Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0032626Openbravo ERPA. Platformpublic2016-04-08 12:132016-06-17 19:36
Reporteralostale 
Assigned Tocaristu 
PrioritynormalSeveritymajorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target VersionFixed in Version3.0PR16Q3 
Merge Request Status
Review Assigned Toalostale
OBNetwork customer
Web browser
ModulesCore
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0032626: cannot propagate privileges if a template role has been used in a session
DescriptionWhen a standard role that has been used in sessions, is marked as template and tried to be set as parent for another role, privileges propagation fails and the parent-child relationship cannot be saved.
Steps To Reproduce1. Create a new role:
  * name: bt
  * level: client+org
  * manual: yes
  * template: no
    * org access: EspaƱa Norte
    * user: assignment: Openbravo
    * window access: Sales Order
2. Login with Openbravo user using that role
3. Open Sales Order window
4. Edit that role to set template=yes
5. Create a new manual role with client+org access level
6. In Role Inheritance tab add a new record inherit from: bt
  -> ERROR in UI: Saving failed. With your current role this action is not allowed.
     In logs: 3475468 [http-8080-2] ERROR org.openbravo.base.exception.OBSecurityException - Client (0) of object (ADPreference(ECFEC09198D847CAB8C2881B86D438EF) (property: UINAVBA_MenuRecentList)) is not present in ClientList 23C59575B9CF467C9620760EB255B389
org.openbravo.base.exception.OBSecurityException: Client (0) of object (ADPreference(ECFEC09198D847CAB8C2881B86D438EF) (property: UINAVBA_MenuRecentList)) is not present in ClientList 23C59575B9CF467C9620760EB255B389
    at org.openbravo.dal.security.SecurityChecker.checkWriteAccess(SecurityChecker.java:171)
    at org.openbravo.dal.core.OBInterceptor.doEvent(OBInterceptor.java:343)
    at org.openbravo.dal.core.OBInterceptor.onSave(OBInterceptor.java:225)
    at org.hibernate.event.def.AbstractSaveEventListener.substituteValuesIfNecessary(AbstractSaveEventListener.java:413)
    at org.hibernate.event.def.AbstractSaveEventListener.performSaveOrReplicate(AbstractSaveEventListener.java:292)
    at org.hibernate.event.def.AbstractSaveEventListener.performSave(AbstractSaveEventListener.java:203)
    at org.hibernate.event.def.AbstractSaveEventListener.saveWithGeneratedId(AbstractSaveEventListener.java:143)
    at org.hibernate.event.def.DefaultSaveOrUpdateEventListener.saveWithGeneratedOrRequestedId(DefaultSaveOrUpdateEventListener.java:210)
    at org.hibernate.event.def.DefaultSaveOrUpdateEventListener.entityIsTransient(DefaultSaveOrUpdateEventListener.java:195)
    at org.hibernate.event.def.DefaultSaveOrUpdateEventListener.performSaveOrUpdate(DefaultSaveOrUpdateEventListener.java:117)
    at org.hibernate.event.def.DefaultSaveOrUpdateEventListener.onSaveOrUpdate(DefaultSaveOrUpdateEventListener.java:93)
    at org.hibernate.impl.SessionImpl.fireSaveOrUpdate(SessionImpl.java:685)
    at org.hibernate.impl.SessionImpl.saveOrUpdate(SessionImpl.java:677)
    at org.openbravo.dal.core.SessionHandler.save(SessionHandler.java:176)
    at org.openbravo.dal.service.OBDal.save(OBDal.java:249)
    at org.openbravo.role.inheritance.RoleInheritanceManager.copyRoleAccess(RoleInheritanceManager.java:124)
    at org.openbravo.role.inheritance.RoleInheritanceManager.handleAccess(RoleInheritanceManager.java:587)
    at org.openbravo.role.inheritance.RoleInheritanceManager.calculateAccesses(RoleInheritanceManager.java:539)
    at org.openbravo.role.inheritance.RoleInheritanceManager.calculateAccesses(RoleInheritanceManager.java:509)
    at org.openbravo.role.inheritance.RoleInheritanceManager.applyNewInheritance(RoleInheritanceManager.java:200)
Proposed Solution
Additional Information
TagsNo tags attached.
Relationships
related to feature request 00309313.0PR16Q1 closed caristu Add ability to inherit role permissions 
depends on backport 00326283.0PR16Q2 closed caristu cannot propagate privileges if a template role has been used in a session 
depends on backport 00326293.0PR16Q1.1 closed caristu cannot propagate privileges if a template role has been used in a session 
related to defect 0032627 closed caristu template role cannot be used as session role 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2016-04-08 12:13alostaleNew Issue
2016-04-08 12:13alostaleAssigned To => platform
2016-04-08 12:13alostaleModules => Core
2016-04-08 12:13alostaleTriggers an Emergency Pack => No
2016-04-08 12:22alostaleRelationship addedrelated to 0032627
2016-04-08 12:24alostaleRelationship addedrelated to 0030931
2016-04-08 12:24alostaleStatusnew => scheduled
2016-04-08 14:01caristuAssigned Toplatform => caristu
2016-04-08 14:08hgbotCheckin
2016-04-08 14:08hgbotNote Added: 0085532
2016-04-08 14:08hgbotStatusscheduled => resolved
2016-04-08 14:08hgbotResolutionopen => fixed
2016-04-08 14:08hgbotFixed in SCM revision => http://code.openbravo.com/erp/devel/pi/rev/5068c169fe15d1f2db8ca7021ffe623b59d0ee82 [^]
2016-04-14 17:12alostaleReview Assigned To => alostale
2016-04-14 17:12alostaleNote Added: 0085643
2016-04-14 17:12alostaleStatusresolved => closed
2016-04-14 17:12alostaleFixed in Version => 3.0PR16Q3
2016-06-17 19:36hudsonbotCheckin
2016-06-17 19:36hudsonbotNote Added: 0087435

Notes
(0085532)
hgbot   
2016-04-08 14:08   
Repository: erp/devel/pi
Changeset: 5068c169fe15d1f2db8ca7021ffe623b59d0ee82
Author: Carlos Aristu <carlos.aristu <at> openbravo.com>
Date: Fri Apr 08 14:07:14 2016 +0200
URL: http://code.openbravo.com/erp/devel/pi/rev/5068c169fe15d1f2db8ca7021ffe623b59d0ee82 [^]

fixes issue 32626: cannot propagate privileges if a template role has been used
Now the client/org check is skipped when propagating changes (create, remove, update) privileges. This is done by using the OBContext.setAdminMode(false).
Besides, the UINAVBA_MenuRecentList preference has been included into the preference black list, which is a list that prevents the propagation of all the preferences included within it.

---
M src/org/openbravo/role/inheritance/RoleInheritanceManager.java
M src/org/openbravo/role/inheritance/access/PreferenceAccessInjector.java
---
(0085643)
alostale   
2016-04-14 17:12   
code reviewed and tested
(0087435)
hudsonbot   
2016-06-17 19:36   
A changeset related to this issue has been promoted main and to the
Central Repository, after passing a series of tests.

Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/0dc7be081b1c [^]
Maturity status: Test