Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
0040454Openbravo ERPA. Platformpublic2019-03-26 12:232019-05-03 09:22
caristu 
caristu 
immediateminoralways
closedfixed 
5
 
 
alostale
Core
Packaging and release
2018-10-18
3.0PR19Q1
https://code.openbravo.com/erp/devel/pi/rev/43a7e93a946d76de69bb30b066d41a6647508b30 [^]
No
0040454: CSRF Token Error after executing Copy Store Process
A wrong CSRF Token Error is received after executing Copy Store Process. It seems that after executing that process the session token is changed. See the error retrieved in the log:

...
ERROR org.openbravo.service.datasource.DataSourceServlet - CSRF token check failed. Request=/retail_modules_pgsql_pi/org.openbravo.service.datasource/Organization, SessionID=8320D7B725AA96EDBC81E394718D94EB, SessionToken=D2CDD6FF000745EC89E6CD81BC4E1DF6, RequestToken=6A2759CF82CC4390B179CDE8C9FD55EA
2019-03-26 12:43:44,792 [ajp-bio-127.0.0.1-8009-exec-90] ERROR org.openbravo.service.datasource.DataSourceServlet - InvalidCSRFToken
org.openbravo.client.kernel.OBUserException: InvalidCSRFToken
    at org.openbravo.service.datasource.DataSourceServlet.checkCsrfToken(DataSourceServlet.java:939) [DataSourceServlet.class:?]
...
0) Use an environment with the Retail pack + Copy Store module
1) Login as White Valley Group Admin
2) Open the [Organization] window
3) Open the "Copy Retail Store" process and execute it
4) Go back to the [Organization] window and try to edit a record. Note that is not possible because of the CSRF Token Error (see attached image)
No tags attached.
caused by feature request 0039123 closed jarmendariz Add CSRF Token support 
png csrfTokenError.png (79,202) 2019-03-26 12:23
https://issues.openbravo.com/file_download.php?file_id=12784&type=bug
png
Issue History
2019-03-26 12:23caristuNew Issue
2019-03-26 12:23caristuAssigned To => platform
2019-03-26 12:23caristuFile Added: csrfTokenError.png
2019-03-26 12:23caristuModules => Core
2019-03-26 12:23caristuTriggers an Emergency Pack => No
2019-03-26 12:24caristuRelationship addedcaused by 0039123
2019-03-26 12:27caristuRegression level => Production - QA Approved
2019-03-26 12:27caristuRegression date => 2018-10-18
2019-03-26 12:27caristuRegression introduced in release => 3.0PR19Q1
2019-03-26 12:27caristuRegression introduced by commit => https://code.openbravo.com/erp/devel/pi/rev/43a7e93a946d76de69bb30b066d41a6647508b30 [^]
2019-03-26 12:28caristuRegression levelProduction - QA Approved => Packaging and release
2019-03-26 12:47caristuDescription Updatedbug_revision_view_page.php?rev_id=18534#r18534
2019-03-26 12:48caristuSteps to Reproduce Updatedbug_revision_view_page.php?rev_id=18536#r18536
2019-03-26 19:23caristuAssigned Toplatform => caristu
2019-03-27 09:02hgbotCheckin
2019-03-27 09:02hgbotNote Added: 0110670
2019-03-27 09:02hgbotStatusnew => resolved
2019-03-27 09:02hgbotResolutionopen => fixed
2019-03-27 09:02hgbotFixed in SCM revision => http://code.openbravo.com/erp/pmods/org.openbravo.retail.copystore/rev/f740efe4f91425e42d3a0a413e8d9ba5173d39a5 [^]
2019-03-27 09:02caristuReview Assigned To => alostale
2019-03-29 09:03alostaleNote Added: 0110915
2019-03-29 09:03alostaleStatusresolved => closed
2019-04-30 19:00hgbotCheckin
2019-04-30 19:00hgbotNote Added: 0111404
2019-04-30 19:00hgbotStatusclosed => resolved
2019-04-30 19:00hgbotFixed in SCM revisionhttp://code.openbravo.com/erp/pmods/org.openbravo.retail.copystore/rev/f740efe4f91425e42d3a0a413e8d9ba5173d39a5 [^] => http://code.openbravo.com/erp/pmods/org.openbravo.retail.copystore/rev/0441ef6e8ffdfb8a903475d407716b9487abfebb [^]
2019-05-03 09:22alostaleNote Added: 0111458
2019-05-03 09:22alostaleStatusresolved => closed

Notes
(0110670)
hgbot   
2019-03-27 09:02   
Repository: erp/pmods/org.openbravo.retail.copystore
Changeset: f740efe4f91425e42d3a0a413e8d9ba5173d39a5
Author: Carlos Aristu <carlos.aristu <at> openbravo.com>
Date: Wed Mar 27 08:58:48 2019 +0100
URL: http://code.openbravo.com/erp/pmods/org.openbravo.retail.copystore/rev/f740efe4f91425e42d3a0a413e8d9ba5173d39a5 [^]

fixes issue 40454: CSRF Token Error after executing Copy Store Process

  The Copy Store process refreshes the session values to take into account the newly created organization (store). To do so, it invokes LoginUtils.fillSessionArguments which also sets in session a new value for the CSRF token which caused the issue.

  To avoid this problem we restore the old CSRF token in session after invoking fillSessionArguments in the Copy Store process.

---
M src/org/openbravo/retail/copystore/process/CopyStoreProcess.java
---
(0110915)
alostale   
2019-03-29 09:03   
reviewed + tested
(0111404)
hgbot   
2019-04-30 19:00   
Repository: erp/pmods/org.openbravo.retail.copystore
Changeset: 0441ef6e8ffdfb8a903475d407716b9487abfebb
Author: Carlos Aristu <carlos.aristu <at> openbravo.com>
Date: Wed Mar 27 08:58:48 2019 +0100
URL: http://code.openbravo.com/erp/pmods/org.openbravo.retail.copystore/rev/0441ef6e8ffdfb8a903475d407716b9487abfebb [^]

fixes issue 40454: CSRF Token Error after executing Copy Store Process

  The Copy Store process refreshes the session values to take into account the newly created organization (store). To do so, it invokes LoginUtils.fillSessionArguments which also sets in session a new value for the CSRF token which caused the issue.

  To avoid this problem we restore the old CSRF token in session after invoking fillSessionArguments in the Copy Store process.

---
M src/org/openbravo/retail/copystore/process/CopyStoreProcess.java
---
(0111458)
alostale   
2019-05-03 09:22   
closed as it was incorrectly reopened by merge