[Vtigercrm-commits] [Vtiger development] #8346: In listview, Edit/Delete icons are always available no matter if user has permissions or not
Vtiger development
vtiger-tickets at trac.vtiger.com
Sat Nov 15 09:46:24 GMT 2014
#8346: In listview, Edit/Delete icons are always available no matter if user has
permissions or not
-------------------------+-------------------------------------------------
Reporter: | Owner: developer
socialboostdk | Status: new
Type: defect | Milestone: Unassigned
Priority: unassigned | Version: 6.1.0
Component: vtigercrm | Keywords: listview, list view, edit,
Severity: High | permissions, delete, access
-------------------------+-------------------------------------------------
In listview, Edit/Delete icons are always available no matter if user has
permissions or not:
When a user rolls over a contact in listview, whom is "read-only", then he
still gets the "edit-icon" and "delete-icon", like this:
http://screencast.com/t/zyK6pMUt
Clicking delete also gives modal-window with confirmation buttons:
http://screencast.com/t/k9qes7is
Luckily clicking yes, does give permission denied, as it should:
http://screencast.com/t/kNJi6twz
If he instead clicks edit it (of course) gives permission denied, as it
should: http://screencast.com/t/2AlBzSDv
If he clicks the user normally, then everything is fine and there is no
edit-button on the page: http://screencast.com/t/CVvpRgNYMc1
Ie. it seems to be a pure error in the listview, where the edit + delete
icons should only be displayed if the user is actually able to edit/delete
that contact (or other record).
This was tested in fresh 6.1 installation.
--
Ticket URL: <http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/8346>
Vtiger development <http://trac.vtiger.com/>
Vtiger CRM
More information about the vtigercrm-commits
mailing list