Multiple companies cannot be used from the same browser using multiple windows or tabs

[neilt]

When you login to a second company after being logged into a first company the first company's browser window switches to interacting with the 2nd company. This is unexpected.

The company name at the top of the main menu of the window for the 1st company will still be the 1st company's name even though all data interactions is with the 2nd company. This is unexpected. To fix this reload the 1st company's window in the browser.

These problems could be fixed a number of ways, but the essential problem is that the browser window can change companies without the user being aware based on a login in a different window of the same browser.

To work with multiple companies use different browsers or different devices. This problem is present in LedgerSMB 1.9.4.

[freelock]

I highly recommend using Firefox Containers for this scenario. Maybe if a user attempts to log into another customer when they have an existing session, we can block that and show a help page pointing to this solution?

https://support.mozilla.org/en-US/kb/containers describes how they work, and links to the browser extension that makes them easy to manage -- you could set up a container for each customer, each customer would have a different color highlight on the tab, different cookies, etc. Maybe we direct users to a webpage describing how to set this up?

One critical feature of LedgerSMB right now is the ability to have multiple tabs open at the same time -- personally I depend upon being able to open a bunch of tabs when I'm reconciling, so this is a scenario that's important not to break...

[neilt]

I agree @freelock, but in my mind each tab should be a separate and new login, or if using the same login then the tab/window should be launched from within LedgerSMB by selecting a menu item like "Open in new browser tab/window". Then LedgerSMB uses the same security key without a new login. In this case it is ok because the user asked for this behavior.

I am still researching a couple of things that seem excessive for the Firefox container plugin:

1. Requires access to data for all websites (not just LedgerSMB)
2. Stores unlimited amount of client side data
3. May exchange messages with programs other that Firefox

This feature is currently a POLA violation. I do not expect under any circumstances that when working in a tab in the browser that the underlaying company will change out from under me because of something that happens in another browser window or tab. That is just plain wrong, especially when the info on screen in the original window or tab is now wrong because it was not updated when the company changed.

Another observation. If I navigate, in a new tab, to the LedgerSMB server and the site automatically opens without a login then the current behavior would be ok. It is obvious to the user that they are using the same login.

But, in my case I navigated to the LedgerSMB server in a new tab and was asked for login credentials. At this point the user is expecting a new and unique login.

So if this feature is kept then at least LedgerSMB needs to present a notification to the user that the base company has changed and LedgerSMB must update all tabs to show the correct information to the user. Ideally a notification is somehow presented the user that the old tabs/windows have changed companies. It might be enough to just log the old tab/windows off or close them

I am really curious what happens to data that has been entered but not saved when the company is changed out from under the UI, then the user clicks on the save button? Or what happens when the a search has been performed, then the company changes, then the user clicks on the search results. What happens during a long running process? What happens during a workflow?

It seems like the corner cases could be all over the place; errors, bad data, corruption, crashes, who knows what?

[ehuelsmann]

I'm not sure this was ever possible, but it's definitely a nice improvement. Marking as enhancement.

[ehuelsmann]

This could work if we run each company on a subdirectory where the authentication cookie is restricted to that subdirectory.

[neilt]

Ok, to close this based on the current work.