Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0002279 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| defect | [Openbravo ERP] C. Security | minor | always | 2007-11-16 12:19 | 2008-07-04 18:34 | |||
| Reporter | jpabloae | View Status | public | |||||
| Assigned To | jpabloae | |||||||
| Priority | normal | Resolution | fixed | Fixed in Version | 2.40beta | |||
| Status | closed | Fix in branch | Fixed in SCM revision | |||||
| Projection | none | ETA | none | Target Version | ||||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | SCM revision | |||||||
| Merge Request Status | ||||||||
| Review Assigned To | ||||||||
| OBNetwork customer | No | |||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Support ticket | ||||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0002279: Cannot login if ad_role_id=0 is the only one | |||||||
| Description | It is not possible to login in Openbravo if the ad_role_id=0 is the only one and there are no more roles. This happens if one deletes the Big Bazaar entity. Steps to reproduce: 1. Install Openbravo 2.35. 2. Delete the Big Bazaar entity. 3. Try to login with the Openbravo user. Environment: Openbravo: 2.35 Database: Oracle 10g OS: Gentoo Linux | |||||||
| Tags | No tags attached. | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
|
 Relationships |
|
Notes |
|
|
(0002673) jpabloae (viewer) 2007-11-16 12:27 edited on: 2008-06-12 09:23 |
Logged In: YES user_id=1603191 Originator: YES There are two problems in src/org/openbravo/base/secureApp/HttpSecureAppServlet.java: 1. strRole = DefaultOptionsData.defaultRole(this, strUserAuth); if(strRole == null) strRole = DefaultOptionsData.getDefaultRole(this, strUserAuth); "DefaultOptionsData.defaultRole(this, strUserAuth)" returns NULL. But manually running that sql query it returns "0". 2. The DefaultOptionsData.getDefaultRole, in src/org/openbravo/base/secureApp/DefaultOptions_data.xsql: It explicitly requires ad_role_id and ad_org_id not to be 0, thus disallowing it to login. |
|
(0002674) jpabloae (viewer) 2007-11-16 12:42 edited on: 2008-06-12 09:23 |
Logged In: YES user_id=1603191 Originator: YES 1) is reproduceable in 2.35 but not in trunk. 2) Patch attached. File Added: adrole.diff |
|
(0002675) jpabloae (viewer) 2007-12-03 11:35 edited on: 2008-06-12 09:23 |
Logged In: YES user_id=1603191 Originator: YES As a side effect it disallows new admins to log in. Solved by taking the las organization list of their orglist. |
|
(0005868) user71 2005-06-01 00:00 edited on: 2008-06-12 09:43 |
This bug was originally reported in SourceForge bug tracker and then migrated to Mantis. You can see the original bug report in: https://sourceforge.net/support/tracker.php?aid=1833071 [^] |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2008-07-04 18:34 | plujan | Status | resolved => closed |
| 2008-07-04 18:34 | plujan | Fixed in Version | 2.40alpha-r2 => 2.40beta |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |