[OFBIZ-12532] Accounting Transaction - VIEW permissions - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Patch Available
Priority: Major
Resolution: Unresolved
Affects Version/s: Upcoming Branch
Fix Version/s: None
Component/s: accounting
Labels:
- permissions
- transaction
- trust
- usability
- ux

Description

Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo with userId = auditor, accessing the accounting transactions screen, sees editable fields and/or triggers (to requests) reserved for users with 'CREATE' or 'UPDATE' permissions in unposted transactions.

To see/test with an unposed transaction: https://localhost:8443/accounting/control/EditAcctgTrans?organizationPartyId=Company&acctgTransId=10000

Attachments

Issue Links

links to

GitHub Pull Request #483

Activity

People

Assignee:: Pierre Smits

Reporter:: Pierre Smits

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 24/Jan/22 13:26

Updated:: 06/Jun/24 20:42