You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@ofbiz.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2021/12/08 10:22:00 UTC

[jira] [Commented] (OFBIZ-12438) VIEW permissions FinAccount transactions

    [ https://issues.apache.org/jira/browse/OFBIZ-12438?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17455096#comment-17455096 ] 

ASF subversion and git services commented on OFBIZ-12438:
---------------------------------------------------------

Commit c9c494982c75e9d7483ec57bcc12ddd7f2792c91 in ofbiz-framework's branch refs/heads/trunk from Pierre Smits
[ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=c9c4949 ]

Improved: VIEW permissions FinAccount transactions (OFBIZ-12438) (#395)

Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo with userId = auditor, accessing the Financial Account transactions screen  sees editable fields and/or triggers (to requests) reserved for users with 'CREATE' or 'UPDATE' permissions.
See (test with):
https://demo-trunk.ofbiz.apache.org/accounting/control/EditFinAccount?finAccountId=ABN_CHECKING
https://demo-trunk.ofbiz.apache.org/accounting/control/FindFinAccountTrans

Modified:
FinAccountScreens.xml: restructured screen FindFinAccountTrans
FinAccountForms.xml: improved form FindFinAccountTrans

Added:
FinAccountTrans.ftl, for users with VIEW permissions, additional cleanup
FinAccountTransTotals.ftl, improve legibility of code of FinAccountTrans.ftl

> VIEW permissions FinAccount transactions
> ----------------------------------------
>
>                 Key: OFBIZ-12438
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-12438
>             Project: OFBiz
>          Issue Type: Improvement
>          Components: accounting
>    Affects Versions: Trunk
>            Reporter: Pierre Smits
>            Assignee: Pierre Smits
>            Priority: Major
>              Labels: financial_account, permissions, transactions, usability
>         Attachments: Screenshot 2021-12-08 at 09.02.17.png
>
>
> Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo with userId = auditor, accessing the Financial Account transactions screen  sees editable fields and/or triggers (to requests) reserved for users with 'CREATE' or 'UPDATE' permissions.
> See (test with):
>  * [https://demo-trunk.ofbiz.apache.org/accounting/control/EditFinAccount?finAccountId=ABN_CHECKING]
>  * [https://demo-trunk.ofbiz.apache.org/accounting/control/FindFinAccountTrans]
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)