c2c-oerpscenario team mailing list archive

Thread
Date

[Bug 722579] Re: [6.0] audit_trail settings should be readable by everyone, not just employee

To: c2c-oerpscenario@xxxxxxxxxxxxxxxxxxx
From: "tfr \(Openerp\)" <722579@xxxxxxxxxxxxxxxxxx>
Date: Tue, 01 Mar 2011 11:35:41 -0000
Reply-to: Bug 722579 <722579@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

in trunk at revision 4465

** Changed in: openobject-addons
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of C2C
OERPScenario, which is subscribed to the OpenERP Project Group.
https://bugs.launchpad.net/bugs/722579

Title:
  [6.0] audit_trail settings should be readable by everyone, not just
  employee

Status in OpenERP Modules (addons):
  Fix Released

Bug description:
  When audit_trail is installed, every request needs to go through an audit step, in which audit_trail tries to determine the auditing rules for the current action.
  This should be available also for external users or portal users (that do not belong to the Employee group), as we want them to be audited too, and not see an error for each request.

  Therefore security settings should allow everyone to access
  audit_trail rules, or better, the rules should be read as "uid 1" to
  avoid any problem with the access rights during the processing of each
  request.

  See also bug 719289 which discovered this issue while reporting an
  issue with web client.

References

[Bug 722579] [NEW] [6.0] audit_trail settings should be readable by everyone, not just employee
From: Olivier Dony (OpenERP), 2011-02-21