0054207: Cannot execute JSON WS request with roles without access to the GCSystem entity

Anonymous | Login

Project:

News | My View | View Issues | Roadmap | Summary

View Revisions: Issue #54207		[ All Revisions ] [ Back to Issue ]
Summary	0054207: Cannot execute JSON WS request with roles without access to the GCSystem entity

Revision	2023-12-22 16:20 by caristu
Steps To Reproduce	1- Login in Openbravo 2- Switch to use the role "Group - Admin" of The White Valley Group and set it as default role for this user. Note that this user does not have read access to the GCSystem entity 3- Restart Tomcat. This important as this way in the next step we ensure that the first request is done with a role that cannot access to the GCSystem entity 4- Make a GET request to any of the standard WS requests for example: http://localhost:8080/openbravo/org.openbravo.service.json.jsonrest/Country [^] 5- The request fails and the response shows the following error: {"response":{"data":[{"response":{"status":-1,"error":{"message":"OBUIAPP_ActionNotAllowed","type":"user"},"totalRows":0}} The following stack trace is shown in the log: org.openbravo.base.exception.OBSecurityException: Entity OBUIAPP_GC_System is not readable by the user 100 at org.openbravo.dal.security.EntityAccessChecker.checkReadable(EntityAccessChecker.java:639) ~[classes/:?] at org.openbravo.dal.service.OBDal.checkReadAccess(OBDal.java:749) ~[classes/:?] at org.openbravo.dal.service.OBDal.checkReadAccess(OBDal.java:736) ~[classes/:?] at org.openbravo.dal.service.OBDal.createCriteria(OBDal.java:572) ~[classes/:?] at org.openbravo.client.application.window.StandardWindowComponent.getSystemGridConfig(StandardWindowComponent.java:195) ~[classes/:?] at org.openbravo.base.GridConfigurationCache.initializeSystemConfig(GridConfigurationCache.java:74) ~[classes/:?]

Revision	2023-12-22 16:19 by caristu
Steps To Reproduce	1- Login in Openbravo 2- Switch to use the role "Group - Admin" of The White Valley Group and set it as default role for this user. Note that this user does not have read access to the GCSystem entity 3- Restart Tomcat. This important as this way in the next step we ensure that the first request is done with a role that cannot access to the GCSystem entity 4- Make a GET request to any of the standard WS requests for example: http://localhost:8080/openbravo/org.openbravo.service.json.jsonrest/Country [^] 5- The request fails and the response shows the following error: {"response":{"data":[{"response":{"status":-1,"error":{"message":"OBUIAPP_ActionNotAllowed","type":"user"},"totalRows":0}} The following stack trace is shown in the log: org.openbravo.base.exception.OBSecurityException: Entity OBUIAPP_GC_System is not readable by the user 100 at org.openbravo.dal.security.EntityAccessChecker.checkReadable(EntityAccessChecker.java:639) ~[classes/:?] at org.openbravo.dal.service.OBDal.checkReadAccess(OBDal.java:749) ~[classes/:?] at org.openbravo.dal.service.OBDal.checkReadAccess(OBDal.java:736) ~[classes/:?] at org.openbravo.dal.service.OBDal.createCriteria(OBDal.java:572) ~[classes/:?] at org.openbravo.client.application.window.StandardWindowComponent.getSystemGridConfig(StandardWindowComponent.java:195) ~[classes/:?] at org.openbravo.base.GridConfigurationCache.initializeSystemConfig(GridConfigurationCache.java:74) ~[classes/:?]

Revision	2023-12-22 16:18 by caristu
Steps To Reproduce	1- Login in Openbravo 2- Switch to use the role "Group - Admin" of The White Valley Group and set it as default role for this user. Note that this user does not have read access to the GCSystem entity 3- Restart Tomcat. This important as this way in the next step we ensure that the first request is done with a role that cannot access to the GCSystem entity 4- Make a GET request to any of the standard WS requests for example: http://localhost:8080/openbravo/org.openbravo.service.json.jsonrest/Country [^] 5- The request fails with the following error: