Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Implemented
-
Trunk
-
None
Description
Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo with userId = auditor, accessing the Financial Account Roles screen sees editable fields and/or triggers (to requests) reserved for users with 'CREATE' or 'UPDATE' permissions.
See (test with): https://demo-trunk.ofbiz.apache.org/accounting/control/EditFinAccount?finAccountId=ABN_CHECKING
Attachments
Issue Links
- links to