Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0015874 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| defect | [Openbravo ERP] C. Security | major | always | 2011-02-07 12:48 | 2011-05-24 10:56 | |||
| Reporter | jonalegriaesarte | View Status | public | |||||
| Assigned To | alostale | |||||||
| Priority | urgent | Resolution | fixed | Fixed in Version | ||||
| Status | closed | Fix in branch | pi | Fixed in SCM revision | 3cc3d1a740b2 | |||
| Projection | none | ETA | none | Target Version | 2.50MP27 | |||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | 2.50MP26 | SCM revision | ||||||
| Merge Request Status | ||||||||
| Review Assigned To | ||||||||
| OBNetwork customer | OBPS | |||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Support ticket | ||||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0015874: Permissions to processes are not respected | |||||||
| Description | Permissions to processes are not respected. | |||||||
| Steps To Reproduce | 1) Log with user Openbravo with Openbravo Admin role. 2) Create a new role named My Role, select Manual. 3) Give it access ONLY to window Sales Invoice 4) Create a new user named myuser and assign him MyRole role. 5) Log in with user myuser and create a sales invoice with lines. 6) Click on Complete button. Even if you have not been given access to Complete Invoice process you are able to make this process. | |||||||
| Tags | closingMay2011 | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
|||||||||||||||
|
|||||||||||||||
 Relationships |
|
Notes |
|
|
(0034108) alostale (viewer) 2011-02-09 17:31 |
This has been implemented as an optional configuration to be set through a preference: http://wiki.openbravo.com/wiki/Functional_Documentation/General_Setup#Process_Permissions [^] |
|
(0034110) hgbot (developer) 2011-02-09 17:32 |
Repository: erp/devel/pi Changeset: 3cc3d1a740b29ae39c0eadb9e2f498124c980514 Author: Asier Lostalé <asier.lostale <at> openbravo.com> Date: Wed Feb 09 17:32:12 2011 +0100 URL: http://code.openbravo.com/erp/devel/pi/rev/3cc3d1a740b29ae39c0eadb9e2f498124c980514 [^] fixed issue 15874: Permissions to processes are not respected --- M src-db/database/sourcedata/AD_REF_LIST.xml M src-wad/src/org/openbravo/wad/javasource.javaxml --- |
|
(0034120) hgbot (developer) 2011-02-10 09:27 |
Repository: erp/devel/pi Changeset: 06cb91c9976df02e9603b66297dbb064cbb9f731 Author: Asier Lostalé <asier.lostale <at> openbravo.com> Date: Thu Feb 10 09:25:06 2011 +0100 URL: http://code.openbravo.com/erp/devel/pi/rev/06cb91c9976df02e9603b66297dbb064cbb9f731 [^] related to issue 15874: Reseting to tabId, not window Id --- M src-wad/src/org/openbravo/wad/javasource.javaxml --- |
|
(0034121) hgbot (developer) 2011-02-10 09:27 |
Repository: erp/devel/pi Changeset: 34c584c37edce8021d68be5bfe9ec3ef03444f47 Author: Asier Lostalé <asier.lostale <at> openbravo.com> Date: Thu Feb 10 09:26:14 2011 +0100 URL: http://code.openbravo.com/erp/devel/pi/rev/34c584c37edce8021d68be5bfe9ec3ef03444f47 [^] related to issue 15874: Set admin mode when reading preferences --- M src/org/openbravo/erpCommon/businessUtility/Preferences.java --- |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2011-02-07 12:48 | jonalegriaesarte | New Issue | |
| 2011-02-07 12:48 | jonalegriaesarte | Assigned To | => alostale |
| 2011-02-07 12:48 | jonalegriaesarte | Modules | => Core |
| 2011-02-07 12:48 | jonalegriaesarte | OBNetwork customer | => Yes |
| 2011-02-07 12:49 | jonalegriaesarte | Issue Monitored: networkb | |
| 2011-02-07 13:03 | rafaroda | Issue Monitored: rafaroda | |
| 2011-02-09 17:31 | alostale | Note Added: 0034108 | |
| 2011-02-09 17:31 | alostale | Status | new => scheduled |
| 2011-02-09 17:31 | alostale | fix_in_branch | => pi |
| 2011-02-09 17:32 | hgbot | Checkin | |
| 2011-02-09 17:32 | hgbot | Note Added: 0034110 | |
| 2011-02-09 17:32 | hgbot | Status | scheduled => resolved |
| 2011-02-09 17:32 | hgbot | Resolution | open => fixed |
| 2011-02-09 17:32 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/3cc3d1a740b29ae39c0eadb9e2f498124c980514 [^] |
| 2011-02-10 09:27 | hgbot | Checkin | |
| 2011-02-10 09:27 | hgbot | Note Added: 0034120 | |
| 2011-02-10 09:27 | hgbot | Checkin | |
| 2011-02-10 09:27 | hgbot | Note Added: 0034121 | |
| 2011-05-24 10:08 | dalsasua | Tag Attached: closingMay2011 | |
| 2011-05-24 10:56 | dalsasua | Status | resolved => closed |
| 2013-06-12 08:26 | alostale | Relationship added | related to 0024005 |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |