Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0022644Openbravo ERPA. Platformpublic2012-12-20 13:242013-01-31 13:21
Reportermarvintm 
Assigned Tomarvintm 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target VersionFixed in Version3.0MP20 
Merge Request Status
Review Assigned ToAugustoMauch
OBNetwork customerNo
Web browser
ModulesCore
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0022644: It would be convenient to be able to restrict a role from accessing the backend
DescriptionBesides the ERP, Openbravo has a platform which can be used to develop other applications. Currently, the Web POS is a different application which can be used on Openbravo.

It would be very convenient to have an option to restrict a role from accessing the backend. This option would enable the user to access other applications, but not the backend.
Steps To Reproduce.
Proposed Solution
Additional Information
TagsNo tags attached.
Relationships
Attached Filesdiff restrictrole.diff (24,125) 2013-01-09 16:14
https://issues.openbravo.com/file_download.php?file_id=5876&type=bug
Issue History
Date ModifiedUsernameFieldChange
2012-12-20 13:24marvintmNew Issue
2012-12-20 13:24marvintmAssigned To => marvintm
2012-12-20 13:24marvintmModules => Core
2012-12-20 13:24marvintmOBNetwork customer => No
2012-12-20 13:24marvintmTriggers an Emergency Pack => No
2012-12-20 13:28hgbotCheckin
2012-12-20 13:28hgbotNote Added: 0055115
2012-12-20 13:28hgbotStatusnew => resolved
2012-12-20 13:28hgbotResolutionopen => fixed
2012-12-20 13:28hgbotFixed in SCM revision => http://code.openbravo.com/erp/devel/pi/rev/a6b455bb80fc2972d7f09519d2ba3251d945d750 [^]
2012-12-20 13:30hgbotCheckin
2012-12-20 13:30hgbotNote Added: 0055116
2012-12-20 19:10hgbotCheckin
2012-12-20 19:10hgbotNote Added: 0055138
2012-12-26 15:42hudsonbotCheckin
2012-12-26 15:42hudsonbotNote Added: 0055206
2012-12-26 15:43hudsonbotCheckin
2012-12-26 15:43hudsonbotNote Added: 0055208
2012-12-27 13:17AugustoMauchNote Added: 0055242
2012-12-27 13:17AugustoMauchStatusresolved => new
2012-12-27 13:17AugustoMauchResolutionfixed => open
2013-01-09 16:14marvintmFile Added: restrictrole.diff
2013-01-09 16:14marvintmNote Added: 0055421
2013-01-21 09:50hgbotCheckin
2013-01-21 09:50hgbotNote Added: 0055652
2013-01-21 09:50hgbotStatusnew => resolved
2013-01-21 09:50hgbotResolutionopen => fixed
2013-01-21 09:50hgbotFixed in SCM revisionhttp://code.openbravo.com/erp/devel/pi/rev/a6b455bb80fc2972d7f09519d2ba3251d945d750 [^] => http://code.openbravo.com/erp/devel/pi/rev/e5c99a21da3eee59c77303b801247a322c50a593 [^]
2013-01-21 11:45hgbotCheckin
2013-01-21 11:45hgbotNote Added: 0055662
2013-01-22 09:34AugustoMauchReview Assigned To => AugustoMauch
2013-01-22 15:33hudsonbotCheckin
2013-01-22 15:33hudsonbotNote Added: 0055731
2013-01-22 15:33hudsonbotCheckin
2013-01-22 15:33hudsonbotNote Added: 0055733
2013-01-31 13:21AugustoMauchNote Added: 0056007
2013-01-31 13:21AugustoMauchStatusresolved => closed
2013-01-31 13:21AugustoMauchFixed in Version => 3.0MP20

Notes
(0055115)
hgbot   
2012-12-20 13:28   
Repository: erp/devel/pi
Changeset: a6b455bb80fc2972d7f09519d2ba3251d945d750
Author: Antonio Moreno <antonio.moreno <at> openbravo.com>
Date: Thu Dec 20 13:27:34 2012 +0100
URL: http://code.openbravo.com/erp/devel/pi/rev/a6b455bb80fc2972d7f09519d2ba3251d945d750 [^]

Fixed issue 22644. Now a role can be restricted from accessing the backend.
- A new check has been added to the role window. If this check is set, then the role cannot be used to log in the backend, but can be used to log in other applications (such as the WebPOS), if this restriction is overwritten in the corresponding login handler.

---
M modules/org.openbravo.client.application/src/org/openbravo/client/application/navigationbarcomponents/UserInfoWidgetActionHandler.java
M src-db/database/model/tables/AD_ROLE.xml
M src-db/database/sourcedata/AD_COLUMN.xml
M src-db/database/sourcedata/AD_ELEMENT.xml
M src-db/database/sourcedata/AD_FIELD.xml
M src-db/database/sourcedata/AD_MESSAGE.xml
M src-db/database/sourcedata/AD_REF_LIST.xml
M src/org/openbravo/base/secureApp/DefaultOptions_data.xsql
M src/org/openbravo/base/secureApp/LoginHandler.java
---
(0055116)
hgbot   
2012-12-20 13:30   
Repository: erp/pmods/org.openbravo.retail.posterminal
Changeset: 6afaa593b6951649ca4aea1d310eaa796d834892
Author: Antonio Moreno <antonio.moreno <at> openbravo.com>
Date: Thu Dec 20 13:30:19 2012 +0100
URL: http://code.openbravo.com/erp/pmods/org.openbravo.retail.posterminal/rev/6afaa593b6951649ca4aea1d310eaa796d834892 [^]

Related to issue 22644. Allow log in the POS if the restrict check is set

---
M src/org/openbravo/retail/posterminal/POSLoginHandler.java
---
(0055138)
hgbot   
2012-12-20 19:10   
Repository: erp/devel/pi
Changeset: e0cdc20e50b894563357b92d85ea6f4b2ebb6c00
Author: Antonio Moreno <antonio.moreno <at> openbravo.com>
Date: Thu Dec 20 19:10:12 2012 +0100
URL: http://code.openbravo.com/erp/devel/pi/rev/e0cdc20e50b894563357b92d85ea6f4b2ebb6c00 [^]

Related to issue 22644. Rolled back changes. Will be done in a different way

---
M modules/org.openbravo.client.application/src/org/openbravo/client/application/navigationbarcomponents/UserInfoWidgetActionHandler.java
M src-db/database/model/tables/AD_ROLE.xml
M src-db/database/sourcedata/AD_COLUMN.xml
M src-db/database/sourcedata/AD_ELEMENT.xml
M src-db/database/sourcedata/AD_FIELD.xml
M src-db/database/sourcedata/AD_MESSAGE.xml
M src-db/database/sourcedata/AD_REF_LIST.xml
M src/org/openbravo/base/secureApp/DefaultOptions_data.xsql
M src/org/openbravo/base/secureApp/LoginHandler.java
---
(0055206)
hudsonbot   
2012-12-26 15:42   
A changeset related to this issue has been promoted main and to the
Central Repository, after passing a series of tests.

Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/631fc2e1c525 [^]

Maturity status: Test
(0055208)
hudsonbot   
2012-12-26 15:43   
A changeset related to this issue has been promoted main and to the
Central Repository, after passing a series of tests.

Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/631fc2e1c525 [^]

Maturity status: Test
(0055242)
AugustoMauch   
2012-12-27 13:17   
Reopened because its fix was rolled back
(0055421)
marvintm   
2013-01-09 16:14   
A file with a fix has been added. The patch will be committed once the MP20 release cycle starts.
(0055652)
hgbot   
2013-01-21 09:50   
Repository: erp/devel/pi
Changeset: e5c99a21da3eee59c77303b801247a322c50a593
Author: Antonio Moreno <antonio.moreno <at> openbravo.com>
Date: Mon Jan 21 09:48:39 2013 +0100
URL: http://code.openbravo.com/erp/devel/pi/rev/e5c99a21da3eee59c77303b801247a322c50a593 [^]

Fixed issue 22644. Now a role can be restricted from accessing the backend.
> - A new check has been added to the role table. If this check is set, the role will not have access to the backend.
> - Regardless of the value of this check, a role will be able to access other applications (such as the WebPOS), provided that it has access to the corresponding window.
> - If a user attempts to log in Openbravo, all its roles will be checked. If all the roles are restricted, the user will not be able to login. If the default role is restricted but others are available, the user will log in one of them.
> - If a user is already logged with a restricted user (for example, in the WebPOS), and attempts to open the backend, an error will be shown.

---
M modules/org.openbravo.client.application/src-db/database/sourcedata/AD_MESSAGE.xml
M modules/org.openbravo.client.application/src/org/openbravo/client/application/navigationbarcomponents/UserInfoWidgetActionHandler.java
M referencedata/sampledata/F_B_International_Group.xml
M referencedata/sampledata/QA_Testing.xml
M src-db/database/model/tables/AD_ROLE.xml
M src-db/database/sourcedata/AD_COLUMN.xml
M src-db/database/sourcedata/AD_ELEMENT.xml
M src-db/database/sourcedata/AD_FIELD.xml
M src-db/database/sourcedata/AD_MESSAGE.xml
M src-db/database/sourcedata/AD_REF_LIST.xml
M src/index.jsp
M src/org/openbravo/base/secureApp/DefaultOptions_data.xsql
M src/org/openbravo/base/secureApp/LoginHandler.java
---
(0055662)
hgbot   
2013-01-21 11:45   
Repository: erp/devel/pi
Changeset: 445835932ea426b23796ad928d7190e0c16b101b
Author: Antonio Moreno <antonio.moreno <at> openbravo.com>
Date: Mon Jan 21 11:45:27 2013 +0100
URL: http://code.openbravo.com/erp/devel/pi/rev/445835932ea426b23796ad928d7190e0c16b101b [^]

Related to issue 22644. Login process will now work correctly with Autologin

---
M src/index.jsp
---
(0055731)
hudsonbot   
2013-01-22 15:33   
A changeset related to this issue has been promoted main and to the
Central Repository, after passing a series of tests.

Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/449aae8be624 [^]

Maturity status: Test
(0055733)
hudsonbot   
2013-01-22 15:33   
A changeset related to this issue has been promoted main and to the
Central Repository, after passing a series of tests.

Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/449aae8be624 [^]

Maturity status: Test
(0056007)
AugustoMauch   
2013-01-31 13:21   
Code reviewed and verified in pi@a7dea24ffd6d