c2c-oerpscenario team mailing list archive

[Thomas Winteler <info@xxxxxxxxxxx>]

Hey Amit

i updated "addons" to latest rev (4576) and "-d database -u all"..

On one Database it worked and i tested "Accounting / Periodical Processing / Billing / Send followup" and the "Add" Button now works, i get the list of invoices that need a follow-up...
On another Database i get this: http://paste.ubuntu.com/606181/
I get also an error on a new database with: http://paste.ubuntu.com/606188/ (webclient error: http://paste.ubuntu.com/606190/)

Information about the "Follow-Up Sent" Process:
Is it possible to direct list all open invoices that need a follow-up instead of first press "Add" and then select open invoices? It is a step less to get the same result.. I know, that in old version of account_followup this worked..

Thanks for your Feedback...
Thomas

-- 
You received this bug notification because you are a member of C2C
OERPScenario, which is subscribed to the OpenERP Project Group.
https://bugs.launchpad.net/bugs/777850

Title:
  account_followup uses SQL query for getting data, cirmumventing
  security rules

Status in OpenERP Modules (addons):
  Fix Released

Bug description:
  this happens in v6 and trunk

  Hi. 
  Currently account_followup uses SQL queries to get invoice and partners to sent followups to. This doesn't take security rules into account, which is wrong. And ORM way would do the right thing here. 

  For example a very bad effect of this is that in a multicompany
  situation any user sees the open invoices of other companies, which
  shouldn't be.

  The interesting stuff happens here:
  http://bazaar.launchpad.net/~openerp/openobject-
  addons/trunk/view/head:/account_followup/wizard/account_followup_print.py

  Thanks!