[ https://issues.apache.org/jira/browse/OFBIZ-12391?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jacques Le Roux closed OFBIZ-12391. ----------------------------------- Resolution: Implemented > Trustworthy OFBiz - audit capabilities > -------------------------------------- > > Key: OFBIZ-12391 > URL: https://issues.apache.org/jira/browse/OFBIZ-12391 > Project: OFBiz > Issue Type: Improvement > Components: ALL COMPONENTS, framework/entity > Affects Versions: Trunk, Upcoming Branch > Reporter: Pierre Smits > Assignee: Pierre Smits > Priority: Major > Labels: audit, entity, investigation, mvp, trust, usability > > When potential adopters want to use OFBiz as their primary solution for > business critical ERP (and related) processes, they (or at least their > auditors) want to be sure that they can see: > # who created the record in the underlying rdbms, > # when that record was created, > # who was the last one to modify the record > # when the modification happened. > Currently out of the 800+ entities defined in the various entity model files, > only a fraction of the entities have fields defined for > * createdDate (23) > * createdByUserLogin (30) > * lastModifiedDate (24) > * lastModifiedByUserLogin (29) > which means that for crucial entities (for a business) in OFBiz entities > records can be created and changed (for nefarious reasons) without auditors > and other investigators being able to state anything regarding the above 4 > points. > Currently there are over 600 entity-auto services invoking 'create', and > approximately the same amount of services that invoke 'update', that could > automatically set the fields listed above. However it is not done, because > these have not been defined. > > -- This message was sent by Atlassian Jira (v8.20.10#820010)