Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0012660 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| defect | [Openbravo ERP] A. Platform | major | sometimes | 2010-03-12 09:58 | 2010-05-19 00:00 | |||
| Reporter | iperdomo | View Status | public | |||||
| Assigned To | mtaal | |||||||
| Priority | urgent | Resolution | fixed | Fixed in Version | ||||
| Status | closed | Fix in branch | pi | Fixed in SCM revision | 573900290738 | |||
| Projection | none | ETA | none | Target Version | pi | |||
| OS | Linux 32 bit | Database | PostgreSQL | Java version | 1.6.0_15 | |||
| OS Version | 2.6.30-gentoo-r5 | Database version | 8.3.8 | Ant version | 1.7.1 | |||
| Product Version | SCM revision | |||||||
| Review Assigned To | ||||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0012660: OBContext enableAsAdminContext - resetAsAdminContext should use an stack | |||||||
| Description | Right now we have 2 ways to enable/disable the AdminContext, either hold the current context in a variable, and reset it to that context after making the calls, and 2nd one is enableAsAdminContext/resetAsAdminContext, the problem is that this second approach is not safe when using on nested calls, it always reset the AdminContext to false. | |||||||
| Proposed Solution | Use a 'stack' of user context and push and pop contexts when calling enable/reset Admin. This approach is simpler for a developer,. | |||||||
| Tags | No tags attached. | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
|
 Relationships |
|
Notes |
|
|
(0025502) hgbot (developer) 2010-03-16 07:06 |
Repository: erp/devel/pi Changeset: 0edb9a09c2558500f1f0edf1701de066af9f56a0 Author: Martin Taal <martin.taal <at> openbravo.com> Date: Tue Mar 16 07:13:11 2010 +0100 URL: http://code.openbravo.com/erp/devel/pi/rev/0edb9a09c2558500f1f0edf1701de066af9f56a0 [^] fixes issue 12660: OBContext enableAsAdminContext - resetAsAdminContext should use an stack --- M src-test/org/openbravo/test/dal/IssuesTest.java M src/org/openbravo/dal/core/OBContext.java --- |
|
(0025530) mtaal (manager) 2010-03-16 11:04 |
Commit done to early, will be done again in 3 days |
|
(0025554) hudsonbot (developer) 2010-03-17 09:01 |
A changeset related to this issue has been promoted to main after passing a series of tests and an OBX has been generated: Changeset: http://code.openbravo.com/erp/devel/main/rev/0edb9a09c255 [^] Merge Changeset: http://code.openbravo.com/erp/devel/main/rev/859b8a1e96e9 [^] Tests: http://builds.openbravo.com/view/devel-int/ [^] OBX: http://builds.openbravo.com/erp/core/obx/OpenbravoERP-2.50CI.16735.obx [^] |
|
(0025912) mtaal (manager) 2010-04-06 19:17 |
The changeset above was rolled back in this changeset: https://code.openbravo.com/erp/devel/pi/rev/eba1e8f414f8 [^] |
|
(0026254) mtaal (manager) 2010-04-15 13:12 |
Note, also in the DalRequestFilter the admin context must be set to false/disabled and a warning logged if it was not set by the app. Stefan, check if there is a tool to check correct use of this pattern. gr. Martin |
|
(0026958) hgbot (developer) 2010-05-05 14:18 |
Repository: erp/devel/pi Changeset: 57390029073861fd9eef7115fa83812d18d6cc09 Author: Martin Taal <martin.taal <at> openbravo.com> Date: Wed May 05 14:18:16 2010 +0200 URL: http://code.openbravo.com/erp/devel/pi/rev/57390029073861fd9eef7115fa83812d18d6cc09 [^] fixes issue 12594: Make setting of administrator mode less vulnerable for wrong usage fixes issue 12660: OBContext enableAsAdminContext - resetAsAdminContext should use an stack --- M src-test/org/openbravo/test/base/BaseTest.java M src-test/org/openbravo/test/dal/OBContextTest.java M src-test/org/openbravo/test/model/UtilsTest.java M src-test/org/openbravo/test/xml/EntityXMLImportTestBusinessObject.java M src-test/org/openbravo/test/xml/EntityXMLImportTestReference.java M src/org/openbravo/base/secureApp/HttpSecureAppServlet.java M src/org/openbravo/base/secureApp/LoginHandler.java M src/org/openbravo/base/secureApp/LoginUtils.java M src/org/openbravo/base/secureApp/UserLock.java M src/org/openbravo/base/secureApp/VariablesSecureApp.java M src/org/openbravo/dal/core/DalInitializingTask.java M src/org/openbravo/dal/core/DalRequestFilter.java M src/org/openbravo/dal/core/OBContext.java M src/org/openbravo/dal/core/TriggerHandler.java M src/org/openbravo/dal/security/EntityAccessChecker.java M src/org/openbravo/dal/xml/EntityResolver.java M src/org/openbravo/dal/xml/EntityXMLConverter.java M src/org/openbravo/erpCommon/ad_callouts/SL_GlobalUse_Product.java M src/org/openbravo/erpCommon/ad_callouts/SL_InOutLine_Product.java M src/org/openbravo/erpCommon/ad_callouts/SL_Internal_Consumption_Product.java M src/org/openbravo/erpCommon/ad_callouts/SL_Inventory_Product.java M src/org/openbravo/erpCommon/ad_callouts/SL_Movement_Product.java M