="after">
+                <field name="purchase_user_id" />
+            </field>
+            <filter name="salesperson" position="after">
+                <filter
+                    name="purchase_user_id_filter"
+                    string="Purchase representative"
+                    domain="[]"
+                    context="{'group_by' : 'purchase_user_id'}"
+                />
+            </filter>
+        </field>
+    </record>
+    <record id="view_partner_tree" model="ir.ui.view">
+        <field name="name">res.partner.tree</field>
+        <field name="model">res.partner</field>
+        <field name="inherit_id" ref="base.view_partner_tree" />
+        <field name="groups_id" eval="[(4, ref('group_purchase_own_orders'))]" />
+        <field name="arch" type="xml">
+            <field name="user_id" position="after">
+                <field
+                    name="purchase_user_id"
+                    optional="show"
+                    widget="many2one_avatar_user"
+                />
+            </field>
+        </field>
+    </record>
+    <record id="view_partner_property_form" model="ir.ui.view">
+        <field name="name">res.partner.property.form.inherit</field>
+        <field name="model">res.partner</field>
+        <field name="inherit_id" ref="account.view_partner_property_form" />
+        <field name="groups_id" eval="[(4, ref('group_purchase_own_orders'))]" />
+        <field name="arch" type="xml">
+            <!-- Use this field to place the field first in Purchase group. !-->
+            <field name="property_supplier_payment_term_id" position="before">
+                <field name="purchase_user_id" />
+                <field name="purchase_team_id" />
+            </field>
+        </field>
+    </record>
+</odoo>