Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0015907Openbravo ERPC. Securitypublic2011-02-07 12:482011-02-22 11:55
Reporterjonalegriaesarte 
Assigned Toalostale 
PriorityurgentSeveritymajorReproducibilityalways
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version2.50MP26 
Target Version2.50MP27Fixed in Version 
Merge Request Status
Review Assigned To
OBNetwork customer
Web browser
ModulesCore
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0015907: Permissions to processes are not respected
DescriptionPermissions to processes are not respected.
Steps To Reproduce1) Log with user Openbravo with Openbravo Admin role.
2) Create a new role named My Role, select Manual.
3) Give it access ONLY to window Sales Invoice
4) Create a new user named myuser and assign him MyRole role.
5) Log in with user myuser and create a sales invoice with lines.
6) Click on Complete button.

Even if you have not been given access to Complete Invoice process you are able to
make this process.
Proposed Solution
Additional Information
TagsNo tags attached.
Relationships
blocks defect 00158742.50MP27 closed alostale Permissions to processes are not respected 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2011-02-09 17:31alostaleTypedefect => backport
2011-02-09 17:31alostalefix_in_branch => 2.50
2011-02-09 17:33hgbotCheckin
2011-02-09 17:33hgbotNote Added: 0034111
2011-02-09 17:33hgbotStatusscheduled => resolved
2011-02-09 17:33hgbotResolutionopen => fixed
2011-02-09 17:33hgbotFixed in SCM revision => http://code.openbravo.com/erp/stable/2.50/rev/ce8c13ed21b77502d4673ac7c35120b9d8daa089 [^]
2011-02-10 09:32hgbotCheckin
2011-02-10 09:32hgbotNote Added: 0034122
2011-02-10 09:32hgbotCheckin
2011-02-10 09:32hgbotNote Added: 0034123
2011-02-10 10:35hgbotCheckin
2011-02-10 10:35hgbotNote Added: 0034125
2011-02-10 11:24hgbotCheckin
2011-02-10 11:24hgbotNote Added: 0034128
2011-02-22 11:55iperdomoNote Added: 0034301
2011-02-22 11:55iperdomoStatusresolved => closed

Notes
(0034111)
hgbot   
2011-02-09 17:33   
Repository: erp/stable/2.50
Changeset: ce8c13ed21b77502d4673ac7c35120b9d8daa089
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Wed Feb 09 17:33:28 2011 +0100
URL: http://code.openbravo.com/erp/stable/2.50/rev/ce8c13ed21b77502d4673ac7c35120b9d8daa089 [^]

fixed bug 15907: Permissions to processes are not respected

---
M src-db/database/sourcedata/AD_REF_LIST.xml
M src-wad/src/org/openbravo/wad/javasource.javaxml
---
(0034122)
hgbot   
2011-02-10 09:32   
Repository: erp/stable/2.50
Changeset: d2395c19ca019bac36d20d037babe092fdbdfe6c
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Thu Feb 10 09:29:24 2011 +0100
URL: http://code.openbravo.com/erp/stable/2.50/rev/d2395c19ca019bac36d20d037babe092fdbdfe6c [^]

related to issue 15907: Reseting to tabId, not window Id

---
M src-wad/src/org/openbravo/wad/javasource.javaxml
---
(0034123)
hgbot   
2011-02-10 09:32   
Repository: erp/stable/2.50
Changeset: e3f618272cb996b9356d85875927b3708ae008c3
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Thu Feb 10 09:32:04 2011 +0100
URL: http://code.openbravo.com/erp/stable/2.50/rev/e3f618272cb996b9356d85875927b3708ae008c3 [^]

related to issue 15907: get preferences from string params

---
M src/org/openbravo/erpCommon/businessUtility/Preferences.java
---
(0034125)
hgbot   
2011-02-10 10:35   
Repository: erp/stable/2.50
Changeset: 54b8cc028e6f05cffc898741a6269bdf2349f7c7
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Thu Feb 10 10:34:55 2011 +0100
URL: http://code.openbravo.com/erp/stable/2.50/rev/54b8cc028e6f05cffc898741a6269bdf2349f7c7 [^]

related to issue 15907: Don't use 3.0 method

---
M src-wad/src/org/openbravo/wad/javasource.javaxml
---
(0034128)
hgbot   
2011-02-10 11:24   
Repository: erp/stable/2.50
Changeset: 068a281b42cdbc20376bdd86951b0c4803b21c53
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Thu Feb 10 11:23:53 2011 +0100
URL: http://code.openbravo.com/erp/stable/2.50/rev/068a281b42cdbc20376bdd86951b0c4803b21c53 [^]

related to issue 15907: Fix Login.java

---
M src/org/openbravo/erpCommon/security/Login.java
---
(0034301)
iperdomo   
2011-02-22 11:55   
Reviewed on 2.50 at rev d8ed25331b2a