Allow permission control for idempiereMonitor and OSGI console
Description
Actually idempiereMonitor and Felix console access is allowed just for hardcoded System role (AD_Role_ID=0).
This ticket is to make it configurable via the normal role configuration.
Idea is to create special records in Form and allow/disallow access in AD_Form_Access as usual.
Environment
Activity
Correct, idea is those pseudo-forms are "System only" access level.
If role is created on System client, I agree, it will be ok
i guess other roles but still only on system client
Hi ,
Nice feature
Just my 2 cents :
If you add the access to GardenWorld Admin, a user will be able to open the iDempiere monitor.
And so, he will see all schedulers (event those of others tenants).
Did you plan to filter usgin client/role the schedulers table ?
And same for Logs ; any user will be able to read logs from all tenants.
Isn't it a security hole ?
Regards,
Nicolas