Openbravo Issue Tracking System - Retail Modules
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0055308Retail ModulesWeb POSpublic2024-04-24 17:412024-04-25 12:37
Reportereugen_hamuraru 
Assigned Toeugen_hamuraru 
PrioritynormalSeveritymajorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target VersionFixed in VersionRR24Q3 
Merge Request Status
Review Assigned To
OBNetwork customer
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0055308: Cannot use Stock API external service with OAuth authentication by a manual role
DescriptionThe Stock API external service is configured using backend as a proxy and OAuth2 authentication.

when the POS is used with a manual role with limited access to backend window the stock API fails
Steps To Reproduce1. Configure Stock API to authenticate with OAuth
2. Log in with a manual role with standard access
3. Use stock API
  ERROR: 2024-04-24 10:00:59,028 [http-nio-127.0.0.1-8080-exec-16] ERROR org.openbravo.mobile.core.process.JSONRowConverter - Error in JSON process: Entity C_External_System is not readable by the user CC7F8ECF2668464796316909D81392C8
org.openbravo.base.exception.OBSecurityException: Entity C_External_System is not readable by the user CC7F8ECF2668464796316909D81392C8
        at org.openbravo.dal.security.EntityAccessChecker.checkReadable(EntityAccessChecker.java:640) ~[classes/:?]
        at org.openbravo.dal.service.OBDal.checkReadAccess(OBDal.java:749) ~[classes/:?]
        at org.openbravo.dal.service.OBDal.checkReadAccess(OBDal.java:736) ~[classes/:?]
        at org.openbravo.dal.service.OBDal.createCriteria(OBDal.java:572) ~[classes/:?]
        at org.openbravo.mobile.core.externalsystem.HttpAuthorizationService.checkIsReadable(HttpAuthorizationService.java:55) ~[classes/:?]
        at org.openbravo.mobile.core.externalsystem.HttpAuthorizationService.exec(HttpAuthorizationService.java:47) ~[classes/:?]
        at org.openbravo.mobile.core.process.JSONProcessSimple.exec(JSONProcessSimple.java:47) ~[classes/:?]
Proposed Solution
Additional Information
TagsNo tags attached.
Relationships
depends on backport 0055309RR24Q2 closed eugen_hamuraru Cannot use Stock API external service with a manual role 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2024-04-24 17:41eugen_hamuraruNew Issue
2024-04-24 17:41eugen_hamuraruAssigned To => eugen_hamuraru
2024-04-24 17:51hgbotNote Added: 0163681
2024-04-25 07:31alostaleSeverityminor => major
2024-04-25 07:34alostaleProjectModules => Openbravo for Retail
2024-04-25 07:35alostaleProjectOpenbravo for Retail => Retail Modules
2024-04-25 07:35alostaleTriggers an Emergency Pack => No
2024-04-25 07:35alostaleCategoryExternal Integration Infrastructure => Web POS
2024-04-25 07:36alostaleStatusnew => scheduled
2024-04-25 07:40hgbotResolutionopen => fixed
2024-04-25 07:40hgbotStatusscheduled => closed
2024-04-25 07:40hgbotNote Added: 0163709
2024-04-25 07:40hgbotFixed in Version => RR24Q3
2024-04-25 07:40hgbotNote Added: 0163710
2024-04-25 07:43alostaleSummaryCannot use Stock API external service with a manual role => Cannot use Stock API external service with OAuth authentication by a manual role
2024-04-25 07:43alostaleSteps to Reproduce Updatedbug_revision_view_page.php?rev_id=27872#r27872
2024-04-25 07:44alostaleTypedesign defect => defect
2024-04-25 10:00hgbotNote Added: 0163721
2024-04-25 10:31hgbotNote Added: 0163726
2024-04-25 10:31hgbotNote Added: 0163727
2024-04-25 12:37hgbotNote Added: 0163736

Notes
(0163681)
hgbot   
2024-04-24 17:51   
Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/merge_requests/697 [^]
(0163709)
hgbot   
2024-04-25 07:40   
Merge request merged: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/merge_requests/697 [^]
(0163710)
hgbot   
2024-04-25 07:40   
Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core [^]
Changeset: 06993400f994c34c21c438ee5e71de1f321f4538
Author: Eugen Hamuraru <eugen.hamuraru@openbravo.com>
Date: 25-04-2024 07:36:59
URL: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/commit/06993400f994c34c21c438ee5e71de1f321f4538 [^]

Fixes ISSUE-55308: Cannot use Stock API external service with a manual role

Sets admin mode to check external system

---
M src/org/openbravo/mobile/core/externalsystem/HttpAuthorizationService.java
---
(0163721)
hgbot   
2024-04-25 10:00   
Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/merge_requests/701 [^]
(0163726)
hgbot   
2024-04-25 10:31   
Merge request merged: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/merge_requests/701 [^]
(0163727)
hgbot   
2024-04-25 10:31   
Repository: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core [^]
Changeset: d167ff054b02a467e440cb9445d90e661c022684
Author: Eugen Hamuraru <eugen.hamuraru@openbravo.com>
Date: 25-04-2024 10:14:17
URL: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/commit/d167ff054b02a467e440cb9445d90e661c022684 [^]

related to BUG-55308: add test case

---
M src-test/org/openbravo/mobile/core/externalsystem/HttpAuthorizationServiceTest.java
---
(0163736)
hgbot   
2024-04-25 12:37   
Repository: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core [^]
Changeset: 0bcb43e62c7447e0561c2b240170fd2e83735134
Author: Carlos Aristu <carlos.aristu@openbravo.com>
Date: 25-04-2024 12:37:13
URL: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/commit/0bcb43e62c7447e0561c2b240170fd2e83735134 [^]

related to BUG-55308: adapt test to pass in CI

---
M src-test/org/openbravo/mobile/core/externalsystem/HttpAuthorizationServiceTest.java
---