[jira] [Updated] (OFBIZ-12431) VIEW permissions - invoice notes

[Pierre Smits (Jira)]

 [ 
https://issues.apache.org/jira/browse/OFBIZ-12431?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pierre Smits updated OFBIZ-12431:
-
Description: 
Though there is an entity InvoiceNote, this cannot be accessed by user with 
VIEW permissions when accessing an invoice.

See:
 * for entity 
data:[https://demo-trunk.ofbiz.apache.org/webtools/control/entity/find/InvoiceNote]
 * test invoice: 
[https://demo-trunk.ofbiz.apache.org/accounting/control/invoiceOverview?invoiceId=demo11001]

  was:
Though there is an entity InvoiceContactMech, this cannot be accessed by user 
with VIEW permissions when accessing an invoice.

See:
 * for entity 
data:https://demo-trunk.ofbiz.apache.org/webtools/control/entity/find/InvoiceNote
 * test invoice: 
[https://demo-trunk.ofbiz.apache.org/accounting/control/invoiceOverview?invoiceId=demo11001]


> VIEW permissions - invoice notes
> 
>
> Key: OFBIZ-12431
> URL: https://issues.apache.org/jira/browse/OFBIZ-12431
> Project: OFBiz
>  Issue Type: Improvement
>  Components: accounting
>Affects Versions: Trunk
>Reporter: Pierre Smits
>Assignee: Pierre Smits
>Priority: Major
>  Labels: invoice, notes, permissions, usability
>
> Though there is an entity InvoiceNote, this cannot be accessed by user with 
> VIEW permissions when accessing an invoice.
> See:
>  * for entity 
> data:[https://demo-trunk.ofbiz.apache.org/webtools/control/entity/find/InvoiceNote]
>  * test invoice: 
> [https://demo-trunk.ofbiz.apache.org/accounting/control/invoiceOverview?invoiceId=demo11001]



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (OFBIZ-12431) VIEW permissions - invoice notes

[Pierre Smits (Jira)]

Pierre Smits created OFBIZ-12431:


 Summary: VIEW permissions - invoice notes
 Key: OFBIZ-12431
 URL: https://issues.apache.org/jira/browse/OFBIZ-12431
 Project: OFBiz
  Issue Type: Improvement
  Components: accounting
Affects Versions: Trunk
Reporter: Pierre Smits
Assignee: Pierre Smits


Though there is an entity InvoiceContactMech, this cannot be accessed by user 
with VIEW permissions when accessing an invoice.

See:
 * for entity 
data:https://demo-trunk.ofbiz.apache.org/webtools/control/entity/find/InvoiceNote
 * test invoice: 
[https://demo-trunk.ofbiz.apache.org/accounting/control/invoiceOverview?invoiceId=demo11001]



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (OFBIZ-12391) Trustworthy OFBiz - audit capabilities

[Pierre Smits (Jira)]

[ 
https://issues.apache.org/jira/browse/OFBIZ-12391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17452797#comment-17452797
 ] 

Pierre Smits commented on OFBIZ-12391:
--

Hi Scott,

Thanks for sharing your insights and experiences. IMO, we should now take this 
to dev ml, as this starts getting much bigger than just improving a small 
portion of the code.

> Trustworthy OFBiz - audit capabilities
> --
>
> Key: OFBIZ-12391
> URL: https://issues.apache.org/jira/browse/OFBIZ-12391
> Project: OFBiz
>  Issue Type: Improvement
>  Components: ALL COMPONENTS, framework/entity
>Affects Versions: Trunk
>Reporter: Pierre Smits
>Assignee: Pierre Smits
>Priority: Major
>  Labels: audit, entity, investigation, mvp, trust, usability
>
> When potential adopters want to use OFBiz as their primary solution for 
> business critical ERP (and related) processes, they (or at least their 
> auditors) want to be sure that they can see:
>  # who created the record in the underlying rdbms,
>  # when that record was created,
>  # who was the last one to modify the record
>  # when the modification happened.
> Currently out of the 800+ entities defined in the various entity model files, 
> only a fraction of the entities have fields defined for
>  * createdDate (23)
>  * createdByUserLogin (30)
>  * lastModifiedDate (24)
>  * lastModifiedByUserLogin (29)
> which means that for crucial entities (for a business) in OFBiz entities 
> records can be created and changed (for nefarious reasons) without auditors 
> and other investigators being able to state anything regarding the above 4 
> points.
> Currently there are over 600 entity-auto services invoking 'create', and 
> approximately the same amount of services that invoke 'update', that could 
> automatically set the fields listed above. However it is not done, because 
> these have not been defined.
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (OFBIZ-12430) Add Invoice notes

[Nameet Jain (Jira)]

Nameet Jain created OFBIZ-12430:
---

 Summary: Add Invoice notes
 Key: OFBIZ-12430
 URL: https://issues.apache.org/jira/browse/OFBIZ-12430
 Project: OFBiz
  Issue Type: Improvement
  Components: accounting
Affects Versions: Trunk
Reporter: Nameet Jain


OFBiz provides supporting data-model and CRUD services but missed the UI 
support.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Assigned] (OFBIZ-12410) Receive product by supplier

[Aishwary Shrivastava (Jira)]

 [ 
https://issues.apache.org/jira/browse/OFBIZ-12410?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aishwary Shrivastava reassigned OFBIZ-12410:


Assignee: Aishwary Shrivastava

> Receive product by supplier 
> 
>
> Key: OFBIZ-12410
> URL: https://issues.apache.org/jira/browse/OFBIZ-12410
> Project: OFBiz
>  Issue Type: Improvement
>  Components: product/facility
>Affects Versions: Trunk
>Reporter: Aishwary Shrivastava
>Assignee: Aishwary Shrivastava
>Priority: Minor
>
> While receiving inventory many a times, a business can have shipment coming 
> from a supplier consisting many different  products.
> Adding support to received inventory for product by filtering supplier can be 
> a good improvement.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Assigned] (OFBIZ-12412) Support for generating consolidate invoice for a party

[Aishwary Shrivastava (Jira)]

 [ 
https://issues.apache.org/jira/browse/OFBIZ-12412?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aishwary Shrivastava reassigned OFBIZ-12412:


Assignee: (was: Aishwary Shrivastava)

> Support for generating consolidate invoice for a party 
> ---
>
> Key: OFBIZ-12412
> URL: https://issues.apache.org/jira/browse/OFBIZ-12412
> Project: OFBiz
>  Issue Type: New Feature
>  Components: accounting
>Affects Versions: Trunk
>Reporter: Aishwary Shrivastava
>Priority: Minor
>
> Generating a consolidate invoice for a supplier or B2B customer for a month 
> or specific time interval can be helpful in many business scenarios



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Assigned] (OFBIZ-12412) Support for generating consolidate invoice for a party

[Aishwary Shrivastava (Jira)]

 [ 
https://issues.apache.org/jira/browse/OFBIZ-12412?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aishwary Shrivastava reassigned OFBIZ-12412:


Assignee: Aishwary Shrivastava

> Support for generating consolidate invoice for a party 
> ---
>
> Key: OFBIZ-12412
> URL: https://issues.apache.org/jira/browse/OFBIZ-12412
> Project: OFBiz
>  Issue Type: New Feature
>  Components: accounting
>Affects Versions: Trunk
>Reporter: Aishwary Shrivastava
>Assignee: Aishwary Shrivastava
>Priority: Minor
>
> Generating a consolidate invoice for a supplier or B2B customer for a month 
> or specific time interval can be helpful in many business scenarios



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (OFBIZ-12411) Generated requirments should also have a PDF support

[Aishwary Shrivastava (Jira)]

 [ 
https://issues.apache.org/jira/browse/OFBIZ-12411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aishwary Shrivastava updated OFBIZ-12411:
-
Component/s: order

> Generated requirments should also have a PDF support
> 
>
> Key: OFBIZ-12411
> URL: https://issues.apache.org/jira/browse/OFBIZ-12411
> Project: OFBiz
>  Issue Type: New Feature
>  Components: order
>Affects Versions: Trunk
>Reporter: Aishwary Shrivastava
>Priority: Minor
>
> In many businesses PDFs can be handy to compare or make decisions.
> We can add feature to have a PDF for the generated requirements.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (OFBIZ-12411) Generated requirments should also have a PDF support

[Aishwary Shrivastava (Jira)]

 [ 
https://issues.apache.org/jira/browse/OFBIZ-12411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aishwary Shrivastava updated OFBIZ-12411:
-
Affects Version/s: Trunk

> Generated requirments should also have a PDF support
> 
>
> Key: OFBIZ-12411
> URL: https://issues.apache.org/jira/browse/OFBIZ-12411
> Project: OFBiz
>  Issue Type: New Feature
>Affects Versions: Trunk
>Reporter: Aishwary Shrivastava
>Priority: Minor
>
> In many businesses PDFs can be handy to compare or make decisions.
> We can add feature to have a PDF for the generated requirements.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (OFBIZ-12412) Support for generating consolidate invoice for a party

[Aishwary Shrivastava (Jira)]

 [ 
https://issues.apache.org/jira/browse/OFBIZ-12412?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aishwary Shrivastava updated OFBIZ-12412:
-
Component/s: accounting

> Support for generating consolidate invoice for a party 
> ---
>
> Key: OFBIZ-12412
> URL: https://issues.apache.org/jira/browse/OFBIZ-12412
> Project: OFBiz
>  Issue Type: New Feature
>  Components: accounting
>Affects Versions: Trunk
>Reporter: Aishwary Shrivastava
>Priority: Minor
>
> Generating a consolidate invoice for a supplier or B2B customer for a month 
> or specific time interval can be helpful in many business scenarios



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (OFBIZ-12412) Support for generating consolidate invoice for a party

[Aishwary Shrivastava (Jira)]

 [ 
https://issues.apache.org/jira/browse/OFBIZ-12412?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aishwary Shrivastava updated OFBIZ-12412:
-
Affects Version/s: Trunk

> Support for generating consolidate invoice for a party 
> ---
>
> Key: OFBIZ-12412
> URL: https://issues.apache.org/jira/browse/OFBIZ-12412
> Project: OFBiz
>  Issue Type: New Feature
>Affects Versions: Trunk
>Reporter: Aishwary Shrivastava
>Priority: Minor
>
> Generating a consolidate invoice for a supplier or B2B customer for a month 
> or specific time interval can be helpful in many business scenarios



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (OFBIZ-12410) Receive product by supplier

[Aishwary Shrivastava (Jira)]

 [ 
https://issues.apache.org/jira/browse/OFBIZ-12410?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aishwary Shrivastava updated OFBIZ-12410:
-
Component/s: product/facility

> Receive product by supplier 
> 
>
> Key: OFBIZ-12410
> URL: https://issues.apache.org/jira/browse/OFBIZ-12410
> Project: OFBiz
>  Issue Type: Improvement
>  Components: product/facility
>Affects Versions: Trunk
>Reporter: Aishwary Shrivastava
>Priority: Minor
>
> While receiving inventory many a times, a business can have shipment coming 
> from a supplier consisting many different  products.
> Adding support to received inventory for product by filtering supplier can be 
> a good improvement.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (OFBIZ-12409) Support to manage order terms for purchase order

[Aishwary Shrivastava (Jira)]

 [ 
https://issues.apache.org/jira/browse/OFBIZ-12409?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aishwary Shrivastava updated OFBIZ-12409:
-
Component/s: order

> Support to manage order terms for purchase order
> 
>
> Key: OFBIZ-12409
> URL: https://issues.apache.org/jira/browse/OFBIZ-12409
> Project: OFBiz
>  Issue Type: Improvement
>  Components: order
>Affects Versions: Trunk
>Reporter: Aishwary Shrivastava
>Priority: Minor
>
> Terms in orders can be editable after placing the order 
> If we can add, update or delete the terms it can be useful for many scenarios



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (OFBIZ-12410) Receive product by supplier

[Aishwary Shrivastava (Jira)]

 [ 
https://issues.apache.org/jira/browse/OFBIZ-12410?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aishwary Shrivastava updated OFBIZ-12410:
-
Affects Version/s: Trunk

> Receive product by supplier 
> 
>
> Key: OFBIZ-12410
> URL: https://issues.apache.org/jira/browse/OFBIZ-12410
> Project: OFBiz
>  Issue Type: Improvement
>Affects Versions: Trunk
>Reporter: Aishwary Shrivastava
>Priority: Minor
>
> While receiving inventory many a times, a business can have shipment coming 
> from a supplier consisting many different  products.
> Adding support to received inventory for product by filtering supplier can be 
> a good improvement.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (OFBIZ-12409) Support to manage order terms for purchase order

[Aishwary Shrivastava (Jira)]

 [ 
https://issues.apache.org/jira/browse/OFBIZ-12409?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aishwary Shrivastava updated OFBIZ-12409:
-
Affects Version/s: Trunk

> Support to manage order terms for purchase order
> 
>
> Key: OFBIZ-12409
> URL: https://issues.apache.org/jira/browse/OFBIZ-12409
> Project: OFBiz
>  Issue Type: Improvement
>Affects Versions: Trunk
>Reporter: Aishwary Shrivastava
>Priority: Minor
>
> Terms in orders can be editable after placing the order 
> If we can add, update or delete the terms it can be useful for many scenarios



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (OFBIZ-12408) Add manifest id and date in shipment

[Aishwary Shrivastava (Jira)]

 [ 
https://issues.apache.org/jira/browse/OFBIZ-12408?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aishwary Shrivastava updated OFBIZ-12408:
-
Component/s: product/facility
 (was: order)

> Add  manifest  id and date in shipment 
> ---
>
> Key: OFBIZ-12408
> URL: https://issues.apache.org/jira/browse/OFBIZ-12408
> Project: OFBiz
>  Issue Type: Improvement
>  Components: product/facility
>Reporter: Aishwary Shrivastava
>Priority: Minor
>
> Adding a unique manifest id and date in the shipment can help in the 
> receiving of the shipment.
> Manifest id can be an attribute info in the shipment.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (OFBIZ-12407) Downloadable costing PDF

[Aishwary Shrivastava (Jira)]

 [ 
https://issues.apache.org/jira/browse/OFBIZ-12407?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aishwary Shrivastava updated OFBIZ-12407:
-
Component/s: product/catalog
 (was: manufacturing)

> Downloadable costing PDF
> 
>
> Key: OFBIZ-12407
> URL: https://issues.apache.org/jira/browse/OFBIZ-12407
> Project: OFBiz
>  Issue Type: Improvement
>  Components: product/catalog
>Affects Versions: Trunk
>Reporter: Aishwary Shrivastava
>Priority: Minor
>
> Costing is integral part for decision making.
> Many businesses will be benefited if they can generate a PDF for the costing 
> to make vital decisions and also to compare different costings.
> A support for downloadable PDF for costing can be a nice improvement



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (OFBIZ-12407) Downloadable costing PDF

[Aishwary Shrivastava (Jira)]

 [ 
https://issues.apache.org/jira/browse/OFBIZ-12407?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Aishwary Shrivastava updated OFBIZ-12407:
-
Affects Version/s: Trunk

> Downloadable costing PDF
> 
>
> Key: OFBIZ-12407
> URL: https://issues.apache.org/jira/browse/OFBIZ-12407
> Project: OFBiz
>  Issue Type: Improvement
>  Components: manufacturing
>Affects Versions: Trunk
>Reporter: Aishwary Shrivastava
>Priority: Minor
>
> Costing is integral part for decision making.
> Many businesses will be benefited if they can generate a PDF for the costing 
> to make vital decisions and also to compare different costings.
> A support for downloadable PDF for costing can be a nice improvement



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (OFBIZ-12391) Trustworthy OFBiz - audit capabilities

[Scott Gray (Jira)]

[ 
https://issues.apache.org/jira/browse/OFBIZ-12391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17452613#comment-17452613
 ] 

Scott Gray commented on OFBIZ-12391:


A few points here from my perspective:
 - createdDate and lastModifiedDate appear to duplicate what is already 
provided by createdStamp and lastUpdatedStamp, am I missing something?
 - Personally I haven't found much use over the past 15 years for tables which 
do carry the createdBy/lastModifiedBy fields. So much can happen between a 
record being created and its last modification that knowing these two data 
points has only limited benefit. For example if one user incorrectly updates a 
row and another user fixes it, you no longer have the information about who 
made the incorrect change. Also if one user changes column "A" and then another 
user changes column "B" and then you could easily assume incorrectly that the 
second user made both changes. 
 - Typically when I do need to identify which user made a specific change, I 
use the logs to determine this. I ensure every request logs a session id or 
other similar identifying information and then I narrow in on requests which 
would have caused the change in the time range I believe it would have occurred 
based on other events in the system which would have begun after the change. 
Once I've found the request, I can use the Visit table to determine who the 
user was based on the session id.
 - When I do need to record every change for a given data-point, I either turn 
on entity-audit logging or I create a custom audit table which is essentially a 
clone of the original table that records the state of each row before each 
change. More often than not though, this is for debugging rather than auditing.
 - In my experience very few tables are interesting enough to be audit worthy 
and what those tables might be is largely dependent on the business using the 
system

IMO allowing an administrator to turn on/off entity audit logging in the 
webtools UI would be more beneficial and flexible

> Trustworthy OFBiz - audit capabilities
> --
>
> Key: OFBIZ-12391
> URL: https://issues.apache.org/jira/browse/OFBIZ-12391
> Project: OFBiz
>  Issue Type: Improvement
>  Components: ALL COMPONENTS, framework/entity
>Affects Versions: Trunk
>Reporter: Pierre Smits
>Assignee: Pierre Smits
>Priority: Major
>  Labels: audit, entity, investigation, mvp, trust, usability
>
> When potential adopters want to use OFBiz as their primary solution for 
> business critical ERP (and related) processes, they (or at least their 
> auditors) want to be sure that they can see:
>  # who created the record in the underlying rdbms,
>  # when that record was created,
>  # who was the last one to modify the record
>  # when the modification happened.
> Currently out of the 800+ entities defined in the various entity model files, 
> only a fraction of the entities have fields defined for
>  * createdDate (23)
>  * createdByUserLogin (30)
>  * lastModifiedDate (24)
>  * lastModifiedByUserLogin (29)
> which means that for crucial entities (for a business) in OFBiz entities 
> records can be created and changed (for nefarious reasons) without auditors 
> and other investigators being able to state anything regarding the above 4 
> points.
> Currently there are over 600 entity-auto services invoking 'create', and 
> approximately the same amount of services that invoke 'update', that could 
> automatically set the fields listed above. However it is not done, because 
> these have not been defined.
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [ofbiz-framework] sonarcloud[bot] commented on pull request #380: Improved: List and Grid (OFBIZ-11345)

[GitBox]

sonarcloud[bot] commented on pull request #380:
URL: https://github.com/apache/ofbiz-framework/pull/380#issuecomment-984836545


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=380=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=380=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=380=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=380=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=380=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=380=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=380=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=380=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=380=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=380=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=380=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=380=false=CODE_SMELL)
   
   [![No Coverage 
information](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/NoCoverageInfo-16px.png
 'No Coverage 
information')](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=380)
 No Coverage information  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=380=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=380=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [ofbiz-framework] PierreSmits opened a new pull request #380: Improved: List and Grid (OFBIZ-11345)

[GitBox]

PierreSmits opened a new pull request #380:
URL: https://github.com/apache/ofbiz-framework/pull/380


   According to the definition in widget-form.xsd the use of a combination of a 
form with type="list" is deprecated in favour of a grid.
   Refactor various list forms into grids.
   Refactor various list form references in screens.
   
   modified in product component:
   ConfigScreens.xml: from form ref to grid ref , additional cleanup
   ConfigForms.xml: from form definition with list ref to grid definition with 
list ref, additional clean-up


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Created] (OFBIZ-12429) VIEW permissions - invoice overview term triggers

[Pierre Smits (Jira)]

Pierre Smits created OFBIZ-12429:


 Summary: VIEW permissions - invoice overview term triggers
 Key: OFBIZ-12429
 URL: https://issues.apache.org/jira/browse/OFBIZ-12429
 Project: OFBiz
  Issue Type: Improvement
  Components: accounting
Affects Versions: Trunk
Reporter: Pierre Smits
Assignee: Pierre Smits


Currently, when using a userId with only VIEW permission, the section terms 
shows triggers to term line items in the invoice overview. This should not be, 
as those triggers on the line items are reserved for users with CREATE/UPDATE 
permissions.

See (test with): 
https://localhost:8443/accounting/control/invoiceOverview?invoiceId=demo10001



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [ofbiz-framework] PierreSmits commented on pull request #379: Fixed: Induction from DB does not represent relations properly (OFBIZ-12178)

[GitBox]

PierreSmits commented on pull request #379:
URL: https://github.com/apache/ofbiz-framework/pull/379#issuecomment-984686682


   Thanks, Michael.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (OFBIZ-12391) Trustworthy OFBiz - audit capabilities

[Pierre Smits (Jira)]

[ 
https://issues.apache.org/jira/browse/OFBIZ-12391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17452436#comment-17452436
 ] 

Pierre Smits commented on OFBIZ-12391:
--

No worries, [~mbrohl]. Take your time.

For sure, there are multiple ways to get to Rome. And I rather collaborate than 
butt heads, when it comes to improving OFBiz for all..

> Trustworthy OFBiz - audit capabilities
> --
>
> Key: OFBIZ-12391
> URL: https://issues.apache.org/jira/browse/OFBIZ-12391
> Project: OFBiz
>  Issue Type: Improvement
>  Components: ALL COMPONENTS, framework/entity
>Affects Versions: Trunk
>Reporter: Pierre Smits
>Assignee: Pierre Smits
>Priority: Major
>  Labels: audit, entity, investigation, mvp, trust, usability
>
> When potential adopters want to use OFBiz as their primary solution for 
> business critical ERP (and related) processes, they (or at least their 
> auditors) want to be sure that they can see:
>  # who created the record in the underlying rdbms,
>  # when that record was created,
>  # who was the last one to modify the record
>  # when the modification happened.
> Currently out of the 800+ entities defined in the various entity model files, 
> only a fraction of the entities have fields defined for
>  * createdDate (23)
>  * createdByUserLogin (30)
>  * lastModifiedDate (24)
>  * lastModifiedByUserLogin (29)
> which means that for crucial entities (for a business) in OFBiz entities 
> records can be created and changed (for nefarious reasons) without auditors 
> and other investigators being able to state anything regarding the above 4 
> points.
> Currently there are over 600 entity-auto services invoking 'create', and 
> approximately the same amount of services that invoke 'update', that could 
> automatically set the fields listed above. However it is not done, because 
> these have not been defined.
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [ofbiz-framework] mbrohl edited a comment on pull request #379: Fixed: Induction from DB does not represent relations properly (OFBIZ-12178)

[GitBox]

mbrohl edited a comment on pull request #379:
URL: https://github.com/apache/ofbiz-framework/pull/379#issuecomment-984677525


   It's clearly stated, please have a look at the information below the title.
   Both target an source branches are named with reference to the 18.12 branch: 
"bjugl wants to merge 1 commit into apache:release18.12 from 
ecomify:OFBIZ-12178_ModelInduce_Relations_18_12"
   
   There already was a commit to trunk, this is the backport PR.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [ofbiz-framework] mbrohl commented on pull request #379: Fixed: Induction from DB does not represent relations properly (OFBIZ-12178)

[GitBox]

mbrohl commented on pull request #379:
URL: https://github.com/apache/ofbiz-framework/pull/379#issuecomment-984677525


   It's clearly stated, please have a look at the information below the title.
   Both target an source branches are named with reference to the 18.12 branch: 
"bjugl wants to merge 1 commit into apache:release18.12 from 
ecomify:OFBIZ-12178_ModelInduce_Relations_18_12"


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [ofbiz-framework] PierreSmits commented on pull request #379: Fixed: Induction from DB does not represent relations properly (OFBIZ-12178)

[GitBox]

PierreSmits commented on pull request #379:
URL: https://github.com/apache/ofbiz-framework/pull/379#issuecomment-984674645


   > > I tried to merge the commits in this PR into a test branch (based on 
current trunk), and it didn't go through. Multiple rejection files were created.
   > 
   > This PR is targeted towards the 18.12 release branch, it's not for trunk.
   
