Openbravo Issue Tracking System - Openbravo ERP | |||||
| View Issue Details | |||||
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0006527 | Openbravo ERP | C. Security | public | 2008-12-14 10:53 | 2014-05-08 20:55 |
| Reporter | jtarbal | ||||
| Assigned To | iciordia | ||||
| Priority | normal | Severity | major | Reproducibility | always |
| Status | acknowledged | Resolution | open | ||
| Platform | OS | 5 | OS Version | ||
| Product Version | 2.40 | ||||
| Target Version | Fixed in Version | ||||
| Merge Request Status | |||||
| Review Assigned To | |||||
| OBNetwork customer | |||||
| Web browser | |||||
| Modules | Core | ||||
| Support ticket | |||||
| Regression level | |||||
| Regression date | |||||
| Regression introduced in release | |||||
| Regression introduced by commit | |||||
| Triggers an Emergency Pack | No | ||||
| Summary | 0006527: Security enhancements related to role management | ||||
| Description | Here you are a list of proposed security enhancements that are related to role management: - By default the role "System Administration" has access to some functionalities of "Master Data, Sales, Procurement, Warehouse, Production, MRP and Financial Management". This role should only have access to all functionalities of "Application Dictionary" and "General Setup". - By default when performing an "Initial Client Setup", the "Admin" role has access to some functionalities of "Application Dictionary" and shouldn't. Similarly, the User role has access to some functionalities of "General Setup" and shouldn't. - In all roles, the "Information" module in the left menu shows all possible searches. However, the searches should be related to the permissions that the role has. A criterion could be to link each of the search to some modules. For instance, the "Accounts" search could have sense if the role has access to the Financial Management module. However, the "Shipment line" search could be linked to the Sales, Warehouse and Procurement modules. - In the Role window, it would be great if in the permissions management tabs (windows, forms, reports, etc.) it appears the module (as in the left menu) that the functionality belongs. This would make a lot easier the permissions management. - In the Role window, it would be great to have a button to remove permissions by selecting a module (similar to the Insert Permissions button, but for removing purposes) | ||||
| Steps To Reproduce | |||||
| Proposed Solution | |||||
| Additional Information | |||||
| Tags | Clean-up, ReleaseCandidate | ||||
| Relationships | |||||
| Attached Files | |||||
| Issue History | |||||
| Date Modified | Username | Field | Change | ||
| 2008-12-14 10:53 | jtarbal | New Issue | |||
| 2008-12-14 10:53 | jtarbal | Assigned To | => rafaroda | ||
| 2008-12-14 10:53 | jtarbal | sf_bug_id | 0 => 2426525 | ||
| 2008-12-17 10:07 | rafaroda | Assigned To | rafaroda => pjuvara | ||
| 2008-12-17 20:14 | pjuvara | Tag Attached: Clean-up | |||
| 2008-12-17 20:14 | pjuvara | Tag Attached: ReleaseCandidate | |||
| 2008-12-17 20:14 | pjuvara | Status | new => acknowledged | ||
| 2009-01-15 17:36 | joan | Issue Monitored: joan | |||
| 2009-03-02 09:31 | jtarbal | Note Added: 0014198 | |||
| 2009-05-22 19:36 | pjuvara | Assigned To | pjuvara => iciordia | ||
| 2014-05-08 20:55 | johnfandl | Issue Monitored: johnfandl | |||
| Notes | |||||
|
|
|||||
|
|
||||