Any authenticated user can write on field for which he doesn't have access. Other access rights are correctly enforced.
There is no workaround.
All users should upgrade trytond to the latest version.
Affected versions per series: <=3.8.0, <=3.6.4, <=3.4.7 and <=3.2.9
Non affected version per series: >=3.8.1, >=3.6.5, >=3.4.8 and >=3.2.10
Any security concerns should be reported on the bug-tracker at https://bugs.tryton.org/ with the type security.
We are proud to announce the 3.8 release of Tryton.
For the first time the release contains sao, the new web client of Tryton. It is the result of the Indiegogo campaign. It is developed using mainly jQuery and Bootstrap and its design is responsive. It requires a recent HTML5 compatible browser. Its usage doesn't require any modification on the server side, every modules are working out of the box with sao just like they do with the GTK client. A demo is available at http://demo.tryton.org using demo/demo as login/password. This brings to 3 the number of supported client for Tryton.
A lot of work has been done to improve the accessibility of the GTK and web clients. For the GTK client, we followed the GNOME Accessibility Developers Guide as much as possible and for the web client, we followed the Web Accessibility Initiative of the W3C. You can follow further progress on this topic on the issue3459.
And of course, this release contains many bug fixes and performance improvements.
As usual, migration from previous series is fully supported.
The following screenshots are based on sao but the same feature exists also on the GTK client.
Here is a comparison of the render of sao versus tryton:
The client is now able to generate meaningful error messages for all kind of validation. Those error messages use the same syntax as the search filter.
For a better accessibility the custom background color on widget is replaced by 'bold' label for required fields and 'italic' label for editable fields. In the same spirit, the color of rows has been removed and can be replaced by icons.
A new option for fast tabbing has been added to the client. If activated, it skips read-only fields when navigating with the tab key. This was the previous default behaviour which needed to be optional to allow users with disabilities to navigate on read-only field for reading.
The export feature now works only on selected records but it can export a tree structure.
A new report showing the cash journal amounts over a period is added. This is useful to check closing cashier.
The French accounting generates the FEC (Fichier des Écritures Comptables).
The wizard that generates payments allows to set a date instead of the default which is today.
The default revenue and expense accounts can be configured from accounting configuration.
The date of statements can be corrected after they are posted.
The language of the party depends on the company now.
An extensible list of identifiers replace the field VAT.
The computation of the project tree has been hugely improved by grouping the computation and use of better queries.
There is now a progress field on the projects and tasks and of course a total which is the sum of the children.
A new method to generate invoice from project has been added which is based on the progress field.
It is now possible to link purchase lines to a project which will be added to the cost field.
The time sheet works have now a total duration field which compute the duration of the work and its children.
The delivery date on sale line shows the effective date once the goods are delivered.
It is now possible to deliver the sale to another party from the one on the invoice. This is the other side of the drop shipment which makes Tryton fully support drop shipments.
The drop shipment now uses two distinct moves using an temporary drop location.
It is possible to ask Tryton to recompute the average cost price of a product by replaying all the moves since the beginning.
It is possible to configure another picking location different from the storage location for the warehouses.
It is possible to set an internal provisioning per location which is used for internal order point by default for all products.
Those new modules allow to record landed cost on supplier shipments after their reception. A new document is created to link supplier invoice lines with shipments and to define which method to use for cost allocation. For now, there are two methods available: By Value and By Weight. And thanks to the Update Cost Price wizard, the cost price of the products can recomputed taking into account the landed cost.
A new module allows to define the Tarif Code from the Harmonized System and its duty rate on the products. The duty rate is stored for a country over a period and two computation types are available: a fixed amount or an amount per quantity.
This new module is for managing customer complaint about sales or invoices. Actions can be defined to solve the complaints like returning the sale or crediting the invoice. A work flow for approval of the complaint actions is set up using the access rights.
It is now possible to apply formula based promotions on sales selected thanks to some criteria. The promotion changes the unit price of the line when the sale goes into quotation (and is restored if it goes back to draft) but only if the promotion is in favor of the customer. The available criteria are: the price list, a period, the quantity and the products.
This new module checks at the quotation of the sale if there are enough quantity of products in the warehouse. It also checks that the new sale will not hurt older sale that will be shipped later.
This will be the fifth edition and the first one outside the Europe. Users, developers and interested people will have the opportunity to discover or talk about Tryton.
Talk proposals and schedule are managed on Lanyrd.
The third Foundation Supporter Meeting will take place on Saturday 14th, 18.00.
Registration is available at TUBA 2015.
If you want to request a talk on a specific topic, you can send your request to the Tryton mailing list. If you have question about the organisation, please contact the foundation at email@example.com.
