Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0014947
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Openbravo ERP] A. Platformtrivialalways2010-10-20 19:542010-12-21 00:00
Reporterdmitry_mezentsevView Statuspublic 
Assigned Toadrianromero 
PrioritynormalResolutionfixedFixed in Version
StatusclosedFix in branchFixed in SCM revision5fc875b9ab51
ProjectionnoneETAnoneTarget Version3.0RC3
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product Version2.50MP22SCM revision 
Review Assigned To
Web browser
ModulesCore
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0014947: Clean System Admin Role from the entities (Windows, Reports and so on) it should not have access to

DescriptionIf you access OB with a System Admin role you can see that it has an access to the Functional entities - Procurement Management, Sales Management, Master Data and so on, while it should not be the case.
System Admin should have an access only to the System Level (installation wide) specific components. IMO - Application Dictionary, General Setup.
Proposed SolutionSetup Proper Data Access Level for the mentioned above entities (Client/Org or Org).
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]

-  Notes
(0032386)
hgbot (developer)
2010-11-04 09:28

 Repository: erp/devel/pi
Changeset: 5fc875b9ab51e2676103ce2d7d69e62cb651525d
Author: Adrián Romero <adrianromero <at> openbravo.com>
Date: Wed Nov 03 18:11:37 2010 +0100
URL: http://code.openbravo.com/erp/devel/pi/rev/5fc875b9ab51e2676103ce2d7d69e62cb651525d [^]

Fixes issue 0014947: Clean System Admin Role from the entities (Windows, Reports and so on) it should not have access to
It has been changed the Access Level of all reports and processes that appear at System level

---
M src-db/database/sourcedata/AD_PROCESS.xml
---
(0032387)
adrianromero (manager)
2010-11-04 10:07

 * Testing the issue

In a clean Openbravo ERP installation, verify that logged as System Administrator Only appear in the menu the following options:

* Application Dictionary
** (All)
* General Setup
** (All)
* Master Data Management
** Send Mail Text
** Business Partner Setup
*** Title
*** Areas of Interest
** Product Setup
*** Unit of Measure
** Import Data
*** Import Loader Format
*** Import File Loader
*** Import Products
*** Import Business Partner
*** Import Account
*** Import Orders
*** Import Budget
*** Import Taxes
* Sales Management
** Setup
*** Mail Template
* Financial Management
** Setup
*** Accounting Dimension
*** Accounting Process
*** Account Combination
*** G/L Category
*** Document Type
*** Document Sequence
*** ABC Activity
*** Accounting templates

Verify that other roles have not been modified and continue having the same access to the application.

* Other areas affected

No other areas affected.
(0032450)
hudsonbot (developer)
2010-11-05 12:45

 A changeset related to this issue has been promoted to main after passing a series of tests and an OBX has been generated:

Changeset: http://code.openbravo.com/erp/devel/main/rev/5fc875b9ab51 [^]
Merge Changeset: http://code.openbravo.com/erp/devel/main/rev/f2cf138fa03c [^]
Tests: http://builds.openbravo.com/view/int/ [^]
OBX: http://builds.openbravo.com/erp/core/obx/OpenbravoERP-2.50CI.18797.obx [^]
(0033328)
psarobe (manager)
2010-12-20 19:31

 Tested working fine

- Issue History
Date Modified Username Field Change
2010-10-20 19:54 dmitry_mezentsev New Issue
2010-10-20 19:54 dmitry_mezentsev Assigned To => adrianromero
2010-11-04 09:28 hgbot Checkin
2010-11-04 09:28 hgbot Note Added: 0032386
2010-11-04 09:28 hgbot Status new => resolved
2010-11-04 09:28 hgbot Resolution open => fixed
2010-11-04 09:28 hgbot Fixed in SCM revision => http://code.openbravo.com/erp/devel/pi/rev/5fc875b9ab51e2676103ce2d7d69e62cb651525d [^]
2010-11-04 10:07 adrianromero Note Added: 0032387
2010-11-05 12:45 hudsonbot Checkin
2010-11-05 12:45 hudsonbot Note Added: 0032450
2010-12-20 19:31 psarobe Note Added: 0033328
2010-12-20 19:31 psarobe Status resolved => closed
2010-12-21 00:00 anonymous sf_bug_id 0 => 3140996

Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker