Role Data Access Problems
Description
Environment
None
Activity
Show:
Incomplete
Details
Details
Assignee
Unassigned
UnassignedReporter
Dirk NiemeyerComponents
Priority
MajorCreated May 29, 2013 at 10:37 PM
Updated June 1, 2015 at 3:50 PM
Resolved April 17, 2015 at 10:36 PM
Create a new manual role (DataAccessTest in GardenWorld in demo system) related to Fertilizer org.
Set User Level to Organization.
Take away all access rights.
Give Org Access to Fertilizer org.
Give Window Access to Business Partner window (Read/Write).
Create DataAccessTestUser BP and user and assign it to DataAccessTest role.
Login as that user.
First problem:
When opening Business Partner window the user can see all BPs related to * organisation.
Looks like the User Level is not respected.
Second problem:
Login as GardenAdmin.
Open BP C&W and open the Record Access Dialog via the Lock icon.
Select DataAccessTest role, uncheck Exclude, check Read Only, uncheck Dependent Entities and save the rule.
Login as DataAccessTestUser.
Now the only entry in the Business Partner window is C&W.
No entries related to the Fertlizer org are visible.
Create a new BP entry and save it and it disappears immediately.
For the second case I have a workaround in MRole.getRecordWhere to show also the records belonging to the org of the role when there are included records in AD_Record_Access. But it does not solve the first problem.