← Back to team overview

banking-addons-drivers team mailing list archive



I have just developped a small module account_payment_security which aims at fixing the issue that I described long ago in this mail : https://lists.launchpad.net/openerp-community/msg01035.html

In short : regular users are usually in the "Contact Creation" group because they need to create/modify partners. By default in OpenERP, it also grants them create/write permissions on bank accounts. If you use OpenERP to generate SEPA files and make payments, a regular user could modify the bank account of a supplier and put it's own bank account instead and receive the payments for the supplier on its own bank account ! As you can imagine, this is a problem :)

To ease the modification of this security setting, I have developped a small module account_payment_security, which I just pushed in a junk branch of Akretion :

With this module, only the members of the group "Accounting / Payments" can create and modify bank accounts and banks. Also, some rights on the configuration of bank accounts (res.partner.bank.type and res.partner.bank.type.field) are moved from the group "Contact Creation" to "Financial Manager".

Two options :
1) you think this module could be usefull in the banking-addons project. In this case, I will prepare an MP to add this module in lp:banking-addons 2) this module doesn't belong to the banking addons, and i'll keep it for my own use in this Akretion branch.


Alexis de Lattre

Follow ups