mbrohl commented on pull request #344: URL: https://github.com/apache/ofbiz-framework/pull/344#issuecomment-971766009
The description of the corresponding issue reads: "Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo with userId = auditor, accessing the payments screen on an invoice sees fields editable and triggers to requests reserved for users with 'CREATE' or 'UPDATE' permissions." If you call it an improvement or bug (which I would call it), the description explains what should be fixed/improved. The changes in this PR are a lot more than just fixing the permission bug decribed there. I think I was clear enough and won't add more to this issue. I won't merge the PR as it is now. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
