[
https://issues.apache.org/jira/browse/OFBIZ-12419?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17450978#comment-17450978
]
Jacques Le Roux commented on OFBIZ-12419:
-----------------------------------------
Hi Pierre,
Did you test it?
It does not work, even if you add
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="AUDITOR"
permissionId="ACCTG_PREF_VIEW"/>
Turning
<log level="verbose" message="Checking for primary permission
${primaryPermission}_${mainAction}"/>
to "info" in genericBasePermissionCheck, here is the log:
{noformat}
2021-11-30 10:20:26,613 |jsse-nio-8443-exec-3 |ControlServlet
|T| [[[accounting::PartyAccountsSummary (Domain:https://localhost)] Request
Begun, encoding=[UTF-8]- total:0.0,since last(Begin):0.0]]
2021-11-30 10:20:26,660 |jsse-nio-8443-exec-3 |ConfigXMLReader
|I| controller loaded: 0.0s, 0 requests, 0 views in
file:/C:/projectsASF/Git/ofbiz-framework/framework/common/webcommon/WEB-INF/handlers-controller.xml
2021-11-30 10:20:26,661 |jsse-nio-8443-exec-3 |ConfigXMLReader
|I| controller loaded: 0.01s, 52 requests, 21 views in
file:/C:/projectsASF/Git/ofbiz-framework/framework/common/webcommon/WEB-INF/common-controller.xml
2021-11-30 10:20:26,671 |jsse-nio-8443-exec-3 |ConfigXMLReader
|I| controller loaded: 0.0s, 4 requests, 0 views in
file:/C:/projectsASF/Git/ofbiz-framework/applications/commonext/webapp/WEB-INF/controller.xml
2021-11-30 10:20:26,677 |jsse-nio-8443-exec-3 |ConfigXMLReader
|I| controller loaded: 0.037s, 514 requests, 243 views in
file:/C:/projectsASF/Git/ofbiz-framework/applications/accounting/webapp/accounting/WEB-INF/controller.xml
2021-11-30 10:20:26,678 |jsse-nio-8443-exec-3 |ConfigXMLReader
|I| controller loaded: 0.051s, 9 requests, 9 views in
file:/C:/projectsASF/Git/ofbiz-framework/plugins/birt/webapp/accounting/WEB-INF/controller.xml
2021-11-30 10:20:26,701 |jsse-nio-8443-exec-3 |Log
|I| [CommonPermissionServices.xml#genericBasePermissionCheck line 41] Checking
for primary permission ACCTG_PREF_VIEW
2021-11-30 10:20:26,701 |jsse-nio-8443-exec-3 |Log
|I| [CommonPermissionServices.xml#genericBasePermissionCheck line 59] This
simple-method-call is deprecated! Please use a service-call of
genericBasePermissionCheck instead.
2021-11-30 10:20:26,798 |jsse-nio-8443-exec-3 |ServiceDispatcher
|T| Sync service [accounting/genericBasePermissionCheck] finished in [97]
milliseconds
2021-11-30 10:20:26,798 |jsse-nio-8443-exec-3 |ServiceDispatcher
|T| Sync service [accounting/acctgPrefPermissionCheck] finished in [114]
milliseconds
2021-11-30 10:20:26,798 |jsse-nio-8443-exec-3 |ServiceUtil
|E| {errorMessage=Acc�s refus�, responseMessage=error}
2021-11-30 10:20:26,798 |jsse-nio-8443-exec-3 |ServiceDispatcher
|T| [[Sync service failed...- total:0.0,since last(Begin):0.0]] - 'accounting /
setAcctgCompany'
2021-11-30 10:20:26,799 |jsse-nio-8443-exec-3 |TransactionUtil
|I| Transaction rolled back
2021-11-30 10:20:26,799 |jsse-nio-8443-exec-3 |TransactionUtil
|W| Not committing transaction, status is No Transaction (6)
2021-11-30 10:20:26,799 |jsse-nio-8443-exec-3 |RequestHandler
|I| Ran Event [service:#setAcctgCompany] from [request], result is [error]
2021-11-30 10:20:26,799 |jsse-nio-8443-exec-3 |RequestHandler
|W| Could not find response in request [PartyAccountsSummary] for event return
[error]
2021-11-30 10:20:26,799 |jsse-nio-8443-exec-3 |RequestHandler
|I| Rendering View [PartyAccountsSummary]. Hidden sessionId by default.