   Thanks for the update, @mbrohl 
   The ticket, however, states otherwise. 
   Furthermore, the description (given on Feb 16 of this year) does not 
indicate that this improvement solely applies to the branch started almost 3 
years ago. Of course, it could be the case. But shouldn't that be reflected in 
the ticket?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [ofbiz-framework] bjugl commented on pull request #379: Fixed: Induction from DB does not represent relations properly (OFBIZ-12178)

[GitBox]

bjugl commented on pull request #379:
URL: https://github.com/apache/ofbiz-framework/pull/379#issuecomment-984672315


   Thank you, Michael.
   
   On 02.12.21 15:17, Michael Brohl ***@***.***> wrote:
   > Please consider (for next time around) to keep the ticket id on the
   > first line. Otherwise the PR won't be referenced in the ticket.
   > 
   > Fixed.
   > 
   > 
   > You are receiving this because you were mentioned.
   > Reply to this email directly, view it on GitHub 
   > 
, 
   > or unsubscribe 
   > 
.
   > Triage notifications on the go with GitHub Mobile for iOS 
   > 

 
   > or Android 
   > 
.
 
   > 
   > 
   > 
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [ofbiz-framework] mbrohl commented on pull request #379: Fixed: Induction from DB does not represent relations properly (OFBIZ-12178)

[GitBox]

mbrohl commented on pull request #379:
URL: https://github.com/apache/ofbiz-framework/pull/379#issuecomment-984668229


   > Please consider (for next time around) to keep the ticket id on the first 
line. Otherwise the PR won't be referenced in the ticket.
   
   Fixed.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [ofbiz-framework] mbrohl commented on pull request #379: Fixed: Induction from DB does not represent relations properly.

[GitBox]

mbrohl commented on pull request #379:
URL: https://github.com/apache/ofbiz-framework/pull/379#issuecomment-984664103


   > I tried to merge the commits in this PR into a test branch (based on 
current trunk), and it didn't go through. Multiple rejection files were created.
   
   This PR is targeted towards the 18.12 release branch, it's not for trunk.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (OFBIZ-12391) Trustworthy OFBiz - audit capabilities

[Michael Brohl (Jira)]

[ 
https://issues.apache.org/jira/browse/OFBIZ-12391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17452423#comment-17452423
 ] 

Michael Brohl commented on OFBIZ-12391:
---

To make my position more clear: I see that this is a valid requirement and that 
we have to find a good solution for both users who have a need for the audit 
fields and who have not.

I just don't see the initial solution as sufficient/valid and try to find a 
collaborative way for a more comprehensive solution which fits both needs, is 
easily configurable and avoids hard coding.

I thought about it more deeply during my midday run and need some time to write 
down my thoughts and answers to your responses. I will come back to you at the 
end of the week latest.

> Trustworthy OFBiz - audit capabilities
> --
>
> Key: OFBIZ-12391
> URL: https://issues.apache.org/jira/browse/OFBIZ-12391
> Project: OFBiz
>  Issue Type: Improvement
>  Components: ALL COMPONENTS, framework/entity
>Affects Versions: Trunk
>Reporter: Pierre Smits
>Assignee: Pierre Smits
>Priority: Major
>  Labels: audit, entity, investigation, mvp, trust, usability
>
> When potential adopters want to use OFBiz as their primary solution for 
> business critical ERP (and related) processes, they (or at least their 
> auditors) want to be sure that they can see:
>  # who created the record in the underlying rdbms,
>  # when that record was created,
>  # who was the last one to modify the record
>  # when the modification happened.
> Currently out of the 800+ entities defined in the various entity model files, 
> only a fraction of the entities have fields defined for
>  * createdDate (23)
>  * createdByUserLogin (30)
>  * lastModifiedDate (24)
>  * lastModifiedByUserLogin (29)
> which means that for crucial entities (for a business) in OFBiz entities 
> records can be created and changed (for nefarious reasons) without auditors 
> and other investigators being able to state anything regarding the above 4 
> points.
> Currently there are over 600 entity-auto services invoking 'create', and 
> approximately the same amount of services that invoke 'update', that could 
> automatically set the fields listed above. However it is not done, because 
> these have not been defined.
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [ofbiz-framework] PierreSmits commented on pull request #379: Fixed: Induction from DB does not represent relations properly.

[GitBox]

PierreSmits commented on pull request #379:
URL: https://github.com/apache/ofbiz-framework/pull/379#issuecomment-984658188


   HI @bjugl,
   
   Please consider (for next time around) to keep the ticket id on the first 
line. Otherwise the PR won't be referenced in the ticket.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [ofbiz-framework] PierreSmits commented on pull request #378: Improved: VIEW permissions - invoice contact mechs (OFBIZ-12428)

[GitBox]

PierreSmits commented on pull request #378:
URL: https://github.com/apache/ofbiz-framework/pull/378#issuecomment-984652112


   Hi Jacques,
   
   It appears everything is ok now. Was the missing label the culprit?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [ofbiz-framework] sonarcloud[bot] removed a comment on pull request #378: Improved: VIEW permissions - invoice contact mechs (OFBIZ-12428)

[GitBox]

sonarcloud[bot] removed a comment on pull request #378:
URL: https://github.com/apache/ofbiz-framework/pull/378#issuecomment-984424564


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=378=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=378=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=378=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=CODE_SMELL)
   
   [![No Coverage 
information](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/NoCoverageInfo-16px.png
 'No Coverage 
information')](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=378)
 No Coverage information  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=378=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=378=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [ofbiz-framework] sonarcloud[bot] commented on pull request #378: Improved: VIEW permissions - invoice contact mechs (OFBIZ-12428)

[GitBox]

sonarcloud[bot] commented on pull request #378:
URL: https://github.com/apache/ofbiz-framework/pull/378#issuecomment-984649383


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=378=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=378=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=378=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=CODE_SMELL)
   
   [![No Coverage 
information](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/NoCoverageInfo-16px.png
 'No Coverage 
information')](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=378)
 No Coverage information  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=378=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=378=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [ofbiz-framework] PierreSmits commented on pull request #378: Improved: VIEW permissions - invoice contact mechs (OFBIZ-12428)

[GitBox]

PierreSmits commented on pull request #378:
URL: https://github.com/apache/ofbiz-framework/pull/378#issuecomment-984634899


   Hi @JacquesLeRoux,
   
   You have anymore insights?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [ofbiz-framework] PierreSmits commented on pull request #378: Improved: VIEW permissions - invoice contact mechs (OFBIZ-12428)

[GitBox]

PierreSmits commented on pull request #378:
URL: https://github.com/apache/ofbiz-framework/pull/378#issuecomment-984624010


   HI Jacques,
   
   Yes I did. Are you referring to the 'Java CI with Gradle/build 
(pull_request) failing check mentioned above?
   
   It seems there is something weird going on there.
   I did the obligatory **./gradlew cleanAll loadAll testIntegration**. Beyond 
the multitude of errors we see all the time with running the integration test, 
I could not find anything wrong (may have overlooked something). 
   Subsequently I did the **./gradlew ofbiz** in my dev setup, and activated 
the invoiceContactMech request for invoice="demo11001", no records shown. After 
adding an InvoiceContactMech record via entity management in webtools for the 
same invoice, I refreshed the aforementioned screen and data appears. So 
everything seems ok.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Closed] (OFBIZ-12425) Payment Applications shows wrong label translation

[Pierre Smits (Jira)]

 [ 
https://issues.apache.org/jira/browse/OFBIZ-12425?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Pierre Smits closed OFBIZ-12425.

