Issue:

The ‘Project-Enable Financial’ access right allows a user to inline edit and save changes to the task even if the user does not have any task editing access right.

Steps to reproduce:

1. Create a user with the following access right: 

Global: Projects Navigate 

Global: Project - View Tasks - All 

2. Create a project and assign the newly created user to the team. Make sure the user is a participant on the project 

3. Create a task on the project 

4. Logout and log in as the user created 

5. The user can see the project where is a participant (as created on step 2) 

6. Go to the tasks tab and open the task. This is ‘read-only’ 

7. Try to make any changes on the task list view. Nothing is editable. 

8. Log in as admin and grant the following access right to the user:

Global: Project - Enable Financial 

9. Log out and log in as the user created with limited rights 

10. Go to the project > tasks tab and open the task. This is read-only 

11. Try to make any changes on the task list view

Expected Result: None of the fields are editable

Actual Result: Task start and finish and many other field are editable and modification and changes can made.

Environment:

CA PPM 14.2, 14.3

Cause:

CLRT-79418

Resolution: This issue is documented as CLRT-79418 and is currently being reviewed for a resolution by development.

Workaround: There is no identified workaround