← Back to team overview

openerp-india team mailing list archive

  1. openerp-india team
  2. Mailing list archive
  3. Message #13588

[Bug 1024114] [NEW] Update CSV files treated as noupdate=False

  Thread PreviousDate PreviousThread Next 
Public bug reported:

Hi all
There is a bug on V6.1 regarding .csv files. On update time, they are treated as noupdate=False, despite the documentation says they should be treated as noupdate=True
The attached patch correct the issue. It was already reported on bug #980369, but for a reason I don't known, never answered or treated

This bug can cause big difficulties, because .csv are used in two critical cases: initialization of the security records and initial customer data load.
In the first case (security descriptors), when you update the module, ALL CHANGES introduced to fine tune the security of the database are lost. That could be something easy to see (i.e. no access) or it could generate a major security breach for customer data, that could be eventually recognized when a (good) user reports problems, and thus the (bad) users will get granted access to restricted data for a while!
In the second case, initial customer data will be most probably updated by the customer on its daily operation. All changes will be LOST on an update of the initial modules (something common if you are on the initial phases of a project). Again, a critical case for many installation

I strongly believe this is a major problem.

This is a branch of https://bugs.launchpad.net/bugs/1023615

** Affects: openobject-server
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of OpenERP
Indian Team, which is subscribed to OpenERP Server.
https://bugs.launchpad.net/bugs/1024114

Title:
  Update CSV files treated as noupdate=False

Status in OpenERP Server:
  New

Bug description:
  Hi all
  There is a bug on V6.1 regarding .csv files. On update time, they are treated as noupdate=False, despite the documentation says they should be treated as noupdate=True
  The attached patch correct the issue. It was already reported on bug #980369, but for a reason I don't known, never answered or treated

  This bug can cause big difficulties, because .csv are used in two critical cases: initialization of the security records and initial customer data load.
  In the first case (security descriptors), when you update the module, ALL CHANGES introduced to fine tune the security of the database are lost. That could be something easy to see (i.e. no access) or it could generate a major security breach for customer data, that could be eventually recognized when a (good) user reports problems, and thus the (bad) users will get granted access to restricted data for a while!
  In the second case, initial customer data will be most probably updated by the customer on its daily operation. All changes will be LOST on an update of the initial modules (something common if you are on the initial phases of a project). Again, a critical case for many installation

  I strongly believe this is a major problem.

  This is a branch of https://bugs.launchpad.net/bugs/1023615

To manage notifications about this bug go to:
https://bugs.launchpad.net/openobject-server/+bug/1024114/+subscriptions

Follow ups

References

  Thread PreviousDate PreviousThread Next