Fix Version/s: Upcoming Branch
   Resolution: Fixed

Thanks to Jacques for his assistance to get this fix into the codebase.

> Payment Applications shows wrong label translation
> --
>
> Key: OFBIZ-12425
> URL: https://issues.apache.org/jira/browse/OFBIZ-12425
> Project: OFBiz
>  Issue Type: Bug
>  Components: accounting
>Affects Versions: Trunk
>Reporter: Pierre Smits
>Assignee: Pierre Smits
>Priority: Major
>  Labels: application, payment, translation, usability
> Fix For: Upcoming Branch
>
> Attachments: Screenshot 2021-12-01 at 15.04.47.png, Screenshot 
> 2021-12-01 at 15.06.36.png
>
>
> See: 
> https://demo-trunk.ofbiz.apache.org/accounting/control/editPaymentApplications?paymentId=8004
>  compared to 
> https://demo-stable.ofbiz.apache.org/accounting/control/editPaymentApplications?paymentId=8004
> With changes committed under  
> [https://github.com/apache/ofbiz-framework/commit/4aa2d714328447787455abcd5887ca99bcbf1152]
>  the label used changed, see below
> {code:java}
> -                                 text="${uiLabelMap.AccountingPayment} 
> ${uiLabelMap.AccountingApplications}"/>
> +                                 text="${uiLabelMap.AccountingPayment} 
> ${uiLabelMap.AccountingPaymentsApplications}"/>
>  {code}
> giving the resulting change from 'Payment Applications' for the 
> section/screenlet (as inline with the menu-item with translation 
> 'Applications') to 'Payment Payments' 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [ofbiz-framework] PierreSmits edited a comment on pull request #379: Fixed: Induction from DB does not represent relations properly.

[GitBox]

PierreSmits edited a comment on pull request #379:
URL: https://github.com/apache/ofbiz-framework/pull/379#issuecomment-984595557


   Hi @bjugl,
   
I tried to merge the commits in this PR into a test branch (based on 
current trunk), and it didn't go through. Multiple rejection files were created.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [ofbiz-framework] PierreSmits commented on pull request #379: Fixed: Induction from DB does not represent relations properly.

[GitBox]

PierreSmits commented on pull request #379:
URL: https://github.com/apache/ofbiz-framework/pull/379#issuecomment-984595557


   Hi @bjugl,
   
I tried to merge the commits in this PR to a test branch (based on current 
trunk), and it didn't go through. Multiple rejection files were created.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Commented] (OFBIZ-12425) Payment Applications shows wrong label translation

[ASF subversion and git services (Jira)]

[ 
https://issues.apache.org/jira/browse/OFBIZ-12425?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17452387#comment-17452387
 ] 

ASF subversion and git services commented on OFBIZ-12425:
-

Commit b2623276ef89d1b83c56b5d2ba404bbb5bf3a846 in ofbiz-framework's branch 
refs/heads/trunk from Pierre Smits
[ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=b262327 ]

Fixed: Payment Applications shows wrong label translation (OFBIZ-12425) (#376)

See: 
https://demo-trunk.ofbiz.apache.org/accounting/control/editPaymentApplications?paymentId=8004
 compared to 
https://demo-stable.ofbiz.apache.org/accounting/control/editPaymentApplications?paymentId=8004
With changes committed under  
https://github.com/apache/ofbiz-framework/commit/4aa2d714328447787455abcd5887ca99bcbf1152
 the label used changed, see below
-
+

giving the resulting change from 'Payment Applications' for the 
section/screenlet (as inline with the menu-item with translation 
'Applications') to 'Payment Payments'

modified: EditPaymentsApplications screen in PaymentScreens.xml
changed label combination for a more suitable label.

> Payment Applications shows wrong label translation
> --
>
> Key: OFBIZ-12425
> URL: https://issues.apache.org/jira/browse/OFBIZ-12425
> Project: OFBiz
>  Issue Type: Bug
>  Components: accounting
>Affects Versions: Trunk
>Reporter: Pierre Smits
>Assignee: Pierre Smits
>Priority: Major
>  Labels: application, payment, translation, usability
> Attachments: Screenshot 2021-12-01 at 15.04.47.png, Screenshot 
> 2021-12-01 at 15.06.36.png
>
>
> See: 
> https://demo-trunk.ofbiz.apache.org/accounting/control/editPaymentApplications?paymentId=8004
>  compared to 
> https://demo-stable.ofbiz.apache.org/accounting/control/editPaymentApplications?paymentId=8004
> With changes committed under  
> [https://github.com/apache/ofbiz-framework/commit/4aa2d714328447787455abcd5887ca99bcbf1152]
>  the label used changed, see below
> {code:java}
> -                                 text="${uiLabelMap.AccountingPayment} 
> ${uiLabelMap.AccountingApplications}"/>
> +                                 text="${uiLabelMap.AccountingPayment} 
> ${uiLabelMap.AccountingPaymentsApplications}"/>
>  {code}
> giving the resulting change from 'Payment Applications' for the 
> section/screenlet (as inline with the menu-item with translation 
> 'Applications') to 'Payment Payments' 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [ofbiz-framework] JacquesLeRoux commented on pull request #378: Improved: VIEW permissions - invoice contact mechs (OFBIZ-12428)

[GitBox]

JacquesLeRoux commented on pull request #378:
URL: https://github.com/apache/ofbiz-framework/pull/378#issuecomment-984592456


   Hi Pierre,
   
   Did you check locally? It seems we have a test issue.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [ofbiz-framework] JacquesLeRoux merged pull request #376: Fixed: Payment Applications shows wrong label translation (OFBIZ-12425)

[GitBox]

JacquesLeRoux merged pull request #376:
URL: https://github.com/apache/ofbiz-framework/pull/376


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Comment Edited] (OFBIZ-12391) Trustworthy OFBiz - audit capabilities

[Pierre Smits (Jira)]

[ 
https://issues.apache.org/jira/browse/OFBIZ-12391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17452357#comment-17452357
 ] 

Pierre Smits edited comment on OFBIZ-12391 at 12/2/21, 11:49 AM:
-

[~mbrohl],

Your initial argument(s) did't hold merit, and the new ones don't either. The 
paradigm you say it breaks is not there (unless you refer to the paradigm of 
inconsistency). Initially (and still), the code comes with functionality of 
fields being added to tables, without explicit definition in entities (the 
transaction fields). These fields are the same, falling under that paradigm: 
applicable to all entities.


was (Author: pfm.smits):
[~mbrohl],

Your initial argument(s) did't hold merit, and the new one don't either. The 
paradigm you say it breaks is not there (unless you refer to the paradigm of 
inconsistency). Initially (and still), the code comes with functionality of 
fields being added to tables, without explicit definition in entities (the 
transaction fields). These fields are the same, falling under that paradigm: 
applicable to all entities.

> Trustworthy OFBiz - audit capabilities
> --
>
> Key: OFBIZ-12391
> URL: https://issues.apache.org/jira/browse/OFBIZ-12391
> Project: OFBiz
>  Issue Type: Improvement
>  Components: ALL COMPONENTS, framework/entity
>Affects Versions: Trunk
>Reporter: Pierre Smits
>Assignee: Pierre Smits
>Priority: Major
>  Labels: audit, entity, investigation, mvp, trust, usability
>
> When potential adopters want to use OFBiz as their primary solution for 
> business critical ERP (and related) processes, they (or at least their 
> auditors) want to be sure that they can see:
>  # who created the record in the underlying rdbms,
>  # when that record was created,
>  # who was the last one to modify the record
>  # when the modification happened.
> Currently out of the 800+ entities defined in the various entity model files, 
> only a fraction of the entities have fields defined for
>  * createdDate (23)
>  * createdByUserLogin (30)
>  * lastModifiedDate (24)
>  * lastModifiedByUserLogin (29)
> which means that for crucial entities (for a business) in OFBiz entities 
> records can be created and changed (for nefarious reasons) without auditors 
> and other investigators being able to state anything regarding the above 4 
> points.
> Currently there are over 600 entity-auto services invoking 'create', and 
> approximately the same amount of services that invoke 'update', that could 
> automatically set the fields listed above. However it is not done, because 
> these have not been defined.
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (OFBIZ-12391) Trustworthy OFBiz - audit capabilities

[Pierre Smits (Jira)]

[ 
https://issues.apache.org/jira/browse/OFBIZ-12391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17452357#comment-17452357
 ] 

Pierre Smits commented on OFBIZ-12391:
--

[~mbrohl],

Your initial argument(s) did't hold merit, and the new one don't either. The 
paradigm you say it breaks is not there (unless you refer to the paradigm of 
inconsistency). Initially (and still), the code comes with functionality of 
fields being added to tables, without explicit definition in entities (the 
transaction fields). These fields are the same, falling under that paradigm: 
applicable to all entities.

