Openbravo Issue Tracking System - Retail Modules
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0055218Retail ModulesWeb POSpublic2024-04-17 12:002024-04-17 12:13
Reporteradrianromero 
Assigned Toadrianromero 
PriorityhighSeveritymajorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target VersionRR24Q1Fixed in VersionRR24Q1.2 
Merge Request Status
Review Assigned To
OBNetwork customer
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0055218: ExternalOrderLoader is not working because of CSRF token check
DescriptionCorrect requests to ExternalOrderLoader fail, because the CSRF Token check is performed there, and it doesn't pass, so the request is rejected.
Steps To ReproduceThe problem can be reproduced in livebuilds just using the Swagger documentation example:

https://livebuilds.openbravo.com/retail_modules_pgsql_pi/api?urls.primaryName=orderloader [^]

It can also be reproduced by using the Postman example of the RetailAPI module:

https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.api/-/blob/master/examples/Retail%20API.postman_collection.json [^]
Proposed Solution
Additional Information
TagsNo tags attached.
Relationships
related to defect 0048126 closed eugen_hamuraru ExternalOrderLoader is not working because of CSRF token check 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2024-04-17 12:00adrianromeroNew Issue
2024-04-17 12:00adrianromeroAssigned To => adrianromero
2024-04-17 12:00adrianromeroTriggers an Emergency Pack => No
2024-04-17 12:00adrianromeroIssue generated from0048126
2024-04-17 12:00adrianromeroRelationship addedrelated to 0048126
2024-04-17 12:06hgbotNote Added: 0163325
2024-04-17 12:09hgbotNote Added: 0163326
2024-04-17 12:13hgbotNote Added: 0163329
2024-04-17 12:13hgbotNote Added: 0163330
2024-04-17 12:13hgbotResolutionopen => fixed
2024-04-17 12:13hgbotStatusnew => closed
2024-04-17 12:13hgbotFixed in Version => RR24Q1.2
2024-04-17 12:13hgbotNote Added: 0163331
2024-04-17 12:13hgbotNote Added: 0163332

Notes
(0163325)
hgbot   
2024-04-17 12:06   
Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/merge_requests/695 [^]
(0163326)
hgbot   
2024-04-17 12:09   
Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.posterminal/-/merge_requests/1531 [^]
(0163329)
hgbot   
2024-04-17 12:13   
Merge request merged: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/merge_requests/695 [^]
(0163330)
hgbot   
2024-04-17 12:13   
Repository: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core [^]
Changeset: a1af6d8ca104e810e977703b2c618a6e8c06e7dc
Author: Eugen Hamuraru <eugen.hamuraru@openbravo.com>
Date: 17-04-2024 12:04:42
URL: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/commit/a1af6d8ca104e810e977703b2c618a6e8c06e7dc [^]

Related to BUG-55218: ability to skip CSRF token check for SecuredJSONProcess

---
A src-test/org/openbravo/mobile/core/process/MobileServiceTest.java
M src-test/org/openbravo/mobile/core/StandaloneTestSuite.java
M src/org/openbravo/mobile/core/process/MobileService.java
M src/org/openbravo/mobile/core/process/MobileServiceProcessor.java
M src/org/openbravo/mobile/core/process/SecuredJSONProcess.java
---
(0163331)
hgbot   
2024-04-17 12:13   
Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.posterminal [^]
Changeset: 24a5508d961b645fe0df522664b20d2717c1d3a4
Author: Eugen Hamuraru <eugen.hamuraru@openbravo.com>
Date: 17-04-2024 12:08:06
URL: https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.posterminal/-/commit/24a5508d961b645fe0df522664b20d2717c1d3a4 [^]

Fixes ISSUE-55218: skip CSRF token check for the ExternalOrderLoader

---
M src/org/openbravo/retail/posterminal/ExternalOrderLoader.java
---
(0163332)
hgbot   
2024-04-17 12:13   
Merge request merged: https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.posterminal/-/merge_requests/1531 [^]