0030797: Validation rule automatically adds wrong organization list to the where clause

Openbravo Issue Tracking System - Openbravo ERP

View Issue Details

Project

Category

View Status

Date Submitted

Last Update

0030797

Openbravo ERP

A. Platform

public

2015-09-08 16:49

2015-09-10 09:37

Reporter

vmromanos

Assigned To

alostale

Priority

normal

Severity

major

Reproducibility

always

Status

closed

Resolution

no change required

Platform

OS Version

Product Version

Target Version

3.0PR15Q4

Fixed in Version

Merge Request Status

Review Assigned To

OBNetwork customer

Web browser

Modules

Core

Support ticket

Regression level

Regression date

Regression introduced in release

Regression introduced by commit

Triggers an Emergency Pack

Summary

0030797: Validation rule automatically adds wrong organization list to the where clause

Description

When you define a validation rule it is automatically included in a generic SQL query; the filter by organization and client is automatically set by the system.

Example:

SELECT td0.M_PriceList_Version_ID AS ID, (COALESCE(TO_CHAR(COALESCE(TO_CHAR(td0.Name),'')),'')) AS NAME, '' AS DESCRIPTION
FROM M_PriceList_Version td0
WHERE td0.AD_Client_ID IN ('0','23C59575B9CF467C9620760EB255B389')
AND td0.AD_Org_ID IN ('E443A31992CB4635AFCAEABE7183CE85','B843C30461EA4501935CB1D125C9C25A','19404EAD144C49A0AF37D54377CF452D','0')
AND (<Here the validation rule>) ;

The problem is that the organization list is wrong in the following scenario:

1. A role is defined with User Level = "Organization"
2. In the Role | Organization tab, we define access for Norte and Sur organizations only

In this scenario, the where clause for organizations automatically created for the validation rule is:
AND td0.AD_Org_ID IN ('E443A31992CB4635AFCAEABE7183CE85','B843C30461EA4501935CB1D125C9C25A','19404EAD144C49A0AF37D54377CF452D','0')
which corresponds to Norte (which is the context's organization) and its parents.

This is wrong, as in this concrete case the list should include only Norte and Sur, because it's a role with User Level = Organization and access to Norte and Sur.

Please note that this only happens when the User Level = Organization. If we set it to "Client+Organization", then the where clause properly includes Norte, Sur and *

Steps To Reproduce

In a recent PI instance (with 0030735 fixed)
Login as admin role:

Create a new role:
Name: rn + rs
User level: Organization
Org Access: include only Norte and Sur orgs
User assignment: Openbravo

Create a price list:
Name: rn
Org: Norte
Sales Price list = Y
Create a Price List version:
   Name: rn plv

Create a price list:
Name: rs
Org: Sur
Sales Price list = Y
Create a Price List version:
   Name: rs plv

Log out & log in with Openbravo user
Change the role to rn + rs
Go to Product window:
Select Agua sin Gas
Go to Price window:
   Create a new record:
     The only pricelist version is "rn plv". This is wrong, "rn plv" and "rs plv" should be displayed, because they are defined for Norte and Sur and the role has access to them.

Go to Price List window.
Search the "rs" price list
Go to price list version and the Price tab.
Enter a new record. The system allows you. That's OK.

If you now change the role's access level to "Client + Organization", you can select "rn plv" and "rs plv" in Product | Price, Price List Version field

Proposed Solution

It seems there is something wrong in UIDefinition.java, method getValueInComboReference() when getting the list of organizations to be included in the where clause of the validation rule

Additional Information

Tags

No tags attached.

Relationships

related to	design defect	0027459		scheduled	reinaldoguerra	Data from non-accessible organizations is obtained in Multidimensional reports
related to	defect	0030735		closed	AtulOpenbravo	All price lists are displayed without check the organization role
related to	defect	0030926	3.0PR15Q4	closed	vmromanos	Price list version defined for España organization not available when registering product for * organization