Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0040888Openbravo ERPA. Platformpublic2019-05-16 11:272019-05-17 09:53
Reporteralostale 
Assigned Toalostale 
PriorityimmediateSeveritymajorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target Version3.0PR19Q1.2Fixed in Version3.0PR19Q3 
Merge Request Status
Review Assigned Tocaristu
OBNetwork customer
Web browser
ModulesCore
Support ticket
Regression levelProduction - Confirmed Stable
Regression date2017-01-30
Regression introduced in release3.0PR17Q2
Regression introduced by commithttps://code.openbravo.com/erp/devel/pi/rev/15f5de36349f [^]
Triggers an Emergency PackNo
Summary0040888: incorrect audit trail for DAL WebServices
DescriptionData changes performed by DAL WebServices are incorrectly audited.

User and process is set randomly. As these requests are not updating ad_context_info table, in case it was previously set within the same database connection that has now been retrieved from the connection pool, it will be reused.
Steps To Reproduce1. Log in as System Administrator
2. Open Tables and Columns window
3. Select C_City table and set it to fully audited
4. Rebuild and restart Tomcat
5. Execute WSUpdateTest (which creates entries in C_City)
6. Query ad_audit_trail
   -> Check that entries for c_city have random user + process

Proposed Solution
Additional Information
TagsNo tags attached.
Relationships
blocks defect 0040886 closed alostale incorrect audit trail for DAL WebServices 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2019-05-16 11:30alostaleTypedefect => backport
2019-05-16 11:30alostaleTarget Version => 3.0PR19Q1.2
2019-05-16 12:23hgbotCheckin
2019-05-16 12:23hgbotNote Added: 0111715
2019-05-16 12:23hgbotStatusscheduled => resolved
2019-05-16 12:23hgbotResolutionopen => fixed
2019-05-16 12:23hgbotFixed in SCM revision => http://code.openbravo.com/erp/backports/3.0PR19Q1.2/rev/ed8cbe75deaec6c2ed11687fcbdf8498e10cdb2d [^]
2019-05-17 09:53caristuNote Added: 0111764
2019-05-17 09:53caristuStatusresolved => closed
2019-05-17 09:53caristuFixed in Version => 3.0PR19Q3

Notes
(0111715)
hgbot   
2019-05-16 12:23   
Repository: erp/backports/3.0PR19Q1.2
Changeset: ed8cbe75deaec6c2ed11687fcbdf8498e10cdb2d
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Thu May 16 12:11:51 2019 +0200
URL: http://code.openbravo.com/erp/backports/3.0PR19Q1.2/rev/ed8cbe75deaec6c2ed11687fcbdf8498e10cdb2d [^]

fixed bug 40888: incorrect audit trail for DAL WebServices

  DAL WebServices were incorrectly audited because ad_context_info was not set as
  it was disabled for the thread during login and they are executed in the same
  thread.

  This fix consists in:
    1. Now after login completion, thread is reset to allow auditing of actions
       occurred afterward.
    2. Correct user id and new WebService process type is set to be audited. Note
       this didn't occur even before the regression was introduced, reulting in
       records in ad_audit_trail without user or process information.

---
M src-db/database/sourcedata/AD_REF_LIST.xml
M src/org/openbravo/erpCommon/security/SessionLogin.java
M src/org/openbravo/service/web/BaseWebServiceServlet.java
---
(0111764)
caristu   
2019-05-17 09:53   
Reviewed + tested