Openbravo Issue Tracking System - Openbravo ERP
View Issue Details
0057513Openbravo ERPA. Platformpublic2024-12-19 21:582025-01-20 00:01
egoitz 
ablasco 
urgentmajoralways
closedfixed 
5
 
 
Core
No
0057513: The session is modified when using the POS and opening a new tab with the url with the backoffice URL even when not access
When using a role defined as restrict backoffice access to yes,
if you are using the POS and you open a new tab with the backoffice URL, you get a message saying that you don't have access, but the ad_session row linked to the user/session you were using is changed from OB_POS to S (Sucess).
The loging_status should be keep as OB_POS becuas the access to BO is not allowed/done.

This is affecting the invoicing of our customers as we are invoicing them in SaaS based on the users doing a Successful login in the backoffice.
- Define the vallblancauser role as "restrict backoffice access" to Y
- Access to the pos with the valblanca user and vallblancaruser role.
- See in another profile, in the session window as system admin, that there is a session with login_status OB-POS
- ON the previous profile where the pos login was done, open a new tab putting the URL of the backoffice
- You get a error message saying that you can access to the backoffice
- Check on the session that the Login_status has changed to Sucess
No tags attached.
Issue History
2024-12-19 21:58egoitzNew Issue
2024-12-19 21:58egoitzAssigned To => Triage Platform Base
2024-12-19 21:58egoitzModules => Core
2024-12-19 21:58egoitzTriggers an Emergency Pack => No
2025-01-10 09:51AugustoMauchAssigned ToTriage Platform Base => ablasco
2025-01-10 11:38ablascoStatusnew => acknowledged
2025-01-10 14:21hgbotNote Added: 0174014
2025-01-19 23:58hgbotNote Added: 0174340
2025-01-20 00:00AugustoMauchStatusacknowledged => scheduled
2025-01-20 00:01AugustoMauchStatusscheduled => resolved
2025-01-20 00:01AugustoMauchFixed in SCM revision => https://gitlab.com/openbravo/product/openbravo/-/merge_requests/1498/diffs?commit_id=5e601bcab8e307325c7b64322273eb556ac35bce [^]
2025-01-20 00:01AugustoMauchResolutionopen => fixed
2025-01-20 00:01AugustoMauchStatusresolved => closed

Notes
(0174014)
hgbot   
2025-01-10 14:21   
Merge Request created: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/1498 [^]
(0174340)
hgbot   
2025-01-19 23:58   
Merge request merged: https://gitlab.com/openbravo/product/openbravo/-/merge_requests/1498 [^]