c2c-oerpscenario team mailing list archive
-
c2c-oerpscenario team
-
Mailing list archive
-
Message #25848
[Bug 722579] Re: [6.0] audit_trail settings should be readable by everyone, not just employee
This is not yet fixed in Stable 6.0.2.
Thanks.
** Changed in: openobject-addons
Milestone: 6.0.2 => None
** Changed in: openobject-addons
Status: Fix Released => In Progress
--
You received this bug notification because you are a member of C2C
OERPScenario, which is subscribed to the OpenERP Project Group.
https://bugs.launchpad.net/bugs/722579
Title:
[6.0] audit_trail settings should be readable by everyone, not just
employee
Status in OpenERP Modules (addons):
In Progress
Bug description:
When audit_trail is installed, every request needs to go through an audit step, in which audit_trail tries to determine the auditing rules for the current action.
This should be available also for external users or portal users (that do not belong to the Employee group), as we want them to be audited too, and not see an error for each request.
Therefore security settings should allow everyone to access
audit_trail rules, or better, the rules should be read as "uid 1" to
avoid any problem with the access rights during the processing of each
request.
See also bug 719289 which discovered this issue while reporting an
issue with web client.
References