Review: Disapprove Hello,
I don't understand what you are trying to fix with this patch concerning the bug report, but this seems wrong. By ignoring the domain that was passed to the share wizard (wizard_data.domain) and replacing it with the domain of the related action, you are ignoring the filters selected by the users. This means that the user will be sharing everything that the action originally display, instead of only what the user wanted to share. This is a dangerous security problem, and not the expected behavior anyway. PS: when you make a merge proposal, please explain in a few words why you patched the code this way when it's not obvious... here it is not -- https://code.launchpad.net/~openerp-dev/openobject-addons/trunk-bug-902106-kjo/+merge/85432 Your team OpenERP R&D Team is subscribed to branch lp:~openerp-dev/openobject-addons/trunk-bug-902106-kjo. _______________________________________________ Mailing list: https://launchpad.net/~openerp-dev-gtk Post to : [email protected] Unsubscribe : https://launchpad.net/~openerp-dev-gtk More help : https://help.launchpad.net/ListHelp
