Openbravo Issue Tracking System - Retail Modules |
| View Issue Details |
|
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0043954 | Retail Modules | Web POS | public | 2020-05-06 09:13 | 2020-06-03 12:36 |
|
| Reporter | gorkaion | |
| Assigned To | ranjith_qualiantech_com | |
| Priority | high | Severity | major | Reproducibility | always |
| Status | closed | Resolution | fixed | |
| Platform | | OS | 5 | OS Version | |
| Product Version | | |
| Target Version | | Fixed in Version | RR20Q3 | |
| Merge Request Status | |
| Review Assigned To | marvintm |
| OBNetwork customer | |
| Support ticket | |
| Regression level | |
| Regression date | |
| Regression introduced in release | |
| Regression introduced by commit | |
| Triggers an Emergency Pack | No |
|
| Summary | 0043954: ExternalOrderLoader wrong error management when user calling the EOL does not have access to Web POS form |
| Description | The ExternalOrderLoader (EOL) when loading the POS Terminal provided in the json it tries to set up the OBContext based on it. To do so it tries to search a Role assigned to the user that is execuing the EOL that has access to that POS Terminal.
When the user does not have any role matching that condition. For example it only has the Admin role with the Web POS Form access removed. In this case no role is found and a NPE is thrown. This exception is caught in the importOrder() method but no message or trace in the log is left making very difficult the analysis to understand why has failed the EOL process.
We request 2 fixes to be made in the EOL process:
1. In case that no role is found a OBException with a descriptive message should be thrown instead of a NPE.
2. The importOrder method when it catches an unexpected exception it should leave a message in the log with the error. |
| Steps To Reproduce | 1. Remove the access to the "Web POS" form to the Openbravo Admin role.
2. Create a user that only has access to that role or revoke any other role access to an existing user.
3. Call the EOL WebService using that user credentials.
4. Check that:
- result -1 is returned but no message.
- no error logs can be found in openbravo.log |
| Proposed Solution | |
| Additional Information | |
| Tags | No tags attached. |
| Relationships | |
| Attached Files | |
|
| Issue History |
| Date Modified | Username | Field | Change |
| 2020-05-06 09:13 | gorkaion | New Issue | |
| 2020-05-06 09:13 | gorkaion | Assigned To | => Retail |
| 2020-05-06 09:13 | gorkaion | Resolution time | => 1590530400 |
| 2020-05-06 09:13 | gorkaion | Triggers an Emergency Pack | => No |
| 2020-05-11 11:09 | maite | Issue Monitored: maite | |
| 2020-05-14 14:35 | ranjith_qualiantech_com | Assigned To | Retail => ranjith_qualiantech_com |
| 2020-05-19 12:41 | ranjith_qualiantech_com | Status | new => scheduled |
| 2020-05-20 03:08 | hgbot | Checkin | |
| 2020-05-20 03:08 | hgbot | Note Added: 0120071 | |
| 2020-05-20 03:08 | hgbot | Status | scheduled => resolved |
| 2020-05-20 03:08 | hgbot | Resolution | open => fixed |
| 2020-05-20 03:08 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/pmods/org.openbravo.retail.posterminal/rev/f2ec12ca2abebfd896125b25bcbcbc05ee3c2997 [^] |
| 2020-05-27 09:10 | marvintm | Note Added: 0120326 | |
| 2020-05-27 09:10 | marvintm | Status | resolved => new |
| 2020-05-27 09:10 | marvintm | Resolution | fixed => open |
| 2020-05-27 09:16 | ranjith_qualiantech_com | Status | new => scheduled |
| 2020-05-27 11:07 | hgbot | Checkin | |
| 2020-05-27 11:07 | hgbot | Note Added: 0120344 | |
| 2020-05-31 08:07 | hgbot | Checkin | |
| 2020-05-31 08:07 | hgbot | Note Added: 0120477 | |
| 2020-06-01 08:02 | ranjith_qualiantech_com | Status | scheduled => resolved |
| 2020-06-01 08:02 | ranjith_qualiantech_com | Resolution | open => fixed |
| 2020-06-01 14:18 | hgbot | Checkin | |
| 2020-06-01 14:18 | hgbot | Note Added: 0120493 | |
| 2020-06-03 12:36 | marvintm | Review Assigned To | => marvintm |
| 2020-06-03 12:36 | marvintm | Status | resolved => closed |
| 2020-06-03 12:36 | marvintm | Fixed in Version | => RR20Q3 |
|
Notes |
|
|
(0120071)
|
|
hgbot
|
|
2020-05-20 03:08
|
|
Repository: erp/pmods/org.openbravo.retail.posterminal
Changeset: f2ec12ca2abebfd896125b25bcbcbc05ee3c2997
Author: Ranjith S R <ranjith <at> qualiantech.com>
Date: Wed May 20 06:38:17 2020 +0530
URL: http://code.openbravo.com/erp/pmods/org.openbravo.retail.posterminal/rev/f2ec12ca2abebfd896125b25bcbcbc05ee3c2997 [^]
Fixed issue-43954 : Exception should be thrown if role not found for Webservice
* Updated getNearestRole Query by removing the webpos form validation for WebService
---
M src/org/openbravo/retail/posterminal/ExternalOrderLoader.java
M src/org/openbravo/retail/posterminal/POSLoginHandler.java
---
|
|
|
|
|
The fix is not what we want here. Conceptually, the ExternalOrderLoader should not require form access in the role used, as the context simply should be set to a role that supports webservices.
So, instead of the current fix, the "bypassSecurity" method should be overridden in the ExternalOrderLoader class.
It is also important to check that the ExternalOrderLoader is correctly requiring a role that has webservices access. |
|
|
|
(0120344)
|
|
hgbot
|
|
2020-05-27 11:07
|
|
|
|
|
(0120477)
|
|
hgbot
|
|
2020-05-31 08:07
|
|
|
|
|
(0120493)
|
|
hgbot
|
|
2020-06-01 14:18
|
|
Repository: erp/pmods/org.openbravo.service.integration.magento.mappings
Changeset: 9fdff601f6f2b959109c97a4acb85bd400c3f66b
Author: Ranjith S R <ranjith <at> qualiantech.com>
Date: Mon Jun 01 17:48:21 2020 +0530
URL: http://code.openbravo.com/erp/pmods/org.openbravo.service.integration.magento.mappings/rev/9fdff601f6f2b959109c97a4acb85bd400c3f66b [^]
Related to issue-43954: Enabled Webservice for Role in junit tests
* Formatted Eclipse Java Eclipse code
---
M src-test/org/openbravo/service/integration/magento/mappings/inbound/MagentoImportBaseTest.java
M src-test/org/openbravo/service/integration/magento/mappings/inbound/orders/MagentoImportOrderEntityTest.java
---
|
|