Odoo Web (MOVED TO GITHUB)

m2o vs access right

Bug #854729 reported by Aline (OpenERP) on 2011-09-20

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Odoo Addons (MOVED TO GITHUB)	Invalid	Undecided	Unassigned
	Odoo Web (MOVED TO GITHUB)	Confirmed	Wishlist	OpenERP R&D Web Team

Bug Description

a user who has no access to CREATE a new product shouldn't be able to see the product form if he tries to create a product from a m2o

Example :
- create a user with only access to sales see own leads
- log you as this user
- create a So
- create a SO line
- write "blabla" in product field
- create blabla (quick create)
- it opens the product form view (it should)
- you are able to fill in the product form
-> finally you save and you see that you cannot

this error (due to access right) should appear earlier in the flow just after clicking on "Create Blabla" (quick create)

Revision history for this message

Jignesh Rathod(OpenERP) (jir-openerp) wrote on 2011-09-21:

Hello,

@Addons3: I am confirming this issue for addons side improvement related to access rights of 'product.pricelist.version' object.
I am facing the access rights problem while creating SO and trying to select the product and faced the warning with the referenced object access rights.New User assigned access sale group with own lead only selection.

Thanks.

Changed in openobject-addons:
assignee:	nobody → OpenERP R&D Addons Team 3 (openerp-dev-addons3)
importance:	Undecided → Low
status:	New → Confirmed

Revision history for this message

Jignesh Rathod(OpenERP) (jir-openerp) wrote on 2011-09-21:

Hello,

I have faced the problem with web related issue which raises a wrong warning message, The warning message shows me mrp.property access rights issue missing which is totally misguiding end user for access rights issue.
GTK show me right error message regarding pricelist version missing.

I am confirming this bug for web problem also.

Thanks.

Changed in openerp-web:
assignee:	nobody → OpenERP R&D Web Team (openerp-dev-web)
importance:	Undecided → Medium
status:	New → Confirmed

Revision history for this message

Aline (OpenERP) (apr-tinyerp) wrote on 2011-09-21:

it is not an access right issue, access right are good, don't change it !

Changed in openobject-addons:
status:	Confirmed → Invalid

Vinay Rana (OpenERP) (vra-openerp) on 2011-09-21

Changed in openobject-addons:
importance:	Low → Undecided
assignee:	OpenERP R&D Addons Team 3 (openerp-dev-addons3) → nobody

Revision history for this message

Jignesh Rathod(OpenERP) (jir-openerp) wrote on 2011-09-21:

MRPProperty.png Edit (43.4 KiB, image/png)

Revision history for this message

Aline (OpenERP) (apr-tinyerp) wrote on 2011-09-21:

yes, there is maybe a problem but actually, when i reported that bug, it was for the web issues. I didn't check access right so i am not sur

Revision history for this message

Nicolas Vanhoren (OpenERP) (niv-openerp) wrote on 2011-09-22:

Current behavior of the web client seems quite good to me. Not worse than the gtk client by the way, even better in my option.

Anyway, implementing some sort of access right prediction could be quite complicated and would necessitate to think a lot about the implications of such a functionality. So I'll put that in wish list and we'll see after the rc1.

Changed in openerp-web:
importance:	Medium → Wishlist

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

MRPProperty.png Edit

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.