Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0006527
TypeCategorySeverityReproducibilityDate SubmittedLast Update
feature request[Openbravo ERP] C. Securitymajoralways2008-12-14 10:532014-05-08 20:55
ReporterjtarbalView Statuspublic 
Assigned Toiciordia 
PrioritynormalResolutionopenFixed in Version
StatusacknowledgedFix in branchFixed in SCM revision
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product Version2.40SCM revision 
Review Assigned To
Web browser
ModulesCore
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0006527: Security enhancements related to role management

DescriptionHere you are a list of proposed security enhancements that are related to role management:
 - By default the role "System Administration" has access to some functionalities of "Master Data, Sales, Procurement, Warehouse, Production, MRP and Financial Management". This role should only have access to all functionalities of "Application Dictionary" and "General Setup".
 - By default when performing an "Initial Client Setup", the "Admin" role has access to some functionalities of "Application Dictionary" and shouldn't. Similarly, the User role has access to some functionalities of "General Setup" and shouldn't.
 - In all roles, the "Information" module in the left menu shows all possible searches. However, the searches should be related to the permissions that the role has. A criterion could be to link each of the search to some modules. For instance, the "Accounts" search could have sense if the role has access to the Financial Management module. However, the "Shipment line" search could be linked to the Sales, Warehouse and Procurement modules.
 - In the Role window, it would be great if in the permissions management tabs (windows, forms, reports, etc.) it appears the module (as in the left menu) that the functionality belongs. This would make a lot easier the permissions management.
 - In the Role window, it would be great to have a button to remove permissions by selecting a module (similar to the Insert Permissions button, but for removing purposes)
TagsClean-up, ReleaseCandidate
Attached Files

- Relationships Relation Graph ] Dependency Graph ]

-  Notes
(0014198)
jtarbal (reporter)
2009-03-02 09:31

These improvements would reduce the time needed when parametrizing different roles. Thus, it is an improvement for the consultants rather than the end-user.

Role parametrization is something that has to be done in all Openbravo ERP implementations.

- Issue History
Date Modified Username Field Change
2008-12-14 10:53 jtarbal New Issue
2008-12-14 10:53 jtarbal Assigned To => rafaroda
2008-12-14 10:53 jtarbal sf_bug_id 0 => 2426525
2008-12-17 10:07 rafaroda Assigned To rafaroda => pjuvara
2008-12-17 20:14 pjuvara Tag Attached: Clean-up
2008-12-17 20:14 pjuvara Tag Attached: ReleaseCandidate
2008-12-17 20:14 pjuvara Status new => acknowledged
2009-01-15 17:36 joan Issue Monitored: joan
2009-03-02 09:31 jtarbal Note Added: 0014198
2009-05-22 19:36 pjuvara Assigned To pjuvara => iciordia
2014-05-08 20:55 johnfandl Issue Monitored: johnfandl


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker