In earlier Odoo versions, developers could usually add Many2many or Many2one fields linked to hr.employee without facing strict access validation during record updates. In many cases, employee selection worked even when users did not have direct read access to the employee model.

With Odoo 19, the behavior has changed. Odoo now validates read access on the related comodel while modifying relational fields. Because of this, users may face access errors when selecting employees in Many2many fields if the proper employee access context is not applied.

To handle this scenario, Odoo already provides a standard method inside the HR framework:

def _check_access(self, operation):
    # This method override provides read access to 'hr.employee' in some
    # situations, like setting a many2many field to comodel 'hr.employee'.
    # Since Odoo 19, one must have read access to the comodel to modify the
    # relation.
    if operation == 'read' and self.env.context.get('_allow_read_hr_employee') is _ALLOW_READ_HR_EMPLOYEE:
        return None

    return super()._check_access(operation)

Instead of creating custom security bypasses or temporary workarounds, Odoo 19 recommends using the standard HR mixin architecture. By simply inheriting the hr.mixin class in your custom model, Odoo automatically applies the correct employee access handling.

class YourCustomModel(models.Model):
    _name = 'your.custom.model'
    _inherit = ['hr.mixin']

This approach keeps the implementation fully aligned with Odoo standards while ensuring that employee selection works properly in relational fields. It also helps maintain cleaner code, better upgrade compatibility, and improved long-term maintainability for custom modules in Odoo 19.

Stop using workarounds — Odoo 19 already provides the standard solution for employee relational field access.