Revision 7fd74226
takes care to prevent employees to modify manually their attendances,
by removing the edit button from the attendance list.

This is only visual, this doesn't actually
prevent users to change their attendances,
for instance through XMLRPC.

Besides, with the group comment:
```xml
    <record id="group_hr_attendance" model="res.groups">
        <field name="name">User</field>
        <field name="category_id" ref="base.module_category_human_resources_attendances"/>
        <field name="comment">The user will gain access to the human resources attendance menu, enabling him to manage his own attendance.</field>
    </record>
```

To me:
- Employees should be able to sign in and sign out only
- Attendance users should be able to modify their own attendances only
- Attendance managers can modify attendances of anybody.

Hence, instead of removing the edit button on the view,
change the ACLs so employees do not have the rights to modify their
attendances at all.

Part-of: odoo/odoo#98551