ofbiz-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Pawan Verma (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (OFBIZ-10901) Editable screens/forms are shown to user with only VIEW permissions
Date Sat, 11 May 2019 18:44:00 GMT

    [ https://issues.apache.org/jira/browse/OFBIZ-10901?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16837909#comment-16837909
] 

Pawan Verma commented on OFBIZ-10901:
-------------------------------------

I think we need to make a list of suspected area and possibly create sub-tickets for each
component to make it easy for development and review. Please provide an example of a suspected
area so that the one who work one this gets a clear idea.

Thoughts, please!

> Editable screens/forms are shown to user with only VIEW permissions
> -------------------------------------------------------------------
>
>                 Key: OFBIZ-10901
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-10901
>             Project: OFBiz
>          Issue Type: Bug
>          Components: ALL APPLICATIONS
>    Affects Versions: Trunk, Release Branch 16.11, Release Branch 17.12, Release Branch
18.12
>            Reporter: Pierre Smits
>            Priority: Major
>
> Edit screens should not be shown to users who have only VIEW permissions. They should
be shown only display screens. 
> When such a user is misled and enters data to change the record an error is thrown.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message