[
https://issues.apache.org/jira/browse/OFBIZ-10901?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16848109#comment-16848109
]
Pierre Smits commented on OFBIZ-10901:
--------------------------------------
There is a pattern that will help: look for all the edit screens/forms/request
maps
> Editable screens/forms are shown to user with only VIEW permissions
> -------------------------------------------------------------------
>
> Key: OFBIZ-10901
> URL: https://issues.apache.org/jira/browse/OFBIZ-10901
> Project: OFBiz
> Issue Type: Bug
> Components: ALL APPLICATIONS
> Affects Versions: Trunk, Release Branch 16.11, Release Branch 17.12,
> Release Branch 18.12
> Reporter: Pierre Smits
> Priority: Major
> Labels: audit
>
> Edit screens should not be shown to users who have only VIEW permissions.
> They should be shown only display screens.
> When such a user is misled and enters data to change the record an error is
> thrown.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
