Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0033043
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Openbravo ERP] Z. Othersmajoralways2016-05-25 11:042018-02-22 17:21
ReportermaiteView Statuspublic 
Assigned Tomarkmm82 
PriorityimmediateResolutionfixedFixed in Version3.0PR16Q3
StatusclosedFix in branchFixed in SCM revision008b04a52b68
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned Toaferraz
Web browser
ModulesCore
Regression levelProduction - Confirmed Stable
Regression date2015-04-15
Regression introduced in release3.0PR15Q3
Regression introduced by commithttps://code.openbravo.com/erp/devel/pi/rev/78fd9bade67b [^]
Triggers an Emergency PackNo
Summary

0033043: Permissions problem after process payment: role defined for an specific org (norte) is able to see data from sister orgs (sur)

DescriptionProblem is caused by resolution of issue: https://issues.openbravo.com/view.php?id=28931, [^] which also needs to be reviewed as error "Organization B843C30461EA4501935CB1D125C9C25A of object (ADSequence(0BC1D46D77844119AAAC72636119BF43) (name: AR Receipt)) is not present in OrganizationList " is obtained when trying to create payment fro "Add payment from invoice" process
Steps To Reproduce1. Access Role window, search "F&B España, S.A - Finance" role and DELETE permissions to "F&B España, S.A" and "F&B España - Región Sur" in Org Access. So role only has access to "F&B España - Región Norte" organization
2. Logout and login again using "F&B España, S.A - Finance" role
3. Access Payment IN window and realize that only records from "F&B España - Región Norte" organization and "F&B España, S.A" (read only) are shown
4. Create new Payment In record, run "Add Payment" process, select any invoice and process
5. Realize that also records from "F&B España - Región Sur" are shown in grid, which is wrong

TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
depends on backport 00330533.0PR16Q2 closedmarkmm82 Permissions problem after process payment: role defined for an specific org (norte) is able to see data from sister orgs (sur) 
depends on backport 00330543.0PR16Q1.3 closedmarkmm82 Permissions problem after process payment