Openbravo Issue Tracking System - Openbravo ERP |
| View Issue Details |
|
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0032702 | Openbravo ERP | A. Platform | public | 2016-04-19 10:02 | 2016-06-17 19:37 |
|
| Reporter | AugustoMauch | |
| Assigned To | AugustoMauch | |
| Priority | normal | Severity | major | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | |
| Platform | | OS | 5 | OS Version | |
| Product Version | | |
| Target Version | | Fixed in Version | 3.0PR16Q3 | |
| Merge Request Status | |
| Review Assigned To | mtaal |
| OBNetwork customer | |
| Web browser | |
| Modules | Core |
| Support ticket | |
| Regression level | |
| Regression date | |
| Regression introduced in release | |
| Regression introduced by commit | |
| Triggers an Emergency Pack | No |
|
| Summary | 0032702: Store server backoffice enablement |
| Description | See wiki page:
http://wiki.openbravo.com/wiki/Projects:Store_Server_BackOffice_Enablement [^]
The following changes are needed in core to support restricting the access to the backoffice in the store servers:
- Discerning whether the current server is a central or a store server
- If a preference is set, only grant access to users with the System Admin role
|
| Steps To Reproduce | See description |
| Proposed Solution | |
| Additional Information | |
| Tags | No tags attached. |
| Relationships | | related to | defect | 0034499 | | closed | caristu | Openbravo ERP | [clustering] CachedPreference feature is not supported on clustered environments | | related to | defect | 0038478 | | closed | AugustoMauch | Retail Modules | SS Restrict ERP access means that certain backoffice windows in WebPOS can not be opened |
|
| Attached Files | |
|
| Issue History |
| Date Modified | Username | Field | Change |
| 2016-04-19 10:02 | AugustoMauch | New Issue | |
| 2016-04-19 10:02 | AugustoMauch | Assigned To | => mtaal |
| 2016-04-19 10:02 | AugustoMauch | Triggers an Emergency Pack | => No |
| 2016-04-19 10:02 | AugustoMauch | Issue generated from | 0031658 |
| 2016-04-19 10:02 | AugustoMauch | Project | Retail Modules => Openbravo ERP |
| 2016-04-19 10:02 | AugustoMauch | Assigned To | mtaal => AugustoMauch |
| 2016-04-19 10:04 | AugustoMauch | Modules | => Core |
| 2016-04-19 10:04 | AugustoMauch | Category | Web POS => A. Platform |
| 2016-04-21 09:08 | AugustoMauch | Review Assigned To | => mtaal |
| 2016-04-21 09:08 | AugustoMauch | Status | new => scheduled |
| 2016-04-21 09:09 | hgbot | Checkin | |
| 2016-04-21 09:09 | hgbot | Note Added: 0085811 | |
| 2016-04-21 09:09 | hgbot | Status | scheduled => resolved |
| 2016-04-21 09:09 | hgbot | Resolution | open => fixed |
| 2016-04-21 09:09 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/32a1ccfd28ccd6afa151b4c72308b7e7ce7f3d49 [^] |
| 2016-04-21 10:10 | hgbot | Checkin | |
| 2016-04-21 10:10 | hgbot | Note Added: 0085817 | |
| 2016-04-29 08:16 | alostale | Relationship added | causes 0029771 |
| 2016-04-29 08:16 | alostale | Relationship deleted | causes 0029771 |
| 2016-04-29 17:31 | mtaal | Note Added: 0086094 | |
| 2016-04-29 17:31 | mtaal | Status | resolved => closed |
| 2016-04-29 17:31 | mtaal | Fixed in Version | => 3.0PR16Q3 |
| 2016-06-17 19:37 | hudsonbot | Checkin | |
| 2016-06-17 19:37 | hudsonbot | Note Added: 0087475 | |
| 2016-06-17 19:37 | hudsonbot | Checkin | |
| 2016-06-17 19:37 | hudsonbot | Note Added: 0087476 | |
| 2016-11-14 17:09 | caristu | Relationship added | related to 0034499 |
| 2018-05-02 16:12 | AugustoMauch | Relationship added | related to 0038478 |
|
Notes |
|
|
(0085811)
|
|
hgbot
|
|
2016-04-21 09:09
|
|
Repository: erp/devel/pi
Changeset: 32a1ccfd28ccd6afa151b4c72308b7e7ce7f3d49
Author: Augusto Mauch <augusto.mauch <at> openbravo.com>
Date: Tue Apr 19 10:13:37 2016 +0200
URL: http://code.openbravo.com/erp/devel/pi/rev/32a1ccfd28ccd6afa151b4c72308b7e7ce7f3d49 [^]
Fixes issue 32702: Access to be backend can be restricted in the store servers
If the RestrictErpAccessInStoreServer preference is set to Y, only users with the System Administrator role will be granted access to the backend in the store servers.
Summary of the changes:
- ServerController & ServerControllerHandler: New classes to be able to know in core whether the current server is a central or a store server.
- CachedPreference: The value of the RestrictErpAccessInStoreServer is cached.
- UserInfoWidgetActionHandler: Controls that if the access is restricted only the System Administrator role should be available in the role combo
- index.jsp: Controls that if the access is restricted and the current user is not using the System Administrator role, the backend workspace is not shown.
- HttpSecureAppServlet: Controls that if the access is restricted the default role of a user that logs in is System Administrator.
- LoginHandler: Controls that login is denied for users that do not have the System Administrator role if access is restricted in the store servers. For users that do have the System Administrator role it makes sure only that role is used.
---
M modules/org.openbravo.client.application/src/org/openbravo/client/application/CachedPreference.java
M modules/org.openbravo.client.application/src/org/openbravo/client/application/navigationbarcomponents/UserInfoWidgetActionHandler.java
M src-db/database/sourcedata/AD_MESSAGE.xml
M src-db/database/sourcedata/AD_REF_LIST.xml
M src/index.jsp
M src/org/openbravo/base/secureApp/HttpSecureAppServlet.java
M src/org/openbravo/base/secureApp/LoginHandler.java
A src/org/openbravo/server/ServerController.java
A src/org/openbravo/server/ServerControllerHandler.java
---
|
|
|
|
(0085817)
|
|
hgbot
|
|
2016-04-21 10:10
|
|
|
|
|
(0086094)
|
|
mtaal
|
|
2016-04-29 17:31
|
|
|
|
|
|
|
|
|
|
|