Comment 5 for bug 1066580
Revision history for this message
| Olivier Dony (Odoo) (odo-openerp) wrote | #5 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Hello Christophe,
After further investigation, this was apparently changed in 6.1 at revision "<email address hidden>" where read access was granted by default to all Employees. I believe it was done because of the "History" tab that shows related Leads/Opportunities on the Customer form, which would make the form view crash for normal employees, even if the tab was hidden by a "groups" attribute.
The Leads have been removed from the History tab in 7.0 (replaced by a button to open the list) so we can simply drop this useless extra right. For 6.1 you could workaround this by adding an extra access rule on Leads to the Employee group, similarly to the one of the "Sales/See Own Leads" group. This effectively makes the "Sales/See Own Leads" group redundant with the "Employee" group, but at least provides a correct security control: normal employees will only see leads assigned to them - presumably none.
PS: I dropped the "Private" flag on the bug.