Odoo Addons (MOVED TO GITHUB)

Employee personal address should be private information

Bug #1204455 reported by Daniel Reis on 2013-07-24

This bug affects 7 people

Affects		Status	Importance	Assigned to	Milestone
	Odoo Addons (MOVED TO GITHUB)	Fix Committed	Low	OpenERP R&D Addons Team 1

Bug Description

The Employee Home address is a private and sensitive information.
Only HR professional should have access to it.

However, since it's stored in the Partners table, anyone can see these addresses.
Making these addresses inactive does not solve the issue: they can still be accessed using an Advanced Filter "Active is false".

From a information security point of view, this is a show stopper.
So, a proper solution is needed (using record rules?).

By the way, for the case where an Employee can also be a Customer, two solutions are possible:
* you just create a new Customer record, just like what you would do for a non-employee; or
* in the Work Address you use a Parter record specific for that Person.

Tags:

Related branches

lp:~openerp-dev/openobject-addons/trunk-bug-1204455-ssh

Ready for review for merging into lp:openobject-addons

Daniel Reis (community): Needs Information on 2014-01-17

OpenERP Core Team: Pending requested 2014-01-17

Revision history for this message

Amit Parik (amit-parik) wrote on 2013-07-25:

Hello Daniel,

I agreed because payslip will be send at the home address of the employee. So its must be not accessed by the any other user.
Because If we using the hr_payroll_account modules and generate the accounting entry for the payslip then home address is passed on the journal item as a partner.

On OpenERPv7 we have removed the partner.address object and use the same object res.partner for the contacts and address both.
Thats why we have used the partner on home address field of the Employee.Also we can't put the restriction on access for the all partner for all users. So our sales/user or purchase/user able to update the partner record, here both have the same object so they can also able to update the employee's home address.

I have checked your both the solution but here both can't be feasible to solve the issue.

So currently I am setting this as a Wishlist because we need to improve this things and get the Opinion form community for the better solution.

Thanks for the reporting!

Changed in openobject-addons:
importance:	Undecided → Wishlist
status:	New → Opinion

Revision history for this message

Daniel Reis (dreis-pt) wrote on 2013-07-26:

Hi Amit,

I see that you also face this problem internally at OpenERP.
It certainly isn't an "error", but is it appropriate to mark for "wishlist" a problem that can make a module unusable?

You didn't explain why a record rule isn't a feasible solution.

I have found that res.partner has an "employee" boolean field.
It's a matter of creating a record rule: [('employee', ' =', False)]
, and adding to he_employee.address_id a context; {'employee: True }

It looks like a simple improvement to me.

Revision history for this message

Amit Parik (amit-parik) wrote on 2013-07-26:

Hello Daniel,

Yes, you are correct. We have a employee boolean field on partner but I didn't seen when it become True.

I agreed with your suggestion that we have to pass context {'employee: True } on personal address as well as we have to put the domain [('employee', ' =', True)] on that m20 field.

And record rule is a easy and feasible solution, consider with "Low" priority.

Thanks for the answer!

Changed in openobject-addons:
assignee:	nobody → OpenERP R&D Addons Team 1 (openerp-dev-addons1)
importance:	Wishlist → Low
status:	Opinion → Confirmed