Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0002379
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Openbravo ERP] C. Securityminoralways2007-12-17 21:562009-10-06 11:16
ReportervillindView Statuspublic 
Assigned Toshuehner 
PriorityurgentResolutionfixedFixed in Version2.50MP6
StatusclosedFix in branchFixed in SCM revisionc70b711ebf99
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product Version2.40SCM revision 
Review Assigned To
Web browser
ModulesCore
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0002379: Changing pass for un-saved user changes it to current user

DescriptionIf you are creating a user and try to enter password it will update password for the current user.

Tags250MP1
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
depends on backport 0003629 closedalostale Changing pass for un-saved user changes it to cu 
depends on backport 0004942 closedshuehner Changing pass for un-saved user changes it to current user 

-  Notes
(0002817)
rafaroda (developer)
2008-01-10 11:22
edited on: 2008-06-12 09:23

Logged In: YES
user_id=1892190
Originator: NO

Hi,

Could you please specify in detail the steps you follow to reproduce this bug?

Thank you very much,

Rafa Roda Palacios
Openbravo Team
(0002818)
villind (developer)
2008-01-29 09:16
edited on: 2008-06-12 09:23

Logged In: YES
user_id=61737
Originator: YES

Steps to reproduce:

 1. Click new "Business Partner"
 2. Enter details
 3. Open password dialog and give a new password
 4. Click save
 5. Log out
 6. Log in with the same user account as before (this fails as the password has been changed)
(0002819)
alostale (manager)
2008-02-05 11:53
edited on: 2008-06-12 09:23

Logged In: YES
user_id=1500722
Originator: NO

Which version are you working with?

Password is set for users (General Setup || Security || User) not for Business Partners. I tried to change the password to a user (with trunk version) and it didn't change the current user's one.
(0002820)
villind (developer)
2008-02-05 14:06
edited on: 2008-06-12 09:23

Logged In: YES
user_id=61737
Originator: YES

Steps to reproduce (on version 2.35mp1):

 1. Click new "User"
 2. Enter details
 3. Open password dialog and give a new password
 4. Click save
 5. Log out
 6. Log in with the same user account as before (this fails as the
password has been changed)

The same applied to trunk as well when this bug was reported.
(0002821)
cromero (reporter)
2008-02-05 18:23
edited on: 2008-06-12 09:23

Logged In: YES
user_id=1500614
Originator: NO

The way to reproduce is not saving between steps 2 and 3.
An alert message is shown indicating that exist changes in the data that have not been saved (see attached file ScreenShot.png)
If you discard the message, you will edit the password of previous register shown before the new button was clicked (whatever it was).

Carlos Romero
Openbravo Team
File Added: ScreenShot.png
(0002822)
villind (developer)
2008-02-05 19:30
edited on: 2008-06-12 09:23

Logged In: YES
user_id=61737
Originator: YES

Yes, you need to cancel the warning to be able to enter the new password. But as passwords are usually entered while creating a new user some new Openbravo users fall into this trap and even re-install the application as the cannot login any more(see the IRC logs).

An easy way to fix this would be hiding the password entry when the user is not saved, but more optimal would be direct editing of password (and verify password) while creating a user.

The current implementation is not "wrong", but it is error prone.


(0002823)
alostale (manager)
2008-02-15 18:24
edited on: 2008-06-12 09:23

Logged In: YES
user_id=1500722
Originator: NO

The way it works now is showing an error message in case the user is not already saved.
(0005968)
user71
2005-06-01 00:00
edited on: 2008-06-12 09:43

This bug was originally reported in SourceForge bug tracker and then migrated to Mantis.

You can see the original bug report in:
https://sourceforge.net/support/tracker.php?aid=1852662 [^]
(0008163)
plujan (manager)
2008-07-03 19:33

On r2.40beta is possible to repeat this behavior.
(0013267)
pjuvara (reporter)
2009-02-09 14:09

Increasing priority as this is the oldest defect in the backlog.
(0013309)
shuehner (administrator)
2009-02-10 14:09

In trunk the new record is auto-saved when you press on the 'Change password' button on a newly created (not yet saved user). Then the 'change password' dialog correctly changes the password of the just auto-saved user.

