[
https://issues.apache.org/jira/browse/OFBIZ-12414?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17449904#comment-17449904
]
Pierre Smits commented on OFBIZ-12414:
--------------------------------------
Ohh... With a user with CREATE privileges (e.g. admin, flexadmin, bizadmin, but
I used admin) , I added a new term to the invoice. Subsequently I click on the
menu-item for terms of the invoice. To see what the result was (without adding
a new term.
Next, I logged out as that user, and logged back in as the auditor user, went
to the invoice and clicked the terms menu-item.
> User with only 'VIEW' permissions and invoice terms
> ---------------------------------------------------
>
> Key: OFBIZ-12414
> URL: https://issues.apache.org/jira/browse/OFBIZ-12414
> Project: OFBiz
> Issue Type: Improvement
> Components: accounting
> Affects Versions: Trunk
> Reporter: Pierre Smits
> Assignee: Pierre Smits
> Priority: Major
> Labels: invoice, permissions, roles, terms, usability
>
> Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo
> with userId = auditor, accessing the terms screen on an invoice sees fields
> editable and triggers to requests reserved for users with 'CREATE' or
> 'UPDATE' permissions.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
