[
https://issues.apache.org/jira/browse/OFBIZ-12530?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Pierre Smits updated OFBIZ-12530:
---------------------------------
Description:
Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo
with userId = auditor, accessing the Rates screen, sees editable fields and/or
triggers (to requests) reserved for users with 'CREATE' or 'UPDATE' permissions.
To see/test:
https://demo-trunk.ofbiz.apache.org/accounting/control/viewRateAmounts
was:
Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo
with userId = auditor, accessing the Rates screen, sees editable fields and/or
triggers (to requests) reserved for users with 'CREATE' or 'UPDATE' permissions.
To see/test: https://localhost:8443/accounting/control/viewRateAmounts
> Accounting Rates - VIEW permissions
> -----------------------------------
>
> Key: OFBIZ-12530
> URL: https://issues.apache.org/jira/browse/OFBIZ-12530
> Project: OFBiz
> Issue Type: Improvement
> Components: accounting
> Affects Versions: Upcoming Branch
> Reporter: Pierre Smits
> Assignee: Pierre Smits
> Priority: Major
> Labels: permissions, trust, usability, ux
>
> Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo
> with userId = auditor, accessing the Rates screen, sees editable fields
> and/or triggers (to requests) reserved for users with 'CREATE' or 'UPDATE'
> permissions.
>
> To see/test:
> https://demo-trunk.ofbiz.apache.org/accounting/control/viewRateAmounts
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
