Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Order view is not restricted by Acquisition unit

Description

Overview:

A user not included in Acquisition unit can view an Order with assigned Acquisition unit ("View" restriction is enabled)

Preconditions:

1.An Acquisition unit with ALL enabled restrictions (View, Edit, Create, Delete) exists

2.An order with Acquisition unit from Preconditions item #1 assigned to it exists in any status

3.A user NOT belonging to Acquisition unit from Preconditions item #1 is logged in with "Orders: Can view Orders and Order lines" permission
Steps to Reproduce:

  1. Go to "Orders" pane and search an Order from Preconditions item #2

Expected Results:

Order from Preconditions item #2 is not displayed in search results for user not included in Acquisition unit
Actual Results:

A user not included in Acquisition unit can view an Order from Preconditions item #2, just PO line is not displayed
Additional Information:
URL:https://folio-snapshot.dev.folio.org/, https://folio-snapshot-2.dev.folio.org/

Does not reproduce on MG and Nolana environments. Could be affected by MODORDERS-780

CSP Request Details

None

CSP Rejection Details

None

Potential Workaround

None

Attachments

2

defines

Checklist

hide

TestRail: Results

Activity

Show:

Dennis Bridges January 19, 2023 at 11:17 PM

Test successful in folio-snapshot.

NinaChistova January 18, 2023 at 10:12 AM

Tested on https://folio-snapshot.dev.folio.org/

Works as expected

could you please review?

Adesh Singh January 18, 2023 at 9:46 AM

Tested in snapshot..working as expected.
, requesting you to please verify. 

Done

Details

Assignee

Reporter

Tester Assignee

Priority

Story Points

Sprint

Development Team

Thunderjet

Fix versions

RCA Group

TBD

Affected releases

Orchid (R1 2023)

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs
Created January 3, 2023 at 2:03 PM
Updated January 31, 2023 at 12:49 PM
Resolved January 19, 2023 at 11:17 PM
Configure
TestRail: Cases
TestRail: Runs