> Trustworthy OFBiz - audit capabilities
> --
>
> Key: OFBIZ-12391
> URL: https://issues.apache.org/jira/browse/OFBIZ-12391
> Project: OFBiz
>  Issue Type: Improvement
>  Components: ALL COMPONENTS, framework/entity
>Affects Versions: Trunk
>Reporter: Pierre Smits
>Assignee: Pierre Smits
>Priority: Major
>  Labels: audit, entity, investigation, mvp, trust, usability
>
> When potential adopters want to use OFBiz as their primary solution for 
> business critical ERP (and related) processes, they (or at least their 
> auditors) want to be sure that they can see:
>  # who created the record in the underlying rdbms,
>  # when that record was created,
>  # who was the last one to modify the record
>  # when the modification happened.
> Currently out of the 800+ entities defined in the various entity model files, 
> only a fraction of the entities have fields defined for
>  * createdDate (23)
>  * createdByUserLogin (30)
>  * lastModifiedDate (24)
>  * lastModifiedByUserLogin (29)
> which means that for crucial entities (for a business) in OFBiz entities 
> records can be created and changed (for nefarious reasons) without auditors 
> and other investigators being able to state anything regarding the above 4 
> points.
> Currently there are over 600 entity-auto services invoking 'create', and 
> approximately the same amount of services that invoke 'update', that could 
> automatically set the fields listed above. However it is not done, because 
> these have not been defined.
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [ofbiz-framework] sonarcloud[bot] commented on pull request #379: Fixed: Induction from DB does not represent relations properly.

[GitBox]

sonarcloud[bot] commented on pull request #379:
URL: https://github.com/apache/ofbiz-framework/pull/379#issuecomment-984554810


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=379=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=379=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=379=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=379=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=379=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=379=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=379=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=379=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=379=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=379=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=379=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=379=false=CODE_SMELL)
   
   [![No Coverage 
information](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/NoCoverageInfo-16px.png
 'No Coverage 
information')](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=379)
 No Coverage information  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=379=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=379=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [ofbiz-framework] bjugl opened a new pull request #379: Fixed: Induction from DB does not represent relations properly.

[GitBox]

bjugl opened a new pull request #379:
URL: https://github.com/apache/ofbiz-framework/pull/379


   Fixed: Induction from DB does not represent relations properly.
   (OFBIZ-12178)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Comment Edited] (OFBIZ-12391) Trustworthy OFBiz - audit capabilities

[Pierre Smits (Jira)]

[ 
https://issues.apache.org/jira/browse/OFBIZ-12391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17452349#comment-17452349
 ] 

Pierre Smits edited comment on OFBIZ-12391 at 12/2/21, 11:35 AM:
-

Additionally, [~mbrohl], enhancing modelentity.java with the change under PR 
351 does NOT make these fields visible to every user. Access to record data in 
webtools is under the constraint of permissions, like access to the records in 
the underlying (r)dbms is.

And these fields (like the others defined via modelentity functionality), do 
NOT show up in grid/forms when those have following
{code:java}
 
{code}
included in the definition.


was (Author: pfm.smits):
Additionally, [~mbrohl], enhancing modelentity.java with the change under PR 
351 does NOT make these fields visible to every user. Access to record data in 
webtools is under the constraint of permissions, like access to the underlying 
(r)dbms is. 

And these fields (like the others defined via modelentity functionality), do 
NOT show up in grid/forms when those have following
{code:java}
 
{code}
included in the definition.

> Trustworthy OFBiz - audit capabilities
> --
>
> Key: OFBIZ-12391
> URL: https://issues.apache.org/jira/browse/OFBIZ-12391
> Project: OFBiz
>  Issue Type: Improvement
>  Components: ALL COMPONENTS, framework/entity
>Affects Versions: Trunk
>Reporter: Pierre Smits
>Assignee: Pierre Smits
>Priority: Major
>  Labels: audit, entity, investigation, mvp, trust, usability
>
> When potential adopters want to use OFBiz as their primary solution for 
> business critical ERP (and related) processes, they (or at least their 
> auditors) want to be sure that they can see:
>  # who created the record in the underlying rdbms,
>  # when that record was created,
>  # who was the last one to modify the record
>  # when the modification happened.
> Currently out of the 800+ entities defined in the various entity model files, 
> only a fraction of the entities have fields defined for
>  * createdDate (23)
>  * createdByUserLogin (30)
>  * lastModifiedDate (24)
>  * lastModifiedByUserLogin (29)
> which means that for crucial entities (for a business) in OFBiz entities 
> records can be created and changed (for nefarious reasons) without auditors 
> and other investigators being able to state anything regarding the above 4 
> points.
> Currently there are over 600 entity-auto services invoking 'create', and 
> approximately the same amount of services that invoke 'update', that could 
> automatically set the fields listed above. However it is not done, because 
> these have not been defined.
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (OFBIZ-12391) Trustworthy OFBiz - audit capabilities

[Pierre Smits (Jira)]

[ 
https://issues.apache.org/jira/browse/OFBIZ-12391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17452349#comment-17452349
 ] 

Pierre Smits commented on OFBIZ-12391:
--

Additionally, [~mbrohl], enhancing modelentity.java with the change under PR 
351 does NOT make these fields visible to every user. Access to record data in 
webtools is under the constraint of permissions, like access to the underlying 
(r)dbms is. 

And these fields (like the others defined via modelentity functionality), do 
NOT show up in grid/forms when those have following
{code:java}
 
{code}
included in the definition.

> Trustworthy OFBiz - audit capabilities
> --
>
> Key: OFBIZ-12391
> URL: https://issues.apache.org/jira/browse/OFBIZ-12391
> Project: OFBiz
>  Issue Type: Improvement
>  Components: ALL COMPONENTS, framework/entity
>Affects Versions: Trunk
>Reporter: Pierre Smits
>Assignee: Pierre Smits
>Priority: Major
>  Labels: audit, entity, investigation, mvp, trust, usability
>
> When potential adopters want to use OFBiz as their primary solution for 
> business critical ERP (and related) processes, they (or at least their 
> auditors) want to be sure that they can see:
>  # who created the record in the underlying rdbms,
>  # when that record was created,
>  # who was the last one to modify the record
>  # when the modification happened.
> Currently out of the 800+ entities defined in the various entity model files, 
> only a fraction of the entities have fields defined for
>  * createdDate (23)
>  * createdByUserLogin (30)
>  * lastModifiedDate (24)
>  * lastModifiedByUserLogin (29)
> which means that for crucial entities (for a business) in OFBiz entities 
> records can be created and changed (for nefarious reasons) without auditors 
> and other investigators being able to state anything regarding the above 4 
> points.
> Currently there are over 600 entity-auto services invoking 'create', and 
> approximately the same amount of services that invoke 'update', that could 
> automatically set the fields listed above. However it is not done, because 
> these have not been defined.
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (OFBIZ-12391) Trustworthy OFBiz - audit capabilities

[Michael Brohl (Jira)]

[ 
https://issues.apache.org/jira/browse/OFBIZ-12391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17452347#comment-17452347
 ] 

Michael Brohl commented on OFBIZ-12391:
---

It is simply a bad (wrong) approach to hard-code this into the core code and 
create all those fields instead of making it configurable as it is the case for 
any other entity definition configuration. It breaks this paradigm and has 
indeed an impact.

