Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0050160Openbravo ERPA. Platformpublic2022-09-05 15:552022-09-29 11:33
ReporterXABIER_AGUADO 
Assigned Tocaristu 
PrioritynormalSeveritymajorReproducibilityalways
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target VersionFixed in VersionPR22Q4 
Merge Request Status
Review Assigned To
OBNetwork customer
Web browser
ModulesCore
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0050160: Write access should not be done when flushing dirty changes of bobs saved in admin mode
DescriptionWhen saving a new BaseOBObject or flushing changes done in BaseOBObjecs, a check for a write access is done in the OBInterceptor.

This causes that BaseOBObjects created correcly in admin mode, are not finally persisted in the database because the OBInterceptor may perform the write checks on dirty changes not in admin mode.

That check should be skipped BaseOBObjects saved in admin mode.
Steps To Reproduce1) Create a new BaseOBObject in admin mode for an entity not writable for the current context user. Save it with OBDal.getInstance.save(bob) -> This works fine because we are inside an admin mode block.
2) Do an update in that BaseOBObject (this generates a dirty change) and execute OBDal.getInstance.flush() outside of the admin mode block. ERROR: The flush operation fails because the write access check is not passed.
Proposed Solution
Additional Information
TagsFASH
Relationships
related to feature request 0048579 closed caristu Push API 
related to defect 0053767 new Triage Platform Base During a synchronization data process it is not posible to update a column without a flush execution 
Attached Filestxt log.txt (5,871) 2022-09-05 15:55
https://issues.openbravo.com/file_download.php?file_id=17479&type=bug
Issue History
Date ModifiedUsernameFieldChange
2022-09-05 15:55XABIER_AGUADONew Issue
2022-09-05 15:55XABIER_AGUADOAssigned To => Triage Platform Conn
2022-09-05 15:55XABIER_AGUADOFile Added: log.txt
2022-09-05 15:55XABIER_AGUADOTriggers an Emergency Pack => No
2022-09-05 15:55XABIER_AGUADODescription Updatedbug_revision_view_page.php?rev_id=24737#r24737
2022-09-05 16:04XABIER_AGUADOTag Attached: FASH
2022-09-08 09:33hgbotNote Added: 0140838
2022-09-09 12:41caristuSummarySome Roles end up having Infinite Loading Screens when trying to do DOIs => Write access should not be done when flushing bobs created/edited in admin mode
2022-09-09 12:41caristuDescription Updatedbug_revision_view_page.php?rev_id=24753#r24753
2022-09-09 12:41caristuSteps to Reproduce Updatedbug_revision_view_page.php?rev_id=24755#r24755
2022-09-09 12:41caristuProjectRetail Modules => Openbravo ERP
2022-09-09 12:41caristuModules => Core
2022-09-09 12:41caristuCategoryRetail API => A. Platform
2022-09-09 12:41caristuRelationship addedrelated to 0048579
2022-09-09 12:49caristuStatusnew => scheduled
2022-09-27 13:52hgbotResolutionopen => fixed
2022-09-27 13:52hgbotStatusscheduled => closed
2022-09-27 13:52hgbotFixed in Version => PR22Q4
2022-09-27 13:52hgbotNote Added: 0141403
2022-09-27 13:52hgbotNote Added: 0141404
2022-09-27 13:53caristuSummaryWrite access should not be done when flushing bobs created/edited in admin mode => Write access should not be done when flushing dirty changes of bobs saved in admin mode
2022-09-27 13:53caristuDescription Updatedbug_revision_view_page.php?rev_id=24785#r24785
2022-09-27 13:53caristuSteps to Reproduce Updatedbug_revision_view_page.php?rev_id=24786#r24786
2022-09-29 11:33caristuAssigned ToTriage Platform Conn => caristu
2023-10-26 11:03njimenezRelationship addedrelated to 0053767

Notes
(0140838)
hgbot   
2022-09-08 09:33   
Merge Request created: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/705 [^]
(0141403)
hgbot   
2022-09-27 13:52   
Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/openbravo [^]
Changeset: a0abd477c5478133fb582a4658a29bd1a57ad6dd
Author: Carlos Aristu <carlos.aristu@openbravo.com>
Date: 27-09-2022 11:50:57
URL: https://gitlab.com/openbravo/product/openbravo/-/commit/a0abd477c5478133fb582a4658a29bd1a57ad6dd [^]

fixes BUG-50160: Skip write access check when flushing BOBs saved in admin mode

  Skip the write access check which is done after editing a BOB
previously saved being in admin mode. Under this scenario, the
OBInterceptor is invoked due to having dirty changes pending to be
flushed.

  With this fix we keep track if the write and org/client access checks
were enabled when a BaseOBObject is saved and use this information when
the object is eventually flushed.

  We have three possible scenarios:

  1) The object is not saved in admin mode: both access checks will be
done for the BOB when it is flushed
  2) The object is saved in admin mode, having called
setAdminMode(false): both access checks will be skipped for the BOB when
it is flushed
  3) The object is saved in admin mode, having called
setAdminMode(true): only the org/client access check is done for the
BOB when it is flushed

---
M src-test/src/org/openbravo/test/dal/AdminContextTest.java
M src/org/openbravo/base/structure/BaseOBObject.java
M src/org/openbravo/dal/security/SecurityChecker.java
M src/org/openbravo/dal/service/OBDal.java
---
(0141404)
hgbot   
2022-09-27 13:52   
Merge request merged: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/705 [^]