banking-addons-drivers team mailing list archive

Thread
Date

account_payment_security

To: banking-addons-drivers@xxxxxxxxxxxxxxxxxxx
From: Alexis de Lattre <alexis@xxxxxxxxxx>
Date: Wed, 19 Feb 2014 11:50:03 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0

I have just developped a small module account_payment_security whichaims at fixing the issue that I described long ago in this mail :https://lists.launchpad.net/openerp-community/msg01035.html

In short : regular users are usually in the "Contact Creation" groupbecause they need to create/modify partners. By default in OpenERP, italso grants them create/write permissions on bank accounts. If you useOpenERP to generate SEPA files and make payments, a regular user couldmodify the bank account of a supplier and put it's own bank accountinstead and receive the payments for the supplier on its own bankaccount ! As you can imagine, this is a problem :)

To ease the modification of this security setting, I have developped asmall module account_payment_security, which I just pushed in a junkbranch of Akretion :

http://bazaar.launchpad.net/~akretion-team/+junk/70-usability/files/head:/account_payment_security/

With this module, only the members of the group "Accounting / Payments"can create and modify bank accounts and banks. Also, some rights on theconfiguration of bank accounts (res.partner.bank.type andres.partner.bank.type.field) are moved from the group "Contact Creation"to "Financial Manager".


Two options :

1) you think this module could be usefull in the banking-addons project.In this case, I will prepare an MP to add this module in lp:banking-addons2) this module doesn't belong to the banking addons, and i'll keep itfor my own use in this Akretion branch.


Regards,

--
Alexis de Lattre

Follow ups

Re: account_payment_security
From: Stefan, 2014-02-19
Re: account_payment_security
From: Pedro Manuel Baeza Romero, 2014-02-19