[OFBIZ-12529] Party Rates - VIEW permissions - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Patch Available
Priority: Major
Resolution: Unresolved
Affects Version/s: Upcoming Branch
Fix Version/s: None
Component/s: party
Labels:
- permissions
- trust
- usability
- ux

Description

Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo with userId = auditor, accessing the Party Rates screen, sees editable fields and/or triggers (to requests) reserved for users with 'CREATE' or 'UPDATE' permissions.

To see:/test:

for DemoEmployee (rates in demo data): https://localhost:8443/partymgr/control/EditPartyRates?partyId=DemoEmployee
for DemoEmployee2 (after merge of PR74 in plugins): https://localhost:8443/partymgr/control/EditPartyRates?partyId=DemoEmployee2

Attachments

Issue Links

links to

GitHub Pull Request #481

Activity

People

Assignee:: Pierre Smits

Reporter:: Pierre Smits

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 24/Jan/22 10:21

Updated:: 06/Jun/24 20:42