On disagreement with this explanation please do re-open the issue.
(0013327)
plujan (manager)
2009-02-10 17:57

Autosave function could be disabled and the behavior would be the same as in previous releases.
(0019818)
hgbot (developer)
2009-09-11 19:57

Repository: erp/devel/pi
Changeset: c70b711ebf99bbf7f7e0842566299d7145156ada
Author: Stefan Hühner <stefan.huehner <at> openbravo.com>
Date: Fri Sep 11 19:57:20 2009 +0200
URL: http://code.openbravo.com/erp/devel/pi/rev/c70b711ebf99bbf7f7e0842566299d7145156ada [^]

Fixed 2379: Hide change password field & change email server password field, if
autosave is disabled and record is not (yet) saved, as change password popup
only works with saved records.

---
M src-db/database/sourcedata/AD_FIELD.xml
---
(0019819)
hudsonbot (developer)
2009-09-11 20:25

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-inc-pgsql/857/ [^]
------
(0019820)
hudsonbot (developer)
2009-09-11 20:31

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-inc-oracle/750/ [^]
------
(0019821)
hudsonbot (developer)
2009-09-11 20:50

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-full-pgsql/349/ [^]
------
(0019822)
hudsonbot (developer)
2009-09-11 20:51

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-full-oracle/343/ [^]
------
(0019823)
hudsonbot (developer)
2009-09-11 21:00

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-module-installation-test/92/ [^]
------
(0019832)
hudsonbot (developer)
2009-09-11 21:17

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-pgsql-db-full-consistency-test/173/ [^]
------
(0019833)
hudsonbot (developer)
2009-09-11 21:24

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-module-installation-test/93/ [^]
------
(0019848)
hudsonbot (developer)
2009-09-11 23:15

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-module-integrity-test/137/ [^]
------
(0019852)
hudsonbot (developer)
2009-09-12 09:53

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-pgsql-smoke-test/61/ [^]
------
(0019861)
hudsonbot (developer)
2009-09-12 21:17

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-pgsql-db-full-consistency-test/174/ [^]
------
(0019862)
hudsonbot (developer)
2009-09-13 09:54

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-pgsql-smoke-test/62/ [^]
------
(0019863)
hudsonbot (developer)
2009-09-13 11:22

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-module-installation-test/94/ [^]
------
(0019874)
hudsonbot (developer)
2009-09-13 21:17

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-pgsql-db-full-consistency-test/175/ [^]
------
(0019880)
hudsonbot (developer)
2009-09-14 10:39

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-pgsql-smoke-test/63/ [^]
------
(0019897)
hudsonbot (developer)
2009-09-14 11:51

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-module-integrity-test/138/ [^]
------
(0019911)
hudsonbot (developer)
2009-09-14 14:54

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-module-installation-test/95/ [^]
------
(0019914)
hudsonbot (developer)
2009-09-14 16:54

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-module-installation-test/96/ [^]
------
(0019922)
hudsonbot (developer)
2009-09-14 18:37

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-pgsql-db-full-consistency-test/176/ [^]
------
(0019947)
hudsonbot (developer)
2009-09-14 19:57

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-pgsql-db-full-consistency-test/177/ [^]
------
(0019971)
hudsonbot (developer)
2009-09-14 21:07

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-module-installation-test/97/ [^]
------
(0019979)
hudsonbot (developer)
2009-09-14 21:17

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-pgsql-db-full-consistency-test/178/ [^]
------
(0020001)
hudsonbot (developer)
2009-09-14 23:15

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-module-integrity-test/139/ [^]
------
(0020013)
hudsonbot (developer)
2009-09-15 01:09

