[Vtigercrm-developers] vtigercrm-developers Digest, Vol 99, Issue 11
Pabiszczak, Błażej
b.pabiszczak at opensaas.pl
Sat Apr 5 12:22:37 GMT 2014
True.
Z poważaniem / Regards
Błażej Pabiszczak
M: +48.884999123
E: b.pabiszczak at opensaas.pl
2014-04-05 14:00 GMT+02:00 <vtigercrm-developers-request at lists.vtigercrm.com
>:
> Send vtigercrm-developers mailing list submissions to
> vtigercrm-developers at lists.vtigercrm.com
>
> To subscribe or unsubscribe via the World Wide Web, visit
>
> http://lists.vtigercrm.com/cgi-bin/mailman/listinfo/vtigercrm-developers
>
> or, via email, send a message with subject or body 'help' to
> vtigercrm-developers-request at lists.vtigercrm.com
>
> You can reach the person managing the list at
> vtigercrm-developers-owner at lists.vtigercrm.com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of vtigercrm-developers digest..."
>
>
> Today's Topics:
>
> 1. Re: Dashboards/Widgets and Security... (Sreenivas Kanumuru)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 4 Apr 2014 18:53:05 +0530
> From: Sreenivas Kanumuru <svk at vtiger.com>
> To: "vtigercrm-developers at lists.vtigercrm.com"
> <vtigercrm-developers at lists.vtigercrm.com>
> Subject: Re: [Vtigercrm-developers] Dashboards/Widgets and Security...
> Message-ID:
> <
> CA+zQwC+6+L8Z5vpn4Rfwn8eSOkp9_BTy1e9RooXMbfQRCii0Pw at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Alan,
>
> if Sharing Rule is set to private, History widget does not show updates on
> records owned by superiors. Please confirm if Sharing Rule is set to
> private.
>
> thanks,
> Sreenivas
>
>
>
> On Fri, Apr 4, 2014 at 4:13 PM, Siam Translations LLP <
> info at siam-translations.com> wrote:
>
> > Noticed the same. Exposing unwanted information should be understood as
> > security hole and
> > needs prioritized attention.
> >
> >
> > Andrew
> >
> >
> >
> >
> > On 04-04-2014 3:18 PM, Alan Lord wrote:
> >
> >> Here's a use-case for VT6 that isn't really covered by the existing
> >> design of the Dashboard and other widgets from what I can tell.
> >>
> >> We recently implemented VT6 for a customer and they are pretty happy
> with
> >> it. They sell hardware and services via a fairly small network of
> dealers.
> >>
> >> They give each dealer a single login to vtiger with a fairly restrictive
> >> profile so they can basically just manage their Leads.
> >>
> >> The issue comes with the Dashboard, esp. the History Widget, (and
> >> probably the Activity [modTracker] widget on the summary page too but I
> >> haven't checked that one). When they first tested logging as a Dealer
> they
> >> were limited to seeing their own Lead records which is fine and
> expected.
> >> But the Dashboard History Widget shows *all* activities. This could, for
> >> example, show that a Lead had been assigned to a different Dealer in the
> >> same country, or perhaps a derogatory comment regarding a
> Dealer/Customer).
> >>
> >> Comments/Suggestions?
> >>
> >> Cheers
> >>
> >> Al
> >>
> >> _______________________________________________
> >> http://www.vtiger.com/
> >>
> >
> > _______________________________________________
> > http://www.vtiger.com/
> >
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20140404/8b0394e1/attachment-0001.html
> >
>
> ------------------------------
>
> _______________________________________________
> vtigercrm-developers mailing list
> vtigercrm-developers at lists.vtigercrm.com
> http://lists.vtigercrm.com/cgi-bin/mailman/listinfo/vtigercrm-developers
>
>
> End of vtigercrm-developers Digest, Vol 99, Issue 11
> ****************************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20140405/1b64a25e/attachment.html>
More information about the vtigercrm-developers
mailing list