[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How to fix permissions errors properly in trunk?



On Tue, Jun 16, 2009 at 10:02 AM, Jeff Kowalczyk <..hidden..> wrote:
Can I get some background on the proper way to enable some missing
permissions in the current trunk?

After running install-mycompany.sh, log in, go to AR | Sales Invoice.
Enter 'foo' in partnumber, press update:

Let's add a grant of select permissions to public on that table.  There should also be a role for managing translations which should be granted insert and update permissions.
 


 Error!

 SELECT p.id, p.partnumber, p.description, p.sellprice,
 p.listprice, p.lastcost, p.unit, p.assembly, p.bin,
 p.onhand, p.notes, p.inventory_accno_id,
 p.income_accno_id, p.expense_accno_id, pg.partsgroup,
 p.partsgroup_id, p.partnumber AS sku, p.weight,
 t1.description AS translation,
 t2.description AS grouptranslation
 FROM parts p
 LEFT JOIN partsgroup pg ON (pg.id = p.partsgroup_id)
 LEFT JOIN translation t1
 ON (t1.trans_id = p.id AND t1.language_code = ?)
 LEFT JOIN translation t2
 ON (t2.trans_id = p.partsgroup_id
 AND t2.language_code = ?)
 WHERE p.obsolete = '0' AND NOT p.income_accno_id IS NULL AND lower(p.partnumber) LIKE '%foo%' ORDER BY 2
 ERROR: permission denied for relation translation

 [Tue Jun 16 12:56:19 2009] [error] [client 127.0.0.1]
 DBD::Pg::st execute failed:
 ERROR:  permission denied for relation translation at
 LedgerSMB/IS.pm line 2143., referer:
 http://localhost/ledgersmb/is.pl?login=myuser&action="">


There are a few of this class of errors in the current trunk. I wanted to
know what the security framework requires in lsmb_mycompany__(ROLNAME)
terms, rather than just issuing GRANTs blindly.

Thanks,
Jeff


------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
Ledger-smb-devel mailing list
..hidden..
https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel