Openbravo Issue Tracking System - Openbravo ERP |
| View Issue Details |
|
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0003329 | Openbravo ERP | C. Security | public | 2007-05-14 18:47 | 2012-07-29 14:06 |
|
| Reporter | user71 | |
| Assigned To | alostale | |
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | |
| Platform | | OS | 5 | OS Version | |
| Product Version | | |
| Target Version | | Fixed in Version | 3.0MP9 | |
| Merge Request Status | |
| Review Assigned To | |
| OBNetwork customer | No |
| Web browser | |
| Modules | Core |
| Support ticket | |
| Regression level | |
| Regression date | |
| Regression introduced in release | |
| Regression introduced by commit | |
| Triggers an Emergency Pack | No |
|
| Summary | 0003329: Field permissions. |
| Description | Hi!
I think that it would be a good idea to add the access permissions scheme a new level: the field level. Explanation: now you can control access to a windows depending on the role of the user, but not to the fields in that window, so when you need one role to access this windows but with some fields disabled you have to create a "clone" window without those fields. This is a pain (you know where :-P).
I understand that managing permissions to the field level would be a rather difficult task, so I suggest that when you give a role permissions to a window (or tab) you give permission to all its fields, so you have to explicitly tell Openbravo which fields should be disabled (or not shown) only for the roles you need to.
Another suggestion: maybe it would be easier to implement if you could just mark a window (or tab) to be read-only for some roles. This is not as flexible as the field-level access control, but it would do in some cases.
Best regards!!
|
| Steps To Reproduce | |
| Proposed Solution | |
| Additional Information | |
| Tags | ReleaseCandidate |
| Relationships | |
| Attached Files | |
|
| Issue History |
| Date Modified | Username | Field | Change |
| 2008-07-01 19:57 | pjuvara | Assigned To | user71 => iciordia |
| 2008-07-01 19:57 | pjuvara | Status | new => acknowledged |
| 2008-07-01 19:57 | pjuvara | Tag Attached: ReleaseCandidate | |
| 2008-11-16 07:44 | pjuvara | Assigned To | iciordia => pjuvara |
| 2008-11-16 08:13 | pjuvara | OBNetwork customer | => No |
| 2008-11-16 08:13 | pjuvara | Category | 01. General setup => C. Security |
| 2008-11-16 08:13 | pjuvara | Description Updated | |
| 2009-05-22 19:36 | pjuvara | Assigned To | pjuvara => iciordia |
| 2012-07-29 14:05 | dmitry_mezentsev | Status | acknowledged => scheduled |
| 2012-07-29 14:05 | dmitry_mezentsev | Assigned To | iciordia => alostale |
| 2012-07-29 14:05 | dmitry_mezentsev | fix_in_branch | => pi |
| 2012-07-29 14:06 | dmitry_mezentsev | Note Added: 0050973 | |
| 2012-07-29 14:06 | dmitry_mezentsev | Status | scheduled => resolved |
| 2012-07-29 14:06 | dmitry_mezentsev | Fixed in Version | => 3.0MP9 |
| 2012-07-29 14:06 | dmitry_mezentsev | Fixed in SCM revision | => MP9 |
| 2012-07-29 14:06 | dmitry_mezentsev | Resolution | open => fixed |
| 2012-07-29 14:06 | dmitry_mezentsev | Status | resolved => closed |