Project:
View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
ID | ||||||||
0015387 | ||||||||
Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
defect | [Openbravo ERP] A. Platform | minor | have not tried | 2010-12-09 15:03 | 2011-05-24 10:56 | |||
Reporter | shuehner | View Status | public | |||||
Assigned To | gorkaion | |||||||
Priority | normal | Resolution | fixed | Fixed in Version | ||||
Status | closed | Fix in branch | pi | Fixed in SCM revision | 53196cb59edb | |||
Projection | none | ETA | none | Target Version | ||||
OS | Any | Database | Any | Java version | ||||
OS Version | Database version | Ant version | ||||||
Product Version | SCM revision | |||||||
Review Assigned To | ||||||||
Web browser | ||||||||
Modules | JSON Datasource | |||||||
Regression level | ||||||||
Regression date | ||||||||
Regression introduced in release | ||||||||
Regression introduced by commit | ||||||||
Triggers an Emergency Pack | No | |||||||
Summary | 0015387: DataToJsonConverter check (for access) selector fields which are defined but marked as isactive ='N' | |||||||
Description | Start with scenario of issue 14697. Define a selector having no fields. I.e. Selector based on m_product use that selector in i.e. Sales Order (lines) Use(create) a role not having access to m_product table (i.e. no windows access to any window based on that table) and try to use the defined selector. As only _identifier is used by the selector should work fine as those are derived readable. Now add a defined selector field based on property path "uOM.id" but mark this field as isactive='N'. Notice that you'll get an exception about access to that inactive field. | |||||||
Tags | closingMay2011 | |||||||
Attached Files | 15387.png [^] (8,116 bytes) 2010-12-09 15:06
| |||||||
Relationships [ Relation Graph ] [ Dependency Graph ] | ||||||||||||||||||||||
|
Notes | |
(0033085) shuehner (administrator) 2010-12-09 15:04 |
Stacktrace of exception: 186355 [http-8080-3] ERROR org.openbravo.base.exception.OBSecurityException - Entity Product is not directly readable, only id and identifier properties are readable, property Product.uOM is neither of these. org.openbravo.base.exception.OBSecurityException: Entity Product is not directly readable, only id and identifier properties are readable, property Product.uOM is neither of these. at org.openbravo.base.structure.BaseOBObject.checkDerivedReadable(BaseOBObject.java:172) at org.openbravo.base.structure.BaseOBObject.get(BaseOBObject.java:140) at org.openbravo.service.json.DataToJsonConverter.getValueFromPath(DataToJsonConverter.java:197) at org.openbravo.service.json.DataToJsonConverter.toJsonObject(DataToJsonConverter.java:154) at org.openbravo.service.json.DataToJsonConverter.toJsonObjects(DataToJsonConverter.java:101) at org.openbravo.service.json.DefaultJsonDataService.fetch(DefaultJsonDataService.java:125) at org.openbravo.service.datasource.DefaultDataSourceService.fetch(DefaultDataSourceService.java:63) at org.openbravo.service.datasource.DataSourceServlet.doFetch(DataSourceServlet.java:144) at org.openbravo.service.datasource.DataSourceServlet.doPost(DataSourceServlet.java:154) at javax.servlet.http.HttpServlet.service(HttpServlet.java:637) at org.openbravo.base.HttpBaseServlet.serviceInitialized(HttpBaseServlet.java:225) at org.openbravo.base.secureApp.HttpSecureAppServlet.service(HttpSecureAppServlet.java:470) at org.openbravo.client.kernel.BaseKernelServlet.callServiceInSuper(BaseKernelServlet.java:91) at org.openbravo.client.kernel.BaseKernelServlet$1.process(BaseKernelServlet.java:65) at org.jboss.seam.servlet.ContextualHttpServletRequest.run(ContextualHttpServletRequest.java:53) at org.openbravo.client.kernel.BaseKernelServlet.service(BaseKernelServlet.java:62) at org.openbravo.service.datasource.DataSourceServlet.service(DataSourceServlet.java:75) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) |
(0033086) shuehner (administrator) 2010-12-09 15:06 |
Note: noticed with revision b82e7b3ee9b6 of the service.json module which is tag 1.0.9 + changeset from 14697 (in named branch core-2.50) |
(0033093) shuehner (administrator) 2010-12-09 16:46 |
Note: obx files attached to issue 15391 can be also used as a definition for this usecase. |
(0034530) hgbot (developer) 2011-03-03 12:30 |
Repository: erp/devel/pi Changeset: 53196cb59edb975b4ecfd42bfe519d1d400ca2c2 Author: Gorka Ion Damián <gorkaion.damian <at> openbravo.com> Date: Thu Mar 03 12:27:32 2011 +0100 URL: http://code.openbravo.com/erp/devel/pi/rev/53196cb59edb975b4ecfd42bfe519d1d400ca2c2 [^] Fixed issue 15391. Fixed issue 15387. Get only active fields from selector. --- M modules/org.openbravo.userinterface.selector/src/org/openbravo/userinterface/selector/CustomQuerySelectorDatasource.java M modules/org.openbravo.userinterface.selector/src/org/openbravo/userinterface/selector/SelectorComponent.java --- |
Issue History | |||
Date Modified | Username | Field | Change |
2010-12-09 15:03 | shuehner | New Issue | |
2010-12-09 15:03 | shuehner | Assigned To | => alostale |
2010-12-09 15:03 | shuehner | Modules | => JSON Datasource |
2010-12-09 15:04 | shuehner | Assigned To | alostale => mtaal |
2010-12-09 15:04 | shuehner | Note Added: 0033085 | |
2010-12-09 15:06 | shuehner | File Added: 15387.png | |
2010-12-09 15:06 | shuehner | Note Added: 0033086 | |
2010-12-09 15:52 | shuehner | Relationship added | related to 0014697 |
2010-12-09 16:46 | shuehner | Relationship added | related to 0015391 |
2010-12-09 16:46 | shuehner | Note Added: 0033093 | |
2010-12-13 09:03 | alostale | Status | new => scheduled |
2011-02-28 15:38 | mtaal | Assigned To | mtaal => gorkaion |
2011-03-03 12:20 | gorkaion | Status | scheduled => acknowledged |
2011-03-03 12:20 | gorkaion | Status | acknowledged => scheduled |
2011-03-03 12:20 | gorkaion | fix_in_branch | => pi |
2011-03-03 12:30 | hgbot | Checkin | |
2011-03-03 12:30 | hgbot | Note Added: 0034530 | |
2011-03-03 12:30 | hgbot | Status | scheduled => resolved |
2011-03-03 12:30 | hgbot | Resolution | open => fixed |
2011-03-03 12:30 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/53196cb59edb975b4ecfd42bfe519d1d400ca2c2 [^] |
2011-05-24 10:11 | dalsasua | Tag Attached: closingMay2011 | |
2011-05-24 10:56 | dalsasua | Status | resolved => closed |
Copyright © 2000 - 2009 MantisBT Group |