diff --git a/hide_menu_user/__manifest__.py b/hide_menu_user/__manifest__.py
index 690e4664c..030d894cd 100644
--- a/hide_menu_user/__manifest__.py
+++ b/hide_menu_user/__manifest__.py
@@ -31,7 +31,6 @@
     'website': "https://www.cybrosys.com",
     'depends': ['base'],
     'data': [
-        'security/security.xml',
         'views/res_users_views.xml',
     ],
     'license': 'LGPL-3',
diff --git a/hide_menu_user/models/res_users.py b/hide_menu_user/models/res_users.py
index 112394fa4..72a7d8293 100644
--- a/hide_menu_user/models/res_users.py
+++ b/hide_menu_user/models/res_users.py
@@ -19,7 +19,7 @@
 #    If not, see <http://www.gnu.org/licenses/>.
 #
 #############################################################################
-from odoo import fields, models
+from odoo import fields, models, api
 
 
 class ResUsers(models.Model):
@@ -29,16 +29,21 @@ class ResUsers(models.Model):
     _inherit = 'res.users'
 
     def write(self, vals):
-        """
-         Write method for the ResUsers model.
-         Ensure the menu will not remain hidden after removing it from the list.
-           """
+        # Store old hide_menu_ids per record
+        old_hide_menu_map = {record.id: record.hide_menu_ids for record in self}
         res = super(ResUsers, self).write(vals)
         for record in self:
+            old_hide_menu_ids = old_hide_menu_map.get(record.id,
+                                                     self.env['ir.ui.menu'])
+
+            # Add new restrictions
             for menu in record.hide_menu_ids:
-                menu.write({
-                    'restrict_user_ids': [fields.Command.link(record.id)]
-                })
+                menu.sudo().write({'restrict_user_ids': [(4, record.id)]})
+
+            # Remove old ones that are no longer selected
+            removed_menus = old_hide_menu_ids - record.hide_menu_ids
+            for menu in removed_menus:
+                menu.sudo().write({'restrict_user_ids': [(3, record.id)]})
         return res
 
     def _get_is_admin(self):
@@ -55,7 +60,7 @@ class ResUsers(models.Model):
         'ir.ui.menu', string="Hidden Menu",
         store=True, help='Select menu items that need to '
                          'be hidden to this user.')
-    is_admin = fields.Boolean(compute=_get_is_admin, string="Is Admin",
+    is_admin = fields.Boolean(compute='_get_is_admin', string="Is Admin",
                               help='Check if the user is an admin.')
 
 
@@ -68,3 +73,18 @@ class IrUiMenu(models.Model):
     restrict_user_ids = fields.Many2many(
         'res.users', string="Restricted Users",
         help='Users restricted from accessing this menu.')
+
+    @api.returns('self')
+    def _filter_visible_menus(self):
+        """
+        Override to filter out menus restricted for current user.
+        Applies only to the current user context.
+        """
+        menus = super(IrUiMenu, self)._filter_visible_menus()
+
+        # Allow system admin to see everything
+        if self.env.user.has_group('base.group_system'):
+            return menus
+
+        return menus.filtered(
+            lambda m: self.env.user not in m.restrict_user_ids)
diff --git a/hide_menu_user/security/security.xml b/hide_menu_user/security/security.xml
deleted file mode 100644
index 3b2e10cf3..000000000
--- a/hide_menu_user/security/security.xml
+++ /dev/null
@@ -1,9 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<odoo>
-<!--Rule to hide menu items -->
-    <record id="ir_ui_menu_rule_user" model="ir.rule">
-        <field name="name">Restrict Menu from Users</field>
-        <field name="model_id" ref="model_ir_ui_menu"/>
-        <field name="domain_force">[('restrict_user_ids','not in',user.id)]</field>
-    </record>
-</odoo>