Employee personal information is publicly accessible
Bug #1206802 reported by
Daniel Reis
This bug affects 3 people
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Odoo Addons (MOVED TO GITHUB) |
Confirmed
|
Wishlist
|
OpenERP R&D Addons Team 3 | ||
Bug Description
To reproduce:
* create a new user, with only access as HR Employee.
* login and go to the HR module, Employees option: as expected, you inly see the public tab.
* change to Tree view, select dome records and export them. You will be able to choose private fields, such as Home Address, Birth Date or Bank Account.
* Export the data, and you will have the personal information in a spreasheet
| information type: | Private Security → Public Security |
| Changed in openobject-addons: | |
| assignee: | nobody → OpenERP R&D Addons Team 3 (openerp-dev-addons3) |
| importance: | Undecided → Wishlist |
| status: | New → Confirmed |
| summary: |
- [7.0] Employee personal information is publicly accessible + Employee personal information is publicly accessible |
| tags: | added: hr |
To post a comment you must log in.