2021-11-30 10:20:26,800 |jsse-nio-8443-exec-3 |ServiceDispatcher
|T| Sync service [accounting/getUserPreferenceGroup] finished in [1]
milliseconds
2021-11-30 10:20:26,809 |jsse-nio-8443-exec-3 |ScreenFactory
|I| Got 18 screens in 0.006s from:
file:/C:/projectsASF/Git/ofbiz-framework/applications/accounting/widget/GlScreens.xml
2021-11-30 10:20:26,826 |jsse-nio-8443-exec-3 |ScreenFactory
|I| Got 12 screens in 0.006s from:
file:/C:/projectsASF/Git/ofbiz-framework/applications/accounting/widget/CommonScreens.xml
2021-11-30 10:20:26,832 |jsse-nio-8443-exec-3 |ScreenFactory
|I| Got 1 screens in 0.005s from:
file:/C:/projectsASF/Git/ofbiz-framework/applications/commonext/widget/CommonScreens.xml
2021-11-30 10:20:26,981 |jsse-nio-8443-exec-3 |ServiceDispatcher
|T| Sync service [accounting/getLastSystemInfoNote] finished in [92]
milliseconds
2021-11-30 10:20:26,996 |jsse-nio-8443-exec-3 |ScreenFactory
|I| Got 29 screens in 0.008s from:
file:/C:/projectsASF/Git/ofbiz-framework/framework/common/widget/CommonScreens.xml
2021-11-30 10:20:27,186 |jsse-nio-8443-exec-3 |ScreenFactory
|I| Got 28 screens in 0.007s from:
file:/C:/projectsASF/Git/ofbiz-framework/themes/common-theme/widget/CommonScreens.xml
2021-11-30 10:20:27,257 |jsse-nio-8443-exec-3 |Log
|I| [CommonPermissionServices.xml#genericBasePermissionCheck line 41] Checking
for primary permission ACCTG_PREF_UPDATE
2021-11-30 10:20:27,257 |jsse-nio-8443-exec-3 |Log
|I| [CommonPermissionServices.xml#genericBasePermissionCheck line 59] This
simple-method-call is deprecated! Please use a service-call of
genericBasePermissionCheck instead.
2021-11-30 10:20:27,259 |jsse-nio-8443-exec-3 |ServiceDispatcher
|T| Sync service [accounting/genericBasePermissionCheck] finished in [1]
milliseconds
2021-11-30 10:20:27,259 |jsse-nio-8443-exec-3 |ServiceDispatcher
|T| Sync service [accounting/acctgPrefPermissionCheck] finished in [3]
milliseconds
2021-11-30 10:20:27,261 |jsse-nio-8443-exec-3 |Log
|I| [CommonPermissionServices.xml#genericBasePermissionCheck line 41] Checking
for primary permission ACCOUNTING_VIEW
2021-11-30 10:20:27,261 |jsse-nio-8443-exec-3 |Log
|I| [CommonPermissionServices.xml#genericBasePermissionCheck line 59] This
simple-method-call is deprecated! Please use a service-call of
genericBasePermissionCheck instead.
2021-11-30 10:20:27,262 |jsse-nio-8443-exec-3 |ServiceDispatcher
|T| Sync service [accounting/genericBasePermissionCheck] finished in [1]
milliseconds
2021-11-30 10:20:27,263 |jsse-nio-8443-exec-3 |ServiceDispatcher
|T| Sync service [accounting/basicGeneralLedgerPermissionCheck] finished in [3]
milliseconds
2021-11-30 10:20:27,299 |jsse-nio-8443-exec-3 |ServerHitBin
|I| Visit delegatorName=default, ServerHitBin delegatorName=default
2021-11-30 10:20:27,301 |jsse-nio-8443-exec-3 |ControlServlet
|T| [[[accounting::PartyAccountsSummary (Domain:https://localhost)] Request
Done- total:0.687,since last([accounting::Part...):0.687]]
{noformat}
Note: "Checking for primary permission ACCTG_PREF_UPDATE"
> VIEW permissions - error when accessing PartyAccountsSummary
> ------------------------------------------------------------
>
> Key: OFBIZ-12419
> URL: https://issues.apache.org/jira/browse/OFBIZ-12419
> Project: OFBiz
> Issue Type: Bug
> Components: accounting
> Affects Versions: Trunk
> Reporter: Pierre Smits
> Assignee: Pierre Smits
> Priority: Major
> Labels: gl-account, permissions, usability
>
> When a user with VIEW permissions (e.g. auditor) access the
> PartyAccountSummary via following uri, an error is shown.
> [https://demo-trunk.ofbiz.apache.org/accounting/control/PartyAccountsSummary]
> {code:java}
> The Following Errors Occurred:
> You haven't the permission for the service setAcctgCompany, reason : Access
> refused {code}
>
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
