Templates should bypass ACLs

Hello,

Right now using a template will bypass ACLs on the fields of the object but fail on the modification of other objects like putting a user in a group or putting a system in a DHCP. This is a bit inconsistent and we decided that applying a template should apply the whole template, bypassing ACLs.

This means if a user have enough rights to use a template, he can apply the whole template.

(from redmine: issue id 5625, created on 2017-06-19, closed on 2017-06-19)

• Changesets:
  • Revision fab9795d by Côme Chilliet on 2017-06-19T10:20:47.000Z:

Fixes #5625 Bypassing ACLs for adding users to groups/roles through templates

• Revision cc7ef059 by Côme Chilliet on 2017-06-19T14:18:17.000Z:

Fixes #5625 Add a flag to force a tabClass to bypass ACLs

• Custom Fields:
  • Support contract: Silver
  • Dolibarr project Name: PJ1610-0020

Applied in changeset commit:fusiondirectory|fab9795d.

(from redmine: written on 2017-06-19)

By Côme Chilliet on 2017-09-02T15:38:17 (imported from GitLab)

Set time spent

(from redmine: written on 2017-06-19)

By Côme Chilliet on 2017-09-02T15:38:17 (imported from GitLab)

Close issue

(from redmine: written on 2017-06-19)

By Jonathan Swaelens on 2017-09-02T15:38:17 (imported from GitLab)

added 6h of time spent

By Côme Chilliet on 2017-09-02T15:38:17 (imported from GitLab)

closed

By Jonathan Swaelens on 2017-09-02T15:38:17 (imported from GitLab)