[ https://issues.apache.org/jira/browse/OFBIZ-12530?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pierre Smits updated OFBIZ-12530: --------------------------------- Description: Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo with userId = auditor, accessing the Rates screen, sees editable fields and/or triggers (to requests) reserved for users with 'CREATE' or 'UPDATE' permissions. To see/test: https://demo-trunk.ofbiz.apache.org/accounting/control/viewRateAmounts was: Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo with userId = auditor, accessing the Rates screen, sees editable fields and/or triggers (to requests) reserved for users with 'CREATE' or 'UPDATE' permissions. To see/test: https://localhost:8443/accounting/control/viewRateAmounts > Accounting Rates - VIEW permissions > ----------------------------------- > > Key: OFBIZ-12530 > URL: https://issues.apache.org/jira/browse/OFBIZ-12530 > Project: OFBiz > Issue Type: Improvement > Components: accounting > Affects Versions: Upcoming Branch > Reporter: Pierre Smits > Assignee: Pierre Smits > Priority: Major > Labels: permissions, trust, usability, ux > > Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo > with userId = auditor, accessing the Rates screen, sees editable fields > and/or triggers (to requests) reserved for users with 'CREATE' or 'UPDATE' > permissions. > > To see/test: > https://demo-trunk.ofbiz.apache.org/accounting/control/viewRateAmounts -- This message was sent by Atlassian Jira (v8.20.10#820010)