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-module-installation-test/98/ [^]
------
(0020049)
hudsonbot (developer)
2009-09-15 12:12

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-module-installation-test/99/ [^]
------
(0020062)
hudsonbot (developer)
2009-09-15 12:35

Fixed Issue 2379

------
Integrated in http://builds.openbravo.com/job/erp_devel_pi-pgsql-db-full-consistency-test/179/ [^]
------
(0020191)
sureshbabu (reporter)
2009-09-18 11:35

I retested after i deactivated the auto functionality, after i create a user details when i click the password icon, warning message appears & i ignore the warning message by clicking OK and entered password

And i re login using the same user i can able to login in.

And also i find change password field & change email server password field are hidden fields.
(0020196)
psarobe (manager)
2009-09-18 12:38

Tested working fine
(0020458)
hgbot (developer)
2009-09-29 14:11

Repository: erp/devel/pi-pageddatagrid
Changeset: c70b711ebf99bbf7f7e0842566299d7145156ada
Author: Stefan Hühner <stefan.huehner <at> openbravo.com>
Date: Fri Sep 11 19:57:20 2009 +0200
URL: http://code.openbravo.com/erp/devel/pi-pageddatagrid/rev/c70b711ebf99bbf7f7e0842566299d7145156ada [^]

Fixed 2379: Hide change password field & change email server password field, if
autosave is disabled and record is not (yet) saved, as change password popup
only works with saved records.

---
M src-db/database/sourcedata/AD_FIELD.xml
---
(0020747)
psarobe (manager)
2009-10-06 11:16

