OFBiz
  1. OFBiz
  2. OFBIZ-3952

Unable to create project task contents as admin

    Details

      Description

      When editing a task in the project manager application you cannot add content from the content tab if you have admin privileges. The permission is incorrectly labeled as "PROJECTMGR_ROLE_ADMIN" when it should be "PROJECTMGR_ADMIN."

      1. task_content_fix.patch
        0.7 kB
        Jeremy Olmstead

        Activity

        Hide
        Jeremy Olmstead added a comment -

        Patch to fix the incorrect permission check.

        Show
        Jeremy Olmstead added a comment - Patch to fix the incorrect permission check.
        Hide
        Jacques Le Roux added a comment -

        Not sure if it's the right solution, because PROJECTMGR_ROLE_ADMIN role does exist...

        Also please provide patches with pathes relative to project root, see https://cwiki.apache.org/confluence/display/OFBADMIN/OFBiz+Contributors+Best+Practices (patch section)

        Show
        Jacques Le Roux added a comment - Not sure if it's the right solution, because PROJECTMGR_ROLE_ADMIN role does exist... Also please provide patches with pathes relative to project root, see https://cwiki.apache.org/confluence/display/OFBADMIN/OFBiz+Contributors+Best+Practices (patch section)
        Hide
        Sascha Rodekamp added a comment -

        Hey Jeremy,
        i rechecked your reported bug. Couldn't reproduce it. For me the content creation in your described case worked.

        I gave my demoadmin login the following right:

        ASSETMAINTADMIN
        PROJECTADMIN
        

        So i don't see the bug in the TaskScreens permission check. But we can discuss if we add the

        ASSETMAINT_UPDATE
        

        permission to the PROJECTADMIN permission group?

        What do you think?

        Have a good day
        Sascha

        Show
        Sascha Rodekamp added a comment - Hey Jeremy, i rechecked your reported bug. Couldn't reproduce it. For me the content creation in your described case worked. I gave my demoadmin login the following right: ASSETMAINTADMIN PROJECTADMIN So i don't see the bug in the TaskScreens permission check. But we can discuss if we add the ASSETMAINT_UPDATE permission to the PROJECTADMIN permission group? What do you think? Have a good day Sascha
        Hide
        Jeremy Olmstead added a comment -

        PROJECT_ROLE_ADMIN does exist, but I believe it only gives the correct permissions if the user is a member of the project/task. Shouldn't Admin have the permissions even if he is not a member? PROJECT_ADMIN gives that access. The problem is easily reproduced, if it's really a problem. Just bring up any existing task and click on the Content tab. There is no "Create New" button for the admin. When you change the permission in TaskScreens.xml to PROJECT_ADMIN the "Create New" button appears.

        Show
        Jeremy Olmstead added a comment - PROJECT_ROLE_ADMIN does exist, but I believe it only gives the correct permissions if the user is a member of the project/task. Shouldn't Admin have the permissions even if he is not a member? PROJECT_ADMIN gives that access. The problem is easily reproduced, if it's really a problem. Just bring up any existing task and click on the Content tab. There is no "Create New" button for the admin. When you change the permission in TaskScreens.xml to PROJECT_ADMIN the "Create New" button appears.
        Hide
        Sascha Rodekamp added a comment -

        Hey Jeremy,

        hm that's strange i see this "Create New" button in the trunk. Maybe i misunderstood you

        My User have the ASSETMAINTADMIN and PROJECTADMIN security groups.

        I open a project, choose a task and switch to the Content Screen (TaskScreens.xml#EditTaskContents). I have a create button, see the screen shot.

        Did you use the regular permission groups or did you create your own one?

        Show
        Sascha Rodekamp added a comment - Hey Jeremy, hm that's strange i see this "Create New" button in the trunk. Maybe i misunderstood you My User have the ASSETMAINTADMIN and PROJECTADMIN security groups. I open a project, choose a task and switch to the Content Screen (TaskScreens.xml#EditTaskContents). I have a create button, see the screen shot. Did you use the regular permission groups or did you create your own one?
        Hide
        Sascha Rodekamp added a comment -

        Ah ok i got the issue.

        I created a new Security Group which have only the PROJECT_ADMIN_ALL permissions.
        Logining in with this permission the button stays away.

        But we should not remove the role_admin permission. Because, when we remove it a role admin is not able to add a new content either.

        I will commit the changes.
        Thanks Jeremey

        Show
        Sascha Rodekamp added a comment - Ah ok i got the issue. I created a new Security Group which have only the PROJECT_ADMIN_ALL permissions. Logining in with this permission the button stays away. But we should not remove the role_admin permission. Because, when we remove it a role admin is not able to add a new content either. I will commit the changes. Thanks Jeremey
        Hide
        Sascha Rodekamp added a comment -

        Your patch is in
        trunk @Rev1087596
        10.04 @Rev1087602
        09.04 @Rev1087602

        Show
        Sascha Rodekamp added a comment - Your patch is in trunk @Rev1087596 10.04 @Rev1087602 09.04 @Rev1087602
        Hide
        Jeremy Olmstead added a comment -

        I must have been signed in as flexadmin because you are correct, admin does have the correct permission and the create button does show up. Sorry about the confusion.

        Show
        Jeremy Olmstead added a comment - I must have been signed in as flexadmin because you are correct, admin does have the correct permission and the create button does show up. Sorry about the confusion.

          People

          • Assignee:
            Sascha Rodekamp
            Reporter:
            Jeremy Olmstead
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development