Openbravo Issue Tracking System - Openbravo ERP |
| View Issue Details |
|
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0013484 | Openbravo ERP | 01. General setup | public | 2010-05-31 13:08 | 2010-07-16 00:00 |
|
| Reporter | rafaroda | |
| Assigned To | harikrishnan | |
| Priority | high | Severity | major | Reproducibility | always |
| Status | closed | Resolution | fixed | |
| Platform | | OS | 20 | OS Version | Ubuntu 7.10 |
| Product Version | 2.50MP17 | |
| Target Version | 2.50MP20 | Fixed in Version | | |
| Merge Request Status | |
| Review Assigned To | |
| OBNetwork customer | OBPS |
| Web browser | |
| Modules | Core |
| Support ticket | |
| Regression level | |
| Regression date | |
| Regression introduced in release | |
| Regression introduced by commit | |
| Triggers an Emergency Pack | No |
|
| Summary | 0013484: User created on Initial Organization Setup has Client Admin role |
| Description | On Initial Organization Setup a user is created: it is supposed to be the Organization administrator. Nevertheless, this user is automatically given a Client Administrator role.
This could be a security hole specially when different organizations are different companies. |
| Steps To Reproduce | 1) Perform an Initial Client Setup http://wiki.openbravo.com/wiki/ERP/2.50/Configuration_Manual/Modeling_your_enterprise#Setting_up_a_client [^]
2) Perform an Initial Organization Setup http://wiki.openbravo.com/wiki/ERP/2.50/Configuration_Manual/Modeling_your_enterprise#Setting_up_an_organization [^]
3) Navigate to General Setup || Security || User and select the Organization User created.
4) In user Roles tab see that the user has been assigned the Client Admin role. |
| Proposed Solution | |
| Additional Information | |
| Tags | No tags attached. |
| Relationships | | related to | defect | 0013483 | | closed | psarobe | Role System Administrator visible in Entity Roles |
|
| Attached Files | |
|
| Issue History |
| Date Modified | Username | Field | Change |
| 2010-05-31 13:08 | rafaroda | New Issue | |
| 2010-05-31 13:08 | rafaroda | Assigned To | => psarobe |
| 2010-05-31 13:08 | rafaroda | OBNetwork customer | => No |
| 2010-05-31 13:08 | rafaroda | Relationship added | related to 0013483 |
| 2010-06-28 11:06 | psarobe | Status | new => scheduled |
| 2010-06-28 11:06 | psarobe | Assigned To | psarobe => adrianromero |
| 2010-06-28 11:06 | psarobe | fix_in_branch | => pi |
| 2010-07-05 12:48 | jonalegriaesarte | OBNetwork customer | No => Yes |
| 2010-07-05 12:48 | jonalegriaesarte | Target Version | => 2.50MP21 |
| 2010-07-05 12:48 | jonalegriaesarte | fix_in_branch | pi => |
| 2010-07-05 12:50 | jonalegriaesarte | Target Version | 2.50MP21 => 2.50MP20 |
| 2010-07-14 15:31 | harikrishnan | Assigned To | adrianromero => harikrishnan |
| 2010-07-14 15:40 | hgbot | Checkin | |
| 2010-07-14 15:40 | hgbot | Note Added: 0029311 | |
| 2010-07-14 15:40 | hgbot | Status | scheduled => resolved |
| 2010-07-14 15:40 | hgbot | Resolution | open => fixed |
| 2010-07-14 15:40 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/8b98f543308c77448f62386fb1dfdb04b61fbd52 [^] |
| 2010-07-14 15:40 | harikrishnan | Note Added: 0029312 | |
| 2010-07-15 10:07 | sureshbabu | Note Added: 0029327 | |
| 2010-07-15 10:07 | sureshbabu | Status | resolved => closed |
| 2010-07-15 10:18 | hudsonbot | Checkin | |
| 2010-07-15 10:18 | hudsonbot | Note Added: 0029331 | |
| 2010-07-16 00:00 | anonymous | sf_bug_id | 0 => 3030266 |