| *** a42niem has quit IRC | 00:19 | |
| *** hieplq has joined #idempiere | 04:17 | |
| *** nmicoud has joined #idempiere | 07:00 | |
| *** norbertbede has joined #idempiere | 07:16 | |
| *** norbertbede has quit IRC | 07:19 | |
| *** JanLeMann has joined #idempiere | 07:26 | |
| JanLeMann | nmicoud ayt? | 07:26 |
|---|---|---|
| nmicoud | yep | 07:26 |
| JanLeMann | do you know how to use the org tree in role | 07:29 |
| JanLeMann | i thought you would select an org tree instead of defining the organizations in the role org access tab | 07:29 |
| nmicoud | no, i didn't know there was this field :) | 07:29 |
| *** nmicoud has left #idempiere | 07:30 | |
| *** nmicoud has joined #idempiere | 07:31 | |
| nmicoud | it is used in Login.getOrgsAddSummary | 07:32 |
| nmicoud | seems that you can define a tree org and apply it to a role. This would replace the AD_Org_Role_Access table ? | 07:33 |
| JanLeMann | i thought so | 07:53 |
| JanLeMann | but it doesnt work | 07:53 |
| JanLeMann | time for some debugging :D | 07:53 |
| nmicoud | :) | 07:53 |
| JanLeMann | i'm not really sure if this is intendend to be used in login | 08:07 |
| JanLeMann | the help text says something about financial reports | 08:07 |
| nmicoud | never trust the help :) | 08:08 |
| JanLeMann | but ther "and security access (via role)" confuses me | 08:08 |
| nmicoud | but if you look at Login.getOrgsAddSummary, you will see that the field is used for login | 08:09 |
| JanLeMann | in Login.java, role access is determined by sql and it doesnt take org trees into account | 08:09 |
| JanLeMann | in webui i thnk public KeyNamePair[] getRoles(String app_user, KeyNamePair client) is used | 08:09 |
| nmicoud | maybe if you give access to a summary role, then this piece of code is used | 08:10 |
| JanLeMann | so if i chose a org tree, i still have to assign orgs to the role | 08:12 |
| JanLeMann | wheres the advantage :/ | 08:12 |
| JanLeMann | ok i only have to add the summary role, right? | 08:13 |
| nmicoud | i think | 08:13 |
| JanLeMann | org* | 08:13 |
| JanLeMann | lets test this | 08:13 |
| JanLeMann | nope :( | 08:14 |
| JanLeMann | assigned gardenworl organizations as tree to role and added stores to org access | 08:15 |
| JanLeMann | but no orgs in login | 08:15 |
| nmicoud | so, perhaps a good candidate for IDEMPIERE-362 ? | 08:15 |
| JanLeMann | hmm | 08:18 |
| JanLeMann | i'm not 100% sure yet | 08:18 |
| JanLeMann | because since it says it's also used in financial reporting, maybe someone just forgot to implement it for login but it is used somewhere else | 08:18 |
| nmicoud | it think it is the same element which is used for financial reports, not the column ad_role.AD_Tree_Org_ID | 08:20 |
| JanLeMann | hmm yes or that | 08:20 |
| JanLeMann | ahh but not enough time to take a look at it yet... gotta go diving now | 08:20 |
| *** norbertbede has joined #idempiere | 08:20 | |
| JanLeMann | I'll ask in google groups | 08:21 |
| nmicoud | have fun | 08:21 |
| JanLeMann | maybe someone else knows more about | 08:21 |
| JanLeMann | bye | 08:21 |
| *** JanLeMann has quit IRC | 08:21 | |
| *** norbertbede has quit IRC | 10:48 | |
| *** hieplq has quit IRC | 11:59 | |
| *** JanLeMann has joined #idempiere | 12:35 | |
| JanLeMann | i think i found a bug or i'm not getting the point. I'm playing around with the personal lock feature of roles. I use SuperUser@GardenAdmin Role and GardenAdmin@GardenUser Role. With each user i create a product. With each user i set the personal lock. The result is that the other user cannot see the others product anymore. This is what i expect. | 12:42 |
| JanLeMann | But then when you use the record access dialog and setup the following: SuperUser@GardenAdmin sets up a new record acces with GardenUser role, active-Y, exclude-N, read only-N, dependent entities-Y. Then i cannot see any product with GardenAdmin@GardenUser | 12:45 |
| JanLeMann | when switching exclude to y on SuperUser@GardeAdmin i can see at least all the not locked products on GardenAdmin@GardenUser | 12:45 |
| JanLeMann | i tested it on demo.idempiere.com | 12:49 |
| JanLeMann | but not yet with 2.1 | 12:49 |
| *** JanLeMann has quit IRC | 13:12 | |
| *** hieplq has joined #idempiere | 13:19 | |
| *** CarlosRuiz has joined #idempiere | 15:33 | |
| *** ChanServ sets mode: +o CarlosRuiz | 15:33 | |
| *** CarlosRuiz has quit IRC | 16:17 | |
| *** nadrog has joined #idempiere | 17:01 | |
| *** hieplq has quit IRC | 18:10 | |
| *** hieplq has joined #idempiere | 19:51 | |
| *** hieplq has quit IRC | 20:18 | |
Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!