[Vtigercrm-developers] Delete Permission Calendar Issue
Mariusz Krzaczkowski
m.krzaczkowski at yetiforce.com
Wed Jul 22 07:43:31 GMT 2015
Hi,
I'm sending a ready-made solutions of the problem. It's a quite serious
permissions error.
https://github.com/YetiForceCompany/YetiForceCRM/commit/ef5fbcc5e6ea03f304c04990a7210bee5c44a374
[4]
---
Z poważaniem / Regards
MARIUSZ KRZACZKOWSKI
_Director of Product Development_
M: +48 884-998-123
E: m.krzaczkowski at yetiforce.com
-------------------------
We created an innovative open source project called YetiForceCRM. You
can test it here [5], download [6] it for free or read its documentation
[7]. Follow us on Twitter [8] to get real-time info about new
functionalities and articles.
W dniu 2015-07-21 16:22, cryptic napisał(a):
> I've just raised a defect on trac. Is there any chance this could be resolved
> as a priority as at present users are able to delete records from the CRM
> when they don't have permission?
>
> Users are able to delete opportunities, invoices, projects and project tasks
> records via the calendar even when their profile is configured so that they
> cannot delete those type of entities. I could remove permission to delete
> calendar entries, but the popup reminders would become tiresome.
>
> I have replicated this bug in the vTiger demo.
>
> To replicate the defect-:
>
> Configure a profile so that 'Delete' is unchecked for Opportunities,
> Invoices, Projects and Project tasks
> Configure a user to use that profile
> Login as that user.
> Create an opportunity and/or invoice, project and project task.
> Go to the Calendar module. Hover cursor over the
> opportunity/invoice/project/project task entry.
> Click the trash icon
> The opportunity/invoice/project/project task record is then deleted when
> this should NOT be possible.
>
> http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/8605#modify [1]
>
> Note, that I've tested this in vTiger on-demand and the issue does not
> occur. It returns permission denied.
>
> --
> View this message in context: http://vtiger-crm.2324883.n4.nabble.com/Delete-Permission-Calendar-Issue-tp16978.html [2]
> Sent from the vtigercrm-developers mailing list archive at Nabble.com.
> _______________________________________________
> http://www.vtiger.com/ [3]
Links:
------
[1] http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/8605#modify
[2]
http://vtiger-crm.2324883.n4.nabble.com/Delete-Permission-Calendar-Issue-tp16978.html
[3] http://www.vtiger.com/
[4]
https://github.com/YetiForceCompany/YetiForceCRM/commit/ef5fbcc5e6ea03f304c04990a7210bee5c44a374
[5] https://test.yetiforce.com/
[6] https://github.com/YetiForceCompany/YetiForceCRM
[7] https://yetiforce.com/en/documentation.html
[8] https://twitter.com/YetiForceEN
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20150722/513004d8/attachment-0001.html>
More information about the vtigercrm-developers
mailing list