Anonymous | Login
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Openbravo ERP] A. Platformminoralways2016-02-26 08:532016-03-17 10:56
ReporteralostaleView Statuspublic 
Assigned Toalostale 
PrioritynormalResolutionfixedFixed in Version3.0PR16Q2
StatusclosedFix in branchFixed in SCM revisionfd863146a4f4
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned Tocaristu
Web browser
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo

0032354: field edit access doesn't allow to save if tab contains audit fields in its AD definition

DescriptionIf a role has editable access to some fields in a tab that includes updated/updated by fields and in the editable permissions these fields are not included, when trying to edited any of the granted fields, an error message is seen and the operation is rolled back.

Though these fields are not required to be included in the tab because they are always automatically included, it is not prevented and, in fact, there are some windows tabs that include them [1].

Checking those fields if any other is editable, has no sense because they are always updated in any edition.

[1] There are 25 tabs in this situation:
  select window_name, tab_name
  from ad_column c, ad_field f, ad_tab t, ad_window w
  where (columnname ilike 'created' or columnname ilike 'updated')
  and f.ad_column_id = c.ad_column_id
  and f.isactive='Y'
  and t.ad_tab_id = f.ad_tab_id
  and t.isactive='Y'
  and t.ad_window_id = w.ad_window_id
  and w.isactive='Y'
  order by 1,2
Steps To Reproduce1. Login as Group Admin
2. Create a Role with
   - User Level: Client+Org
   - Org Access: España Región Sur
   - User Assignment: Openbravo
   - Window Access:
     - Window: Sales Invoice
     - Editable: No
   - Tab Access
     - Tab: Header
     - Editable: No
   - Field Access
     - Field: Description
     - Editable: Yes
3. Login with that role
4. Open Sales invoice and select any invoice in España Sur organization
5. Try to edit description field
   -> ERROR: Saving failed. Simple Role does not have access to the field Creation Date

Proposed SolutionAudit fields shouldn't be checked even they are not explicitly granted for edition.
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
related to defect 0032292 closedcaristu "OBSERDS_RoleHasNoFieldAccess" error thrown with specific role definition in Field tab 

-  Notes
hgbot (developer)
2016-02-26 08:59

Repository: erp/devel/pi
Changeset: fd863146a4f43e4e7589a83979fb00425643209a
Author: Asier Lostalé <asier.lostale <at>>
Date: Fri Feb 26 08:57:54 2016 +0100
URL: [^]

fixed bug 32354: field edit access doesn't allow to save if tab contains audit

  For tabs that explicitly define their audit (updated/updated by) fields, roles
  with access to edit only some fields couldn't save unless in those fields audit
  were also included.

  Now audit fields are not checked for this validation as they are always updated
  on any allowed modification.

M modules/org.openbravo.service.datasource/src/org/openbravo/service/datasource/
caristu (developer)
2016-02-26 12:58

Code review + tested OK
hudsonbot (developer)
2016-03-17 10:56

A changeset related to this issue has been promoted main and to the
Central Repository, after passing a series of tests.

Promotion changeset: [^]
Maturity status: Test

- Issue History
Date Modified Username Field Change
2016-02-26 08:53 alostale New Issue
2016-02-26 08:53 alostale Assigned To => platform
2016-02-26 08:53 alostale Modules => Core
2016-02-26 08:53 alostale Triggers an Emergency Pack => No
2016-02-26 08:54 alostale Review Assigned To => caristu
2016-02-26 08:54 alostale Description Updated View Revisions
2016-02-26 08:54 alostale Relationship added related to 0032292
2016-02-26 08:54 alostale Assigned To platform => alostale
2016-02-26 08:59 hgbot Checkin
2016-02-26 08:59 hgbot Note Added: 0084538
2016-02-26 08:59 hgbot Status new => resolved
2016-02-26 08:59 hgbot Resolution open => fixed
2016-02-26 08:59 hgbot Fixed in SCM revision => [^]
2016-02-26 12:58 caristu Note Added: 0084563
2016-02-26 12:58 caristu Status resolved => closed
2016-02-26 12:58 caristu Fixed in Version => 3.0PR16Q2
2016-03-17 10:56 hudsonbot Checkin
2016-03-17 10:56 hudsonbot Note Added: 0085170

Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker