The employee sees data that is prohibited by rights
2020-10-01 12:08:22
there is a checkbox in the employee card - https://prnt.sc/up6uf6 , there are ordered products - /admin/shop/products/ordered/01&dateto=&datelastfrom=&datelastto=&filterclientid=&sorttype=---&filterid=&filterarticul=&filtercode1c=&filterbarcode= &filtermodel=&filtergroupped=&filtername=&filterpricefrom=&filterpriceto=&filtertags=&filterbrands=&categoryid=&searchLine=
1. in this report, the employee sees the margin - https://prnt.sc/up6y71 despite the fact that this is prohibited by rights
2. in the access rights in the card and for the role, this setting is disabled - https://prnt.sc/up6zq6 https://prnt.sc/up708q , but export on the page of ordered products can be done without problems - https://prnt. sc/up711h
3. this report cannot be closed for an employee, in access rights I can only hide this item here - https://prnt.sc/up7zha, but here it will still be available - http://joxi.ru/DrlzyDeTyd5yL2
in task 20156442
Original question is available on version: ru
1. in this report, the employee sees the margin - https://prnt.sc/up6y71 despite the fact that this is prohibited by rights
2. in the access rights in the card and for the role, this setting is disabled - https://prnt.sc/up6zq6 https://prnt.sc/up708q , but export on the page of ordered products can be done without problems - https://prnt. sc/up711h
3. this report cannot be closed for an employee, in access rights I can only hide this item here - https://prnt.sc/up7zha, but here it will still be available - http://joxi.ru/DrlzyDeTyd5yL2
in task 20156442
Answers:
Marina if you have already received an answer to your questions - then what is the purpose of putting it here on the forum?
01.10.2020, 22:38
Original comment available on version: ru
The goal is for them to take it for improvement and make revisions for customers for free.
Since now it does not work logically - one functionality contradicts another. What's the point of setting access rights then, if they can be easily bypassed by simply going to another page and this page cannot even be closed for an employee? Those. here I forbid you to see the margin, but if you are very interested, you can go here, see everything and even download it.
Since now it does not work logically - one functionality contradicts another. What's the point of setting access rights then, if they can be easily bypassed by simply going to another page and this page cannot even be closed for an employee? Those. here I forbid you to see the margin, but if you are very interested, you can go here, see everything and even download it.
02.10.2020, 09:45
Original comment available on version: ru
Mulach Marina Anatolievna
Employee wrote:
The goal is to take it for improvement and make a revision for customers for free. Since it doesn’t work now, it’s not logical - one functionality contradicts another. What's the point of setting access rights then, if they can be easily bypassed by simply going to another page and this page cannot even be closed for an employee? Those. here I forbid you to see the margin, but if you are very interested, you can go here, see everything and even download it.
The problem is that we are not so "Bad" that we did a rights check in one place, but some of your colleagues who set the task for evaluation say "I need a check only here and that's it, evaluate it only in this place" - and then they climb out here such situations because someone once saved.
In any case, for such an investment, you should not raise a question on the forum
02.10.2020, 09:50
Original comment available on version: ru
Please join the conversation. If you have something to say - please write a comment. You will need a mobile phone and an SMS code for identification to enter.
Log in and comment
Copyright © OneBox 2024