src/org/openbravo/erpCommon/ad_callouts/SL_PC_Case_Product.java M src/org/openbravo/erpCommon/ad_callouts/SL_Production_Product.java M src/org/openbravo/erpCommon/ad_callouts/SL_RequisitionLine_Product.java M src/org/openbravo/erpCommon/ad_forms/About.java M src/org/openbravo/erpCommon/ad_forms/DocFINFinAccTransaction.java M src/org/openbravo/erpCommon/ad_forms/DocFINPayment.java M src/org/openbravo/erpCommon/ad_forms/DocFINReconciliation.java M src/org/openbravo/erpCommon/ad_forms/InitialOrgSetup.java M src/org/openbravo/erpCommon/ad_forms/Role.java M src/org/openbravo/erpCommon/ad_process/ApplyModules.java M src/org/openbravo/erpCommon/ad_process/CreateCustomModule.java M src/org/openbravo/erpCommon/ad_process/PaymentMonitor.java M src/org/openbravo/erpCommon/businessUtility/AuditTrailPopup.java M src/org/openbravo/erpCommon/info/AttributeSetInstance.java M src/org/openbravo/erpCommon/info/ImageInfoBLOB.java M src/org/openbravo/erpCommon/modules/ModuleUtiltiy.java M src/org/openbravo/erpCommon/obps/ActivationKey.java M src/org/openbravo/erpCommon/obps/CheckCleanCache.java M src/org/openbravo/erpCommon/obps/GetOpenbravoLogo.java M src/org/openbravo/erpCommon/security/Login.java M src/org/openbravo/erpCommon/security/Menu.java M src/org/openbravo/erpCommon/security/SessionLogin.java M src/org/openbravo/erpCommon/utility/ImageToDatabaseLoader.java M src/org/openbravo/erpCommon/utility/ShowImage.java M src/org/openbravo/erpCommon/utility/ShowImageLogo.java M src/org/openbravo/erpCommon/utility/ToolBar.java M src/org/openbravo/erpCommon/utility/UsedByLink.java M src/org/openbravo/erpCommon/utility/Utility.java M src/org/openbravo/erpCommon/utility/VerticalMenu.java M src/org/openbravo/reference/Reference.java M src/org/openbravo/reference/ui/UIList.java M src/org/openbravo/service/dataset/DataSetService.java M src/org/openbravo/service/db/CallProcess.java M src/org/openbravo/service/db/DataExportService.java M src/org/openbravo/service/db/DataImportService.java M src/org/openbravo/service/system/SystemService.java M src/org/openbravo/service/web/UserContextCache.java --- |
|
(0027421) shuehner (administrator) 2010-05-18 13:34 |
Tested in pi/pg working fine. New/consistent api is introduced for enabling/disabling admin mode. All older api's for the same are deprecated. All core callers are already updated to use the new api. The deprecation warnings which will be shown by using non-updated code (in i.e. modules) will be hidden by default in the rebuild-popup but shown in the console and eclipse builds. |
|
(0027482) hudsonbot (developer) 2010-05-18 21:43 |
A changeset related to this issue has been promoted to main after passing a series of tests and an OBX has been generated: Changeset: http://code.openbravo.com/erp/devel/main/rev/573900290738 [^] Merge Changeset: http://code.openbravo.com/erp/devel/main/rev/aa11838d5f80 [^] Tests: http://builds.openbravo.com/view/devel-int/ [^] OBX: http://builds.openbravo.com/erp/core/obx/OpenbravoERP-2.50CI.17380.obx [^] |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2010-03-12 09:58 | iperdomo | New Issue | |
| 2010-03-12 09:58 | iperdomo | Assigned To | => mtaal |
| 2010-03-12 09:58 | iperdomo | Status | new => scheduled |
| 2010-03-12 09:58 | iperdomo | fix_in_branch | => pi |
| 2010-03-16 07:06 | hgbot | Checkin | |
| 2010-03-16 07:06 | hgbot | Note Added: 0025502 | |
| 2010-03-16 07:06 | hgbot | Status | scheduled => resolved |
| 2010-03-16 07:06 | hgbot | Resolution | open => fixed |
| 2010-03-16 07:06 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/0edb9a09c2558500f1f0edf1701de066af9f56a0 [^] |
| 2010-03-16 11:04 | mtaal | Note Added: 0025530 | |
| 2010-03-16 11:04 | mtaal | Status | resolved => new |
| 2010-03-16 11:04 | mtaal | Resolution | fixed => open |
| 2010-03-17 09:01 | hudsonbot | Checkin | |
| 2010-03-17 09:01 | hudsonbot | Note Added: 0025554 | |
| 2010-03-22 08:31 | alostale | Status | new => scheduled |
| 2010-04-06 19:17 | mtaal | Note Added: 0025912 | |
| 2010-04-15 13:12 | mtaal | Note Added: 0026254 | |
| 2010-05-05 14:18 | hgbot | Checkin | |
| 2010-05-05 14:18 | hgbot | Note Added: 0026958 | |
| 2010-05-05 14:18 | hgbot | Status | scheduled => resolved |
| 2010-05-05 14:18 | hgbot | Resolution | open => fixed |
| 2010-05-05 14:18 | hgbot | Fixed in SCM revision | http://code.openbravo.com/erp/devel/pi/rev/0edb9a09c2558500f1f0edf1701de066af9f56a0 [^] => http://code.openbravo.com/erp/devel/pi/rev/57390029073861fd9eef7115fa83812d18d6cc09 [^] |
| 2010-05-18 13:34 | shuehner | Note Added: 0027421 | |
| 2010-05-18 13:34 | shuehner | Status | resolved => closed |
| 2010-05-18 21:43 | hudsonbot | Checkin | |
| 2010-05-18 21:43 | hudsonbot | Note Added: 0027482 | |
| 2010-05-19 00:00 | anonymous | sf_bug_id | 0 => 3003670 |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |