RachL
commented
5 months ago I wonder how much of this was actually done by design / not a bug that was introduced :thinking:
Let's see if the dev who picks this up can confirm.
Closed pragai closed 4 months ago
RachL
commented
5 months ago I wonder how much of this was actually done by design / not a bug that was introduced :thinking:
Let's see if the dev who picks this up can confirm.
rioug
commented
4 months ago in /admin/reports/bulk_coop/customer_payments "Bulk Co-op Customer Payments" a producer can list the names and sum payments of all customers' orders in the selected timeframe Also here the names are visible, while in other reports they are hidden from the producer.
As far as I can see it's by design, if definitely not introduced in the last 2 years
in another report /admin/reports/orders_and_distributors 'Orders And Distributors' a producer can list all product orders with customer names, emails, phones etc Why not show only his products and hide personal information?
As noted there is switch in hub's 'shop preferences' settings, 'Customer names in reports' that allows you display name in report but it's not currently working. So this is a bug, and as far as I can see it's been like for more than 2 years.
I'll look at fixing the second issue, as the first one isn't considered a bug.
pragai
commented
4 months ago Thx! The only question remains is that why we have the total payment on /admin/reports/bulk_coop/customer_payments not just the amount that goes to the particular producer..? I contact the instance managers.
dacook
commented
4 months ago FYI I've got an almost fix for orders_and_distributors, but have got stuck and run out of time this week to finish it sorry.
pragai
commented
4 months ago What is the common process in the workflow - how these fixes get into the release?
rioug
commented
4 months ago It's explained here https://github.com/openfoodfoundation/openfoodnetwork/wiki/The-process-of-review%2C-test%2C-merge-and-deploy But in a nutshell, the fix will be reviewed by the core team, once we are happy with it, it will be tested by our testers. If the testers are happy, the fix will be merged in our code based and will be deployed in the next release.
You can keep track of the process here : https://github.com/orgs/openfoodfoundation/projects/8
Releases are prepared every Thursday, and new releases are deployed every Tuesday. Keep an eye the #intsance-managers channel on slack, we announce upcoming release there and list the included changes.
dacook
commented
4 months ago Confirming that the Orders and Distributors report has been updated and will be released tomorrow, 9th July.
I haven't looked into the other report. Can anyone confirm if this requires work also, or should we consider this issue finished?
rioug
commented
4 months ago It's not considered a bug for "Bulk Co-op Customer Payments", as customer data hiding was never implemented. If it's something that is needed, a new issue will need to be raise. Closing the issue as the related fix has been merged.
Description
There is a switch 'Customer names in reports' in hub's 'shop preferences' settings, but seemingly not works in this case.
Expected Behavior
Show only relevant customers' data, and show name only if 'Customer names in reports' switched on.
https://guide.openfoodnetwork.org/basic-features/enterprise-profile/enterprise-settings#:~:text=Customer%20names%20in,to%20the%20customers.
Steps to Reproduce
Login as a producer.
Go to reports: /admin/reports/bulk_coop/customer_payments "Bulk Co-op Customer Payments" and /admin/reports/orders_and_distributors 'Orders And Distributors'
You can see customer data, like names, full order payment info, etc which should be hidden.
Animated Gif/Screenshot
Workaround
Severity
bug-s2: a non-critical feature is broken, no workaround We cannot let producers in because this is a GDPR violation.
Your Environment
Possible Fix
Most possibly 'Customer names in reports' switch is not used in these reports. Also "Bulk Co-op Customer Payments" and 'Orders And Distributors' should be filtered by the producers logged in.