[
https://issues.apache.org/jira/browse/OFBIZ-12523?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Pierre Smits updated OFBIZ-12523:
---------------------------------
Description:
Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo
with userId = auditor, accessing the Routing screen, sees editable fields
and/or triggers (to requests) reserved for users with 'CREATE' or 'UPDATE'
permissions.
To see/test:
https://demo-trunk.ofbiz.apache.org/manufacturing/control/EditRouting?workEffortId=DEFAULT_ROUTING
was:
Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo
with userId = auditor, accessing the Routing screen, sees editable fields
and/or triggers (to requests) reserved for users with 'CREATE' or 'UPDATE'
permissions.
To see/test:
[https://localhost:8443/accounting/control/EditAgreementRoles?agreementId=8000]
> Routing - VIEW permissions
> --------------------------
>
> Key: OFBIZ-12523
> URL: https://issues.apache.org/jira/browse/OFBIZ-12523
> Project: OFBiz
> Issue Type: Improvement
> Components: manufacturing
> Affects Versions: Upcoming Branch
> Reporter: Pierre Smits
> Assignee: Pierre Smits
> Priority: Major
> Labels: permissions, routing, trust, usability, ux
>
> Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo
> with userId = auditor, accessing the Routing screen, sees editable fields
> and/or triggers (to requests) reserved for users with 'CREATE' or 'UPDATE'
> permissions.
> To see/test:
> https://demo-trunk.ofbiz.apache.org/manufacturing/control/EditRouting?workEffortId=DEFAULT_ROUTING
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
