[
https://issues.apache.org/jira/browse/OFBIZ-12495?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17479326#comment-17479326
]
ASF subversion and git services commented on OFBIZ-12495:
---------------------------------------------------------
Commit f3775bde2d9f2a245dc0bf64c09d0de72812fde5 in ofbiz-framework's branch
refs/heads/trunk from Pierre Smits
[ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=f3775bd ]
Improved: Request Roles - VIEW permissions (OFBIZ-12495) (#448)
Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo
with userId = auditor, accessing the Request Roles screen, sees editable fields
and/or triggers (to requests) reserved for users with 'CREATE' or 'UPDATE'
permissions.
https://localhost:8443/ordermgr/control/requestroles?custRequestId=9000
Modified: CustRequestScreens.xml
- screen RequestRoles, restructured to work with permissions.
> Request Roles - VIEW permission
> -------------------------------
>
> Key: OFBIZ-12495
> URL: https://issues.apache.org/jira/browse/OFBIZ-12495
> Project: OFBiz
> Issue Type: Improvement
> Components: order
> Affects Versions: Upcoming Branch
> Reporter: Pierre Smits
> Assignee: Pierre Smits
> Priority: Major
> Labels: permissions, request, roles, trust, usability, ux
>
> Currently, a user with only 'VIEW' permissions, as demonstrated in trunk demo
> with userId = auditor, accessing the Request Roles screen, sees editable
> fields and/or triggers (to requests) reserved for users with 'CREATE' or
> 'UPDATE' permissions.
> https://localhost:8443/ordermgr/control/requestroles?custRequestId=9000
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