Closed again because hudson has reopened without no reason

- Issue History
Date Modified Username Field Change
2008-07-03 19:33 plujan Status resolved => new
2008-07-03 19:33 plujan Resolution fixed => open
2008-07-03 19:33 plujan Note Added: 0008163
2008-07-03 19:33 plujan Fixed in Version 2.40alpha-r2 =>
2008-07-04 09:03 cromero Status new => scheduled
2008-07-04 09:03 cromero fix_in_branch => trunk
2008-12-10 09:58 alostale Assigned To alostale => iperdomo
2009-01-19 10:25 rafaroda version => 2.40
2009-01-19 10:25 rafaroda fix_in_branch trunk =>
2009-01-19 10:25 rafaroda Description Updated
2009-02-03 17:49 iperdomo Assigned To iperdomo => shuehner
2009-02-09 14:09 pjuvara Priority normal => high
2009-02-09 14:09 pjuvara Note Added: 0013267
2009-02-10 14:09 shuehner Regression testing => No
2009-02-10 14:09 shuehner Status scheduled => closed
2009-02-10 14:09 shuehner Note Added: 0013309
2009-02-10 14:09 shuehner Resolution open => no change required
2009-02-10 17:57 plujan Status closed => new
2009-02-10 17:57 plujan Resolution no change required => open
2009-02-10 17:57 plujan Note Added: 0013327
2009-02-24 12:00 psarobe Status new => acknowledged
2009-02-24 12:00 psarobe Status acknowledged => scheduled
2009-02-24 12:00 psarobe fix_in_branch => trunk
2009-04-23 16:05 psarobe Tag Attached: 250MP1
2009-08-02 19:50 psarobe Priority high => urgent
2009-08-02 19:50 psarobe fix_in_branch pi =>
2009-09-11 19:57 hgbot Checkin
2009-09-11 19:57 hgbot Note Added: 0019818
2009-09-11 19:57 hgbot Status scheduled => resolved
2009-09-11 19:57 hgbot Resolution open => fixed
2009-09-11 19:57 hgbot Fixed in SCM revision => http://code.openbravo.com/erp/devel/pi/rev/c70b711ebf99bbf7f7e0842566299d7145156ada [^]
2009-09-11 20:25 hudsonbot Checkin
2009-09-11 20:25 hudsonbot Note Added: 0019819
2009-09-11 20:31 hudsonbot Checkin
2009-09-11 20:31 hudsonbot Note Added: 0019820
2009-09-11 20:50 hudsonbot Checkin
2009-09-11 20:50 hudsonbot Note Added: 0019821
2009-09-11 20:51 hudsonbot Checkin
2009-09-11 20:51 hudsonbot Note Added: 0019822
2009-09-11 21:00 hudsonbot Checkin
2009-09-11 21:00 hudsonbot Note Added: 0019823
2009-09-11 21:17 hudsonbot Checkin
2009-09-11 21:17 hudsonbot Note Added: 0019832
2009-09-11 21:24 hudsonbot Checkin
2009-09-11 21:24 hudsonbot Note Added: 0019833
2009-09-11 23:15 hudsonbot Checkin
2009-09-11 23:15 hudsonbot Note Added: 0019848
2009-09-12 09:53 hudsonbot Checkin
2009-09-12 09:53 hudsonbot Note Added: 0019852
2009-09-12 21:17 hudsonbot Checkin
2009-09-12 21:17 hudsonbot Note Added: 0019861
2009-09-13 09:54 hudsonbot Checkin
2009-09-13 09:54 hudsonbot Note Added: 0019862
2009-09-13 11:22 hudsonbot Checkin
2009-09-13 11:22 hudsonbot Note Added: 0019863
2009-09-13 21:17 hudsonbot Checkin
2009-09-13 21:17 hudsonbot Note Added: 0019874
2009-09-14 10:39 hudsonbot Checkin
2009-09-14 10:39 hudsonbot Note Added: 0019880
2009-09-14 11:51 hudsonbot Checkin
2009-09-14 11:51 hudsonbot Note Added: 0019897
2009-09-14 14:54 hudsonbot Checkin
2009-09-14 14:54 hudsonbot Note Added: 0019911
2009-09-14 16:54 hudsonbot Checkin
2009-09-14 16:54 hudsonbot Note Added: 0019914
2009-09-14 18:37 hudsonbot Checkin
2009-09-14 18:37 hudsonbot Note Added: 0019922
2009-09-14 19:57 hudsonbot Checkin
2009-09-14 19:57 hudsonbot Note Added: 0019947
2009-09-14 21:07 hudsonbot Checkin
2009-09-14 21:07 hudsonbot Note Added: 0019971
2009-09-14 21:17 hudsonbot Checkin
2009-09-14 21:17 hudsonbot Note Added: 0019979
2009-09-14 23:15 hudsonbot Checkin
2009-09-14 23:15 hudsonbot Note Added: 0020001
2009-09-15 01:09 hudsonbot Checkin
2009-09-15 01:09 hudsonbot Note Added: 0020013
2009-09-15 12:12 hudsonbot Checkin
2009-09-15 12:12 hudsonbot Note Added: 0020049
2009-09-15 12:35 hudsonbot Checkin
2009-09-15 12:35 hudsonbot Note Added: 0020062
2009-09-18 11:35 sureshbabu Status resolved => closed
2009-09-18 11:35 sureshbabu Note Added: 0020191
2009-09-18 11:35 sureshbabu Fixed in Version => 2.50MP6
2009-09-18 12:38 psarobe Note Added: 0020196
2009-09-29 14:11 hgbot Checkin
2009-09-29 14:11 hgbot Note Added: 0020458
2009-09-29 14:11 hgbot Status closed => resolved
2009-09-29 14:11 hgbot Fixed in SCM revision http://code.openbravo.com/erp/devel/pi/rev/c70b711ebf99bbf7f7e0842566299d7145156ada [^] => http://code.openbravo.com/erp/devel/pi-pageddatagrid/rev/c70b711ebf99bbf7f7e0842566299d7145156ada [^]
2009-10-06 11:16 psarobe Status resolved => closed
2009-10-06 11:16 psarobe Note Added: 0020747


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker