Openbravo Issue Tracking System - Openbravo ERP |
| View Issue Details |
|
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0040454 | Openbravo ERP | A. Platform | public | 2019-03-26 12:23 | 2019-05-03 09:22 |
|
| Reporter | caristu | |
| Assigned To | caristu | |
| Priority | immediate | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | |
| Platform | | OS | 5 | OS Version | |
| Product Version | | |
| Target Version | | Fixed in Version | | |
| Merge Request Status | |
| Review Assigned To | alostale |
| OBNetwork customer | No |
| Web browser | |
| Modules | Core |
| Support ticket | |
| Regression level | Packaging and release |
| Regression date | 2018-10-18 |
| Regression introduced in release | 3.0PR19Q1 |
| Regression introduced by commit | https://code.openbravo.com/erp/devel/pi/rev/43a7e93a946d76de69bb30b066d41a6647508b30 [^] |
| Triggers an Emergency Pack | No |
|
| Summary | 0040454: CSRF Token Error after executing Copy Store Process |
| Description | A wrong CSRF Token Error is received after executing Copy Store Process. It seems that after executing that process the session token is changed. See the error retrieved in the log:
...
ERROR org.openbravo.service.datasource.DataSourceServlet - CSRF token check failed. Request=/retail_modules_pgsql_pi/org.openbravo.service.datasource/Organization, SessionID=8320D7B725AA96EDBC81E394718D94EB, SessionToken=D2CDD6FF000745EC89E6CD81BC4E1DF6, RequestToken=6A2759CF82CC4390B179CDE8C9FD55EA
2019-03-26 12:43:44,792 [ajp-bio-127.0.0.1-8009-exec-90] ERROR org.openbravo.service.datasource.DataSourceServlet - InvalidCSRFToken
org.openbravo.client.kernel.OBUserException: InvalidCSRFToken
at org.openbravo.service.datasource.DataSourceServlet.checkCsrfToken(DataSourceServlet.java:939) [DataSourceServlet.class:?]
... |
| Steps To Reproduce | 0) Use an environment with the Retail pack + Copy Store module
1) Login as White Valley Group Admin
2) Open the [Organization] window
3) Open the "Copy Retail Store" process and execute it
4) Go back to the [Organization] window and try to edit a record. Note that is not possible because of the CSRF Token Error (see attached image) |
| Proposed Solution | |
| Additional Information | |
| Tags | No tags attached. |
| Relationships | | caused by | feature request | 0039123 | | closed | jarmendariz | Add CSRF Token support |
|
| Attached Files |  csrfTokenError.png (79,202) 2019-03-26 12:23
https://issues.openbravo.com/file_download.php?file_id=12784&type=bug
|
|
| Issue History |
| Date Modified | Username | Field | Change |
| 2019-03-26 12:23 | caristu | New Issue | |
| 2019-03-26 12:23 | caristu | Assigned To | => platform |
| 2019-03-26 12:23 | caristu | File Added: csrfTokenError.png | |
| 2019-03-26 12:23 | caristu | OBNetwork customer | => No |
| 2019-03-26 12:23 | caristu | Modules | => Core |
| 2019-03-26 12:23 | caristu | Triggers an Emergency Pack | => No |
| 2019-03-26 12:24 | caristu | Relationship added | caused by 0039123 |
| 2019-03-26 12:27 | caristu | Regression level | => Production - QA Approved |
| 2019-03-26 12:27 | caristu | Regression date | => 2018-10-18 |
| 2019-03-26 12:27 | caristu | Regression introduced in release | => 3.0PR19Q1 |
| 2019-03-26 12:27 | caristu | Regression introduced by commit | => https://code.openbravo.com/erp/devel/pi/rev/43a7e93a946d76de69bb30b066d41a6647508b30 [^] |