We should not do that.

> Trustworthy OFBiz - audit capabilities
> --
>
> Key: OFBIZ-12391
> URL: https://issues.apache.org/jira/browse/OFBIZ-12391
> Project: OFBiz
>  Issue Type: Improvement
>  Components: ALL COMPONENTS, framework/entity
>Affects Versions: Trunk
>Reporter: Pierre Smits
>Assignee: Pierre Smits
>Priority: Major
>  Labels: audit, entity, investigation, mvp, trust, usability
>
> When potential adopters want to use OFBiz as their primary solution for 
> business critical ERP (and related) processes, they (or at least their 
> auditors) want to be sure that they can see:
>  # who created the record in the underlying rdbms,
>  # when that record was created,
>  # who was the last one to modify the record
>  # when the modification happened.
> Currently out of the 800+ entities defined in the various entity model files, 
> only a fraction of the entities have fields defined for
>  * createdDate (23)
>  * createdByUserLogin (30)
>  * lastModifiedDate (24)
>  * lastModifiedByUserLogin (29)
> which means that for crucial entities (for a business) in OFBiz entities 
> records can be created and changed (for nefarious reasons) without auditors 
> and other investigators being able to state anything regarding the above 4 
> points.
> Currently there are over 600 entity-auto services invoking 'create', and 
> approximately the same amount of services that invoke 'update', that could 
> automatically set the fields listed above. However it is not done, because 
> these have not been defined.
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Comment Edited] (OFBIZ-12391) Trustworthy OFBiz - audit capabilities

[Pierre Smits (Jira)]

[ 
https://issues.apache.org/jira/browse/OFBIZ-12391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17452341#comment-17452341
 ] 

Pierre Smits edited comment on OFBIZ-12391 at 12/2/21, 11:21 AM:
-

Gutentag Michael,

Indeed, I am aware of this has a impact on GDPR policies and procedures of the 
OFBiz using organisations (in EU countries, and others with their own variants, 
e.g. US with CCPA). However, given that any OFBiz using organisation needs to 
have those anyway (especially when processing consumer data), this change 
doesn't have that great of a organisational impact.

It is a one-time process, required to be executed when the OFBiz instance is 
initialising and building the tables (and their fields) in the underlying 
(r)dbms. 

Like I said, easiest to implement now. And while we just provide the basic 
(technical) capability, we also provide a tangent to the integrators to 
potentially add additional (consultancy) revenues vis-a-vis OFBiz and GDPR 
implications.


was (Author: pfm.smits):
Gutentag Michael,

Indeed, I am aware of this has a impact on GDPR policies and procedures of the 
OFBiz using organisations (in EU countries, and others with their own variants, 
e.g. US with CCPA). However, given that any OFBiz using organisation needs to 
have those anyway (especially when processing consumer data), this change 
doesn't have that great of a technical impact.

It is a one-time process, required to be executed when the OFBiz instance is 
initialising and building the tables (and their fields) in the underlying 
(r)dbms. 

Like I said, easiest to implement now. And while we just provide the basic 
(technical) capability, we also provide a tangent to the integrators to 
potentially add additional (consultancy) revenues vis-a-vis OFBiz and GDPR 
implications.

> Trustworthy OFBiz - audit capabilities
> --
>
> Key: OFBIZ-12391
> URL: https://issues.apache.org/jira/browse/OFBIZ-12391
> Project: OFBiz
>  Issue Type: Improvement
>  Components: ALL COMPONENTS, framework/entity
>Affects Versions: Trunk
>Reporter: Pierre Smits
>Assignee: Pierre Smits
>Priority: Major
>  Labels: audit, entity, investigation, mvp, trust, usability
>
> When potential adopters want to use OFBiz as their primary solution for 
> business critical ERP (and related) processes, they (or at least their 
> auditors) want to be sure that they can see:
>  # who created the record in the underlying rdbms,
>  # when that record was created,
>  # who was the last one to modify the record
>  # when the modification happened.
> Currently out of the 800+ entities defined in the various entity model files, 
> only a fraction of the entities have fields defined for
>  * createdDate (23)
>  * createdByUserLogin (30)
>  * lastModifiedDate (24)
>  * lastModifiedByUserLogin (29)
> which means that for crucial entities (for a business) in OFBiz entities 
> records can be created and changed (for nefarious reasons) without auditors 
> and other investigators being able to state anything regarding the above 4 
> points.
> Currently there are over 600 entity-auto services invoking 'create', and 
> approximately the same amount of services that invoke 'update', that could 
> automatically set the fields listed above. However it is not done, because 
> these have not been defined.
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (OFBIZ-12391) Trustworthy OFBiz - audit capabilities

[Pierre Smits (Jira)]

[ 
https://issues.apache.org/jira/browse/OFBIZ-12391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17452341#comment-17452341
 ] 

Pierre Smits commented on OFBIZ-12391:
--

Gutentag Michael,

Indeed, I am aware of this has a impact on GDPR policies and procedures of the 
OFBiz using organisations (in EU countries, and others with their own variants, 
e.g. US with CCPA). However, given that any OFBiz using organisation needs to 
have those anyway (especially when processing consumer data), this change 
doesn't have that great of a technical impact.

It is a one-time process, required to be executed when the OFBiz instance is 
initialising and building the tables (and their fields) in the underlying 
(r)dbms. 

Like I said, easiest to implement now. And while we just provide the basic 
(technical) capability, we also provide a tangent to the integrators to 
potentially add additional (consultancy) revenues vis-a-vis OFBiz and GDPR 
implications.

> Trustworthy OFBiz - audit capabilities
> --
>
> Key: OFBIZ-12391
> URL: https://issues.apache.org/jira/browse/OFBIZ-12391
> Project: OFBiz
>  Issue Type: Improvement
>  Components: ALL COMPONENTS, framework/entity
>Affects Versions: Trunk
>Reporter: Pierre Smits
>Assignee: Pierre Smits
>Priority: Major
>  Labels: audit, entity, investigation, mvp, trust, usability
>
> When potential adopters want to use OFBiz as their primary solution for 
> business critical ERP (and related) processes, they (or at least their 
> auditors) want to be sure that they can see:
>  # who created the record in the underlying rdbms,
>  # when that record was created,
>  # who was the last one to modify the record
>  # when the modification happened.
> Currently out of the 800+ entities defined in the various entity model files, 
> only a fraction of the entities have fields defined for
>  * createdDate (23)
>  * createdByUserLogin (30)
>  * lastModifiedDate (24)
>  * lastModifiedByUserLogin (29)
> which means that for crucial entities (for a business) in OFBiz entities 
> records can be created and changed (for nefarious reasons) without auditors 
> and other investigators being able to state anything regarding the above 4 
> points.
> Currently there are over 600 entity-auto services invoking 'create', and 
> approximately the same amount of services that invoke 'update', that could 
> automatically set the fields listed above. However it is not done, because 
> these have not been defined.
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (OFBIZ-12391) Trustworthy OFBiz - audit capabilities

[Michael Brohl (Jira)]

[ 
https://issues.apache.org/jira/browse/OFBIZ-12391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17452334#comment-17452334
 ] 

Michael Brohl commented on OFBIZ-12391:
---

Please have in mind that audit functions are problematic in many companies as 
they allow to retrieve a footprint of the people working with the system (when, 
how fast etc.).

At least here in Germany, it is often not allowed or extremely restricted. I 
can image this is true also in other countries.

I think we should NOT have a core functionality in the entity core which 
automatically creates a huge number of table fields which might be not used 
ever.

I can think of doing it automatically for a table which has the 
enable-audit-log set to true. It would be fully configurable and also does not 
need to put the field definitions in every entity definition.

