Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0035400Openbravo ERPA. Platformpublic2017-03-01 16:482017-03-03 10:39
Reporteregoitz 
Assigned Tocaristu 
PrioritynormalSeverityminorReproducibilityalways
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target Version3.0PR16Q3.6Fixed in Version3.0PR16Q3.6 
Merge Request Status
Review Assigned Toalostale
OBNetwork customer
Web browser
ModulesCore
Support ticket
Regression levelProduction - Confirmed Stable
Regression date2015-11-17
Regression introduced in release3.0PR16Q1
Regression introduced by commithttps://code.openbravo.com/erp/devel/pi/rev/2c0caa49fcc0792e77c29ad705fe662b1eaf12d3 [^]
Triggers an Emergency PackNo
Summary0035400: Not possible to get on the webservice regions of a country when those are defined to client 0.
DescriptionHaving both the countrys and regions (and translations) defined for Client System (0), when getting using xml rest webservices the information for the country, the regions are not shown on the response.
Steps To Reproduce-Access as system adminitrator and define a new region for country spain
-Logout and login with QA testing client.
-Go to the country and region window and see on the region tab that the new region for spain is shown.
-Access to the webservice
/ws/dal/Country/106
and the region is not shown.
Proposed Solution
Additional Information
TagsNo tags attached.
Relationships
blocks defect 0035397 closed caristu Not possible to get on the webservice regions of a country when those are defined to client 0. 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2017-03-01 17:30caristuTypedefect => backport
2017-03-01 17:30caristuTarget Version => 3.0PR16Q3.6
2017-03-02 10:17hgbotCheckin
2017-03-02 10:17hgbotNote Added: 0094677
2017-03-02 10:17hgbotStatusscheduled => resolved
2017-03-02 10:17hgbotResolutionopen => fixed
2017-03-02 10:17hgbotFixed in SCM revision => http://code.openbravo.com/erp/backports/3.0PR16Q3.6/rev/9e434382ef9c2b3c38221acf529b24437888089b [^]
2017-03-02 10:19caristuReview Assigned To => alostale
2017-03-03 10:39alostaleNote Added: 0094720
2017-03-03 10:39alostaleStatusresolved => closed
2017-03-03 10:39alostaleFixed in Version => 3.0PR16Q3.6

Notes
(0094677)
hgbot   
2017-03-02 10:17   
Repository: erp/backports/3.0PR16Q3.6
Changeset: 9e434382ef9c2b3c38221acf529b24437888089b
Author: Carlos Aristu <carlos.aristu <at> openbravo.com>
Date: Thu Mar 02 10:16:54 2017 +0100
URL: http://code.openbravo.com/erp/backports/3.0PR16Q3.6/rev/9e434382ef9c2b3c38221acf529b24437888089b [^]

fixes issue 35400: Check readable clients for child properties using DAL WS

Fix for issue 0029683 was introducing a security check to avoid showing child properties which belong to a client different from the current client. But this fix was preventing to display some readable objects like master data defined at system level (client 0).

Therefore this security check has been improved and now it is verified if the child property is defined for a client which is readable for the current role.

---
M src/org/openbravo/dal/xml/EntityXMLConverter.java
M src/org/openbravo/service/rest/DalWebService.java
---
(0094720)
alostale   
2017-03-03 10:39   
code reviewed + tested