| 2019-03-26 12:28 | caristu | Regression level | Production - QA Approved => Packaging and release |
| 2019-03-26 12:47 | caristu | Description Updated | bug_revision_view_page.php?rev_id=18534#r18534 |
| 2019-03-26 12:48 | caristu | Steps to Reproduce Updated | bug_revision_view_page.php?rev_id=18536#r18536 |
| 2019-03-26 19:23 | caristu | Assigned To | platform => caristu |
| 2019-03-27 09:02 | hgbot | Checkin | |
| 2019-03-27 09:02 | hgbot | Note Added: 0110670 | |
| 2019-03-27 09:02 | hgbot | Status | new => resolved |
| 2019-03-27 09:02 | hgbot | Resolution | open => fixed |
| 2019-03-27 09:02 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/pmods/org.openbravo.retail.copystore/rev/f740efe4f91425e42d3a0a413e8d9ba5173d39a5 [^] |
| 2019-03-27 09:02 | caristu | Review Assigned To | => alostale |
| 2019-03-29 09:03 | alostale | Note Added: 0110915 | |
| 2019-03-29 09:03 | alostale | Status | resolved => closed |
| 2019-04-30 19:00 | hgbot | Checkin | |
| 2019-04-30 19:00 | hgbot | Note Added: 0111404 | |
| 2019-04-30 19:00 | hgbot | Status | closed => resolved |
| 2019-04-30 19:00 | hgbot | Fixed in SCM revision | http://code.openbravo.com/erp/pmods/org.openbravo.retail.copystore/rev/f740efe4f91425e42d3a0a413e8d9ba5173d39a5 [^] => http://code.openbravo.com/erp/pmods/org.openbravo.retail.copystore/rev/0441ef6e8ffdfb8a903475d407716b9487abfebb [^] |
| 2019-05-03 09:22 | alostale | Note Added: 0111458 | |
| 2019-05-03 09:22 | alostale | Status | resolved => closed |
|
Notes |
|
|
(0110670)
|
|
hgbot
|
|
2019-03-27 09:02
|
|
Repository: erp/pmods/org.openbravo.retail.copystore
Changeset: f740efe4f91425e42d3a0a413e8d9ba5173d39a5
Author: Carlos Aristu <carlos.aristu <at> openbravo.com>
Date: Wed Mar 27 08:58:48 2019 +0100
URL: http://code.openbravo.com/erp/pmods/org.openbravo.retail.copystore/rev/f740efe4f91425e42d3a0a413e8d9ba5173d39a5 [^]
fixes issue 40454: CSRF Token Error after executing Copy Store Process
The Copy Store process refreshes the session values to take into account the newly created organization (store). To do so, it invokes LoginUtils.fillSessionArguments which also sets in session a new value for the CSRF token which caused the issue.
To avoid this problem we restore the old CSRF token in session after invoking fillSessionArguments in the Copy Store process.
---
M src/org/openbravo/retail/copystore/process/CopyStoreProcess.java
---
|
|
|
|
|
|
|
|
(0111404)
|
|
hgbot
|
|
2019-04-30 19:00
|
|
Repository: erp/pmods/org.openbravo.retail.copystore
Changeset: 0441ef6e8ffdfb8a903475d407716b9487abfebb
Author: Carlos Aristu <carlos.aristu <at> openbravo.com>
Date: Wed Mar 27 08:58:48 2019 +0100
URL: http://code.openbravo.com/erp/pmods/org.openbravo.retail.copystore/rev/0441ef6e8ffdfb8a903475d407716b9487abfebb [^]
fixes issue 40454: CSRF Token Error after executing Copy Store Process
The Copy Store process refreshes the session values to take into account the newly created organization (store). To do so, it invokes LoginUtils.fillSessionArguments which also sets in session a new value for the CSRF token which caused the issue.
To avoid this problem we restore the old CSRF token in session after invoking fillSessionArguments in the Copy Store process.
---
M src/org/openbravo/retail/copystore/process/CopyStoreProcess.java
---
|
|
|
|
|
|
closed as it was incorrectly reopened by merge |
|