And don't forget to spread the word! #TUBA2015
We are glad to inform that the Tryton Unconference 2015 Code Sprint was extended to three days. It will be held from the 15th to 17th of November.
If you have any question about the organisation, please contact the foundation at firstname.lastname@example.org.
This is the opportunity to gather together community members (users and developers), interested people, business owners and decision makers to talk about present and future of Tryton, and to discover the city of Buenos Aires.
If you have any question about the organisation, please contact the foundation at email@example.com.
So book this dates... soon there will be more information about the event. #TUBA2015
We are proud to announce the 3.6 release of Tryton.
The release shows the official support of PyPy which is an alternative implementation of Python which focuses on speed and efficiency.
As usual, migration from previous series is fully supported with the obvious exception of the ldap_connection module which was removed.
A new color scheme for the graphs has replaced the single brightness variance. Now the color scheme also changes the hue for each color by the golden angle (which ensure a color will not be picked twice).
The dictionary widget receive completion on key searching like the other widgets.
The date/time widgets have been completely rewritten to be more flexible on the format to enter. But they are also more practicable when used with mouse only thanks to the real pop-up for the calendar and the drop down for the time.
Columns of list view that have always the same value are hidden automatically because they don't provide information. For example, the list of posted invoices will not show the state column because by definition they are all posted.
It is now possible to add a description to the cancel move from the wizard.
A new option to only show the balance appears in the General Ledger.
Tax can now be configured to modify the base price for the next taxes in the list.
It is now possible to define templates for common moves. When running a template, the user will be asked to encode some data like an amount or a party, then an account move will be generated with those inputs.
A printable report exists now for the depreciation of assets.
The account charts for France and Belgium has been updated. And the Belgium one is now translated in dutch.
A test wizard is available now to see the result generated by the payment term. As the payment terms are quite flexible because they support to apply many deltas (instead of only one), it is not always easy to forecast the behaviour.
The SEPA coverage is now extended to the pain.001.003.03 and 008.003.02 flavors which are used in Germany. And it is also possible to re-generate a SEPA message in case of wrong configuration on the first generation.
The statements create moves grouped by default by number, date and party. So when one statement line is split for invoice reconciliation, only one move will be created now and the origin of this move will be the group of the statement lines.
Tax rules can now depend on the origin and the destination country thanks to the new module account_tax_rule_country.
The CFONB custom (non-standard) format of SEPA is added by the new module account_payment_sepa_cfonb.
A new type deposit of account is added by the new module account_deposit. It allows to invoice deposit and recall later this amount on the next invoice.
This new area is managed by a set of new commission modules. The commissions are created for the agent defined on a sale or invoice using a commission plan. It is also possible to define principals on the products to which commissions must be repaid.
This year, there will be 2 Foundation members (Sharoon Thomas and Cédric Krier) present during the PyCon 2015 at Montréal. PyCon is the largest annual conference for the Python community which Tryton is a part of.
An agreement signed between the Fundació Universitat Autònoma de Barcelona (FUAB) and NaN·tic will allow all International Trade students to use Tryton in their practical classes. The Catalan company NaN·tic will deploy and set up this software for 30 students a year ensuring them "a 100% real experience" during their practical classes. This means that they are going to learn how to manage business opportunities, sales, purchasing, production, logistics... to summarize: all Tryton’s functionalities. NaN·tic will also provide assistance and technical support to all the teachers staff to ensure a successful training.
Albert Cervera, NaN·tic co-founder and Tryton’s Foundation board member, explained that "this agreement will let students work in a technological environment like those that can be found in any business. Using this tool they’ll improve their knowledge of business management and, by extension, their chances to land on the job market". In addition, Cervera also noted that "with this deal Fundació UAB obtains an ERP with large benefits and with excellent growth prospects, while Tryton is introduced to the university thankfully to an institution as prestigious as the Fundació UAB." Albert Cervera remarked the importance of recognition to the open source technologies by highly reputed institutions as university foundations. Cervera is totally convinced that this type of agreement can be replicated by many other universities anywhere in the world.
NaN·tic has also announced collaboration with other universities such as Universitat de Barcelona, where they showcase Tryton to students of Businsess Administration. In this case, around 90 students a year will be in touch with an ERP for the first time in their life thanks to Tryton and NaN·tic.
Yet this is just the beggining. Other agreements with several Catalan educational institutions are being negotiated right now. NaN·tic expects to have 10 such agreements by the end of the year which will ensure a bright future for Tryton in Catalonia. Hopefully, other countries will follow as in Leipzig NaN·tic already offered their help to the Tryton community if other organizations want to lead the same initiative in other countries.