Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0008372 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| defect | [Openbravo ERP] B. User interface | major | always | 2009-04-01 09:26 | 2009-04-25 00:00 | |||
| Reporter | areefbasha | View Status | public | |||||
| Assigned To | areefbasha | |||||||
| Priority | urgent | Resolution | fixed | Fixed in Version | 2.50MP1 | |||
| Status | closed | Fix in branch | Fixed in SCM revision | 89bb61b36cb4 | ||||
| Projection | none | ETA | none | Target Version | ||||
| OS | Linux 32 bit | Database | PostgreSQL | Java version | 1.6 | |||
| OS Version | CentOs 5.2 | Database version | 8.3.5 | Ant version | 1.7 | |||
| Product Version | pi | SCM revision | ||||||
| Merge Request Status | ||||||||
| Review Assigned To | ||||||||
| OBNetwork customer | No | |||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Support ticket | ||||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0008372: Reports shows data of all organizations | |||||||
| Description | In the following reports, if you don't select any organization, all data are shown, independently of organizations that user conected has access 1) Purchase Invoice Dimensional Report 2) Material Receipts Dimensional Report 3) Purchase Dimensional Report 4) Shipments Dimensional Report 5) Sales Order Returns Dimensional Report 6) Sales Dimensional Report 7) Invoices Tax Report | |||||||
| Steps To Reproduce | user1 only has access to org1 user2 only has access to org2 create invoice in org1 access to OpenbravoERP with user2 and execute sales invoice dimensional report with combo "Organization" void. The problem is that, if filter is left blank, organization 0 (and all its sub-organizations tree) is taken by default and causes this wrong filtering. | |||||||
| Proposed Solution | The proposed solution is the following: if a user leaves the Organization combo-box blank, the report will be filtered by the organization (and sub-organizations tree) the user is logged with. For the technical solution see 8343(Fixed in SCM revision). | |||||||
| Tags | main | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
|||||||||||||||
|
|||||||||||||||
 Relationships |
|
Notes |
|
|
(0015101) pjuvara (viewer) 2009-04-01 09:55 |
Please specify the product version. |
|
(0015102) pjuvara (viewer) 2009-04-01 09:56 |
This appears to be a major issue as it could result in users having access to data that they are not authorized to see. |
|
(0015297) hgbot (developer) 2009-04-09 07:08 |
Repository: erp/devel/pi Changeset: 89bb61b36cb49159382d7808c8a95910f7c43eb8 Author: Areef Basha <areef.basha <at> openbravo.com> Date: Thu Apr 09 10:35:27 2009 -0400 URL: http://code.openbravo.com/erp/devel/pi/rev/89bb61b36cb49159382d7808c8a95910f7c43eb8 [^] Fixes bug 8372: Reports shows data of all organizations. Now the report will be filtered by the organization (and sub-organizations tree) the user is logged with. --- M src/org/openbravo/erpCommon/ad_reports/ReportInvoiceVendorDimensionalAnalysesJR.java M src/org/openbravo/erpCommon/ad_reports/ReportMaterialDimensionalAnalysesJR.java M src/org/openbravo/erpCommon/ad_reports/ReportPurchaseDimensionalAnalysesJR.java M src/org/openbravo/erpCommon/ad_reports/ReportRefundSalesDimensionalAnalyses.java M src/org/openbravo/erpCommon/ad_reports/ReportRefundSalesDimensionalAnalysesPDF.java M src/org/openbravo/erpCommon/ad_reports/ReportSalesDimensionalAnalyzeJR.java M src/org/openbravo/erpCommon/ad_reports/ReportShipmentDimensionalAnalyzeJR.java M src/org/openbravo/erpCommon/ad_reports/ReportTaxInvoiceJR.java --- |
|
(0015679) sureshbabu (viewer) 2009-04-24 11:27 |
Tested working fine |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2009-04-01 09:26 | areefbasha | New Issue | |
| 2009-04-01 09:26 | areefbasha | Assigned To | => rafaroda |
| 2009-04-01 09:26 | areefbasha | OBNetwork customer | => No |
| 2009-04-01 09:26 | areefbasha | Regression testing | => No |
| 2009-04-01 09:55 | pjuvara | Note Added: 0015101 | |
| 2009-04-01 09:55 | pjuvara | Status | new => feedback |
| 2009-04-01 09:56 | pjuvara | Note Added: 0015102 | |
| 2009-04-01 09:56 | pjuvara | Priority | normal => urgent |
| 2009-04-01 09:56 | pjuvara | Severity | trivial => major |
| 2009-04-01 10:58 | areefbasha | version | => pi |
| 2009-04-02 09:35 | rafaroda | Assigned To | rafaroda => sathiyan |
| 2009-04-02 09:35 | rafaroda | Status | feedback => scheduled |
| 2009-04-02 09:35 | rafaroda | fix_in_branch | => pi |
| 2009-04-02 09:35 | rafaroda | Relationship added | related to 0008343 |
| 2009-04-02 11:35 | sathiyan | Assigned To | sathiyan => vinothbabu |
| 2009-04-02 11:45 | sathiyan | Assigned To | vinothbabu => areefbasha |
| 2009-04-07 10:55 | areefbasha | fix_in_branch | pi => |
| 2009-04-07 10:55 | areefbasha | Description Updated | |
| 2009-04-07 11:57 | areefbasha | Description Updated | |
| 2009-04-08 06:51 | areefbasha | Description Updated | |
| 2009-04-09 07:08 | hgbot | Checkin | |
| 2009-04-09 07:08 | hgbot | Note Added: 0015297 | |
| 2009-04-09 07:08 | hgbot | Status | scheduled => resolved |
| 2009-04-09 07:08 | hgbot | Resolution | open => fixed |
| 2009-04-09 07:08 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/89bb61b36cb49159382d7808c8a95910f7c43eb8 [^] |
| 2009-04-22 11:23 | psarobe | Tag Attached: main | |
| 2009-04-24 11:27 | sureshbabu | Status | resolved => closed |
| 2009-04-24 11:27 | sureshbabu | Note Added: 0015679 | |
| 2009-04-24 11:27 | sureshbabu | Fixed in Version | => main |
| 2009-04-25 00:00 | anonymous | sf_bug_id | 0 => 2780814 |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |