Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0032628Openbravo ERPA. Platformpublic2016-04-08 12:132016-04-18 08:36
Reporteralostale 
Assigned Tocaristu 
PrioritynormalSeveritymajorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target Version3.0PR16Q2Fixed in Version3.0PR16Q2 
Merge Request Status
Review Assigned Toalostale
OBNetwork customer
Web browser
ModulesCore
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0032628: cannot propagate privileges if a template role has been used in a session
DescriptionWhen a standard role that has been used in sessions, is marked as template and tried to be set as parent for another role, privileges propagation fails and the parent-child relationship cannot be saved.
Steps To Reproduce1. Create a new role:
  * name: bt
  * level: client+org
  * manual: yes
  * template: no
    * org access: EspaƱa Norte
    * user: assignment: Openbravo
    * window access: Sales Order
2. Login with Openbravo user using that role
3. Open Sales Order window
4. Edit that role to set template=yes
5. Create a new manual role with client+org access level
6. In Role Inheritance tab add a new record inherit from: bt
  -> ERROR in UI: Saving failed. With your current role this action is not allowed.
     In logs: 3475468 [http-8080-2] ERROR org.openbravo.base.exception.OBSecurityException - Client (0) of object (ADPreference(ECFEC09198D847CAB8C2881B86D438EF) (property: UINAVBA_MenuRecentList)) is not present in ClientList 23C59575B9CF467C9620760EB255B389
org.openbravo.base.exception.OBSecurityException: Client (0) of object (ADPreference(ECFEC09198D847CAB8C2881B86D438EF) (property: UINAVBA_MenuRecentList)) is not present in ClientList 23C59575B9CF467C9620760EB255B389
    at org.openbravo.dal.security.SecurityChecker.checkWriteAccess(SecurityChecker.java:171)
    at org.openbravo.dal.core.OBInterceptor.doEvent(OBInterceptor.java:343)
    at org.openbravo.dal.core.OBInterceptor.onSave(OBInterceptor.java:225)
    at org.hibernate.event.def.AbstractSaveEventListener.substituteValuesIfNecessary(AbstractSaveEventListener.java:413)
    at org.hibernate.event.def.AbstractSaveEventListener.performSaveOrReplicate(AbstractSaveEventListener.java:292)
    at org.hibernate.event.def.AbstractSaveEventListener.performSave(AbstractSaveEventListener.java:203)
    at org.hibernate.event.def.AbstractSaveEventListener.saveWithGeneratedId(AbstractSaveEventListener.java:143)
    at org.hibernate.event.def.DefaultSaveOrUpdateEventListener.saveWithGeneratedOrRequestedId(DefaultSaveOrUpdateEventListener.java:210)
    at org.hibernate.event.def.DefaultSaveOrUpdateEventListener.entityIsTransient(DefaultSaveOrUpdateEventListener.java:195)
    at org.hibernate.event.def.DefaultSaveOrUpdateEventListener.performSaveOrUpdate(DefaultSaveOrUpdateEventListener.java:117)
    at org.hibernate.event.def.DefaultSaveOrUpdateEventListener.onSaveOrUpdate(DefaultSaveOrUpdateEventListener.java:93)
    at org.hibernate.impl.SessionImpl.fireSaveOrUpdate(SessionImpl.java:685)
    at org.hibernate.impl.SessionImpl.saveOrUpdate(SessionImpl.java:677)
    at org.openbravo.dal.core.SessionHandler.save(SessionHandler.java:176)
    at org.openbravo.dal.service.OBDal.save(OBDal.java:249)
    at org.openbravo.role.inheritance.RoleInheritanceManager.copyRoleAccess(RoleInheritanceManager.java:124)
    at org.openbravo.role.inheritance.RoleInheritanceManager.handleAccess(RoleInheritanceManager.java:587)
    at org.openbravo.role.inheritance.RoleInheritanceManager.calculateAccesses(RoleInheritanceManager.java:539)
    at org.openbravo.role.inheritance.RoleInheritanceManager.calculateAccesses(RoleInheritanceManager.java:509)
    at org.openbravo.role.inheritance.RoleInheritanceManager.applyNewInheritance(RoleInheritanceManager.java:200)
Proposed Solution
Additional Information
TagsNo tags attached.
Relationships
blocks defect 0032626 closed caristu cannot propagate privileges if a template role has been used in a session 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2016-04-08 12:24alostaleTypedefect => backport
2016-04-08 12:24alostaleTarget Version => 3.0PR16Q2
2016-04-14 17:49hgbotCheckin
2016-04-14 17:49hgbotNote Added: 0085648
2016-04-14 17:49hgbotStatusscheduled => resolved
2016-04-14 17:49hgbotResolutionopen => fixed
2016-04-14 17:49hgbotFixed in SCM revision => http://code.openbravo.com/erp/backports/3.0PR16Q2/rev/7cff9e8c97c25672f4ed24b0ff862d0db82ee397 [^]
2016-04-18 08:36alostaleAssigned Toplatform => caristu
2016-04-18 08:36alostaleReview Assigned To => alostale
2016-04-18 08:36alostaleNote Added: 0085688
2016-04-18 08:36alostaleStatusresolved => closed
2016-04-18 08:36alostaleFixed in Version => 3.0PR16Q2

Notes
(0085648)
hgbot   
2016-04-14 17:49   
Repository: erp/backports/3.0PR16Q2
Changeset: 7cff9e8c97c25672f4ed24b0ff862d0db82ee397
Author: Carlos Aristu <carlos.aristu <at> openbravo.com>
Date: Thu Apr 14 17:49:21 2016 +0200
URL: http://code.openbravo.com/erp/backports/3.0PR16Q2/rev/7cff9e8c97c25672f4ed24b0ff862d0db82ee397 [^]

fixes issue 32628: cannot propagate privileges if a template role has been used
Now the client/org check is skipped when propagating changes (create, remove, update) privileges. This is done by using the OBContext.setAdminMode(false).
Besides, the UINAVBA_MenuRecentList preference has been included into the preference black list, which is a list that prevents the propagation of all the preferences included within it.

---
M src/org/openbravo/role/inheritance/RoleInheritanceManager.java
M src/org/openbravo/role/inheritance/access/PreferenceAccessInjector.java
---
(0085688)
alostale   
2016-04-18 08:36   
code reviewed + tested