> Trustworthy OFBiz - audit capabilities
> --
>
> Key: OFBIZ-12391
> URL: https://issues.apache.org/jira/browse/OFBIZ-12391
> Project: OFBiz
>  Issue Type: Improvement
>  Components: ALL COMPONENTS, framework/entity
>Affects Versions: Trunk
>Reporter: Pierre Smits
>Assignee: Pierre Smits
>Priority: Major
>  Labels: audit, entity, investigation, mvp, trust, usability
>
> When potential adopters want to use OFBiz as their primary solution for 
> business critical ERP (and related) processes, they (or at least their 
> auditors) want to be sure that they can see:
>  # who created the record in the underlying rdbms,
>  # when that record was created,
>  # who was the last one to modify the record
>  # when the modification happened.
> Currently out of the 800+ entities defined in the various entity model files, 
> only a fraction of the entities have fields defined for
>  * createdDate (23)
>  * createdByUserLogin (30)
>  * lastModifiedDate (24)
>  * lastModifiedByUserLogin (29)
> which means that for crucial entities (for a business) in OFBiz entities 
> records can be created and changed (for nefarious reasons) without auditors 
> and other investigators being able to state anything regarding the above 4 
> points.
> Currently there are over 600 entity-auto services invoking 'create', and 
> approximately the same amount of services that invoke 'update', that could 
> automatically set the fields listed above. However it is not done, because 
> these have not been defined.
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Commented] (OFBIZ-12391) Trustworthy OFBiz - audit capabilities

[Pierre Smits (Jira)]

[ 
https://issues.apache.org/jira/browse/OFBIZ-12391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17452298#comment-17452298
 ] 

Pierre Smits commented on OFBIZ-12391:
--

Bonjour Jacques,

My apologies for not reacting in more detail regarding your comments earlier in 
this ticket. 

The 'enable-audit-log' attribute as defined in entitymodel.xsd, makes it a 
requirement (for the OFBiz implementing organisation) to change each individual 
field in the entity definition (in the various entity-model.xml files), when 
that organisation needs to have insights (via 
[https://demo-trunk.ofbiz.apache.org/webtools/control/entity/find/EntityAuditLog)]
 in changes effected to those defined fields.

This would be a process way to time consuming (as you know there currently 
1000s of field definitions) regarding implementation:  evaluating each entity 
and each field defined therein and subsequently enhancing those field 
definitions (and bringing it into the production environment).  Also, as David 
mentioned in the thread you referenced, in a production environment it could 
prove to be consuming to0 much resources (CPU, IO, storage which in a cloud 
environment could become very costly).

The least costly approach (and easiest to implement) to this is to enhance 
modelentity.java to add the basic audit-trial (investigation) fields, as we 
currently have on some entities, as shown in PR 351 (including clean-up). 
Making such by default available and filled through entity services, we ensure 
that each implementing organisation can see (via web-tools) for each record who 
created/modified it and when. Which is considered a basic requirement vis-a-vis 
trust and audit/investigation.

> Trustworthy OFBiz - audit capabilities
> --
>
> Key: OFBIZ-12391
> URL: https://issues.apache.org/jira/browse/OFBIZ-12391
> Project: OFBiz
>  Issue Type: Improvement
>  Components: ALL COMPONENTS, framework/entity
>Affects Versions: Trunk
>Reporter: Pierre Smits
>Assignee: Pierre Smits
>Priority: Major
>  Labels: audit, entity, investigation, mvp, trust, usability
>
> When potential adopters want to use OFBiz as their primary solution for 
> business critical ERP (and related) processes, they (or at least their 
> auditors) want to be sure that they can see:
>  # who created the record in the underlying rdbms,
>  # when that record was created,
>  # who was the last one to modify the record
>  # when the modification happened.
> Currently out of the 800+ entities defined in the various entity model files, 
> only a fraction of the entities have fields defined for
>  * createdDate (23)
>  * createdByUserLogin (30)
>  * lastModifiedDate (24)
>  * lastModifiedByUserLogin (29)
> which means that for crucial entities (for a business) in OFBiz entities 
> records can be created and changed (for nefarious reasons) without auditors 
> and other investigators being able to state anything regarding the above 4 
> points.
> Currently there are over 600 entity-auto services invoking 'create', and 
> approximately the same amount of services that invoke 'update', that could 
> automatically set the fields listed above. However it is not done, because 
> these have not been defined.
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[GitHub] [ofbiz-framework] sonarcloud[bot] commented on pull request #378: Improved: VIEW permissions - invoice contact mechs (OFBIZ-12428)

[GitBox]

sonarcloud[bot] commented on pull request #378:
URL: https://github.com/apache/ofbiz-framework/pull/378#issuecomment-984424564


   Kudos, SonarCloud Quality Gate passed!  ![Quality Gate 
passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/passed-16px.png
 'Quality Gate passed')
   
   
[![Bug](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/bug-16px.png
 
'Bug')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=BUG)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=BUG)
 [0 
Bugs](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=BUG)
  
   
[![Vulnerability](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/vulnerability-16px.png
 
'Vulnerability')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=VULNERABILITY)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=VULNERABILITY)
 [0 
Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=VULNERABILITY)
  
   [![Security 
Hotspot](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/security_hotspot-16px.png
 'Security 
Hotspot')](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=378=false=SECURITY_HOTSPOT)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=378=false=SECURITY_HOTSPOT)
 [0 Security 
Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_ofbiz-framework=378=false=SECURITY_HOTSPOT)
  
   [![Code 
Smell](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/code_smell-16px.png
 'Code 
Smell')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=CODE_SMELL)
 
[![A](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/RatingBadge/A-16px.png
 
'A')](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=CODE_SMELL)
 [0 Code 
Smells](https://sonarcloud.io/project/issues?id=apache_ofbiz-framework=378=false=CODE_SMELL)
   
   [![No Coverage 
information](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/CoverageChart/NoCoverageInfo-16px.png
 'No Coverage 
information')](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=378)
 No Coverage information  
   
[![0.0%](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/Duplications/3-16px.png
 
'0.0%')](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=378=new_duplicated_lines_density=list)
 [0.0% 
Duplication](https://sonarcloud.io/component_measures?id=apache_ofbiz-framework=378=new_duplicated_lines_density=list)
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[GitHub] [ofbiz-framework] PierreSmits opened a new pull request #378: Improved: VIEW permissions - invoice contact mechs (OFBIZ-12428)

[GitBox]

PierreSmits opened a new pull request #378:
URL: https://github.com/apache/ofbiz-framework/pull/378


   Though there is an entity InvoiceContactMech, this cannot be accessed by 
user with VIEW permissions when accessing an invoice.
   See:
   for entity data: 
https://demo-trunk.ofbiz.apache.org/webtools/control/entity/find/InvoiceContactMech
   test invoice: 
https://demo-trunk.ofbiz.apache.org/accounting/control/invoiceOverview?invoiceId=demo11001
   
   Modified:
   AccountingMenus.xml
   - added menu-item for contact mechs to InvoiceTabBar menu
   controller.xml
   - added request-map and view-map for request invoiceContactMech
   InvoiceScreens.xml
   - added screen for invoice contact mech(s)
   InvoiceForms.xml
   - added grid to display contact mech details


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@ofbiz.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

[jira] [Created] (OFBIZ-12428) VIEW permissions - invoice contact mechs

[Pierre Smits (Jira)]

Pierre Smits created OFBIZ-12428:


 Summary: VIEW permissions - invoice contact mechs
 Key: OFBIZ-12428
 URL: https://issues.apache.org/jira/browse/OFBIZ-12428
 Project: OFBiz
  Issue Type: Improvement
  Components: accounting
Affects Versions: Trunk
Reporter: Pierre Smits
Assignee: Pierre Smits


Though there is an entity InvoiceContactMech, this cannot be accessed by user 
with VIEW permissions when accessing an invoice.

See:
 * for entity data: 
https://demo-trunk.ofbiz.apache.org/webtools/control/entity/find/InvoiceContactMech
 * test invoice: 
https://demo-trunk.ofbiz.apache.org/accounting/control/invoiceOverview?invoiceId=demo11001



--
This message was sent by Atlassian Jira
(v8.20.1#820001)