IBM Support

IJ35008: WEB APPLICATION ALLOWS TO MODIFY SOME USER INFORMATION. THE SAME FORM IS USED TO DISPLAY THE DATA THAT IS SPECIFIED READ ONLY

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • DESCRIPTION:

Maximo prevents modification of this data using the "readonly"
flag which is intended for browser and restricts easy editing of
the given field. However this symptom is possible easily remove
using the built-in functionality browsers.


STEPS TO REPRODUCE:
This issue is tested with Chrome browser, but can be seen at
other browsers too.

1) Go to Users Application, Create a new user: TEST_JAN
a) Now, the user has UserName: TEST_JAN; Person: TEST_JAN;
Display Name: TEST_JAN
b) Set Password for the user login.
c) NOTE: The user is just a part of the default groups and is
not added to any other group.

2) Login with user: TEST_JAN
a) Observe the login screen displays "Welcome TEST_JAN" (can be
seen in the Top Left, near Go To Button)
b) Go to Profile (Available at Top Right, near Sign out)
c) Click on the Default Information;

3) At the Default Information window
a) Put the cursor at Description of the User(which is the
Display name of the user).
b) Note: Both Userid (MAXUSER.USERID) and the Display name
(PERSON.DISPLAYNAME) are appearing as "READ-ONLY" Fields.
c) Right click on this and Select Inspect option available in
the browser.

4) At the Inspect Element option of the browser
a) The element where cursor is present(here the Display name) is
highlighted in the Elements tab of the Inspect browser option.
b) Right click on it and select "Edit as HTML".
c) Remove the attribute readonly="readonly" and modify the
attribute aria-readonly="true" to aria-readonly="false".
d) Come out of the Inspect window and click on the Display name
of the Default Information Window, Observe the field is now
"Editable".

5) At the Default Information window
a) Edit the field from "TEST_JAN" to "TEST_JAN_MODIFIED". Click
OK and come out of the "Default Information" window.

6) Logout and Log back in as "TEST_JAN".
a) Observe the login screen display "Welcome TEST_JAN_MODIFIED".
And the display name is also modified under the Default
Information


RESULT: login screen display "Welcome TEST_JAN_MODIFIED" in this
case, thus showing that the Read-only field can be editable by
users using the browser options.

EXPECTED RESULT: Users to be prevented to making the update to
the fields, in this case the Display Name.

REPORTED IN VERSION: Tivoli's process automation engine 7.6.1.2

Local fix

  • N/A

Problem summary

  • ****************************************************************
* USERS AFFECTED:                                              *
* MAXIMO                                                       *
****************************************************************
* PROBLEM DESCRIPTION:                                         *
* WEB APPLICATION ALLOWS TO MODIFY SOME USER INFORMATION. THE  *
* SAME FORM IS USED TO DISPLAY THE DATA THAT IS SPECIFIED READ *
* ONLY                                                         *
****************************************************************

Problem conclusion

  • The fix for this APAR is contained in the following maintenance
package: release\fix pack for Release 8.x Product

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    IJ35008
    • 

  • Reported component name
    INTEGRATION
    • 

  • Reported component ID
    5724R46I1
    • 

  • Reported release
    761
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2021-09-15
    • 

  • Closed date
    2023-01-08
    • 

  • Last modified date
    2023-01-08
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    INTEGRATION
    • 

  • Fixed component ID
    5724R46I1
    • 



Applicable component levels


    








      
              
                            

              

              [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSLKT6","label":"Maximo Asset Management"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"761","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            08 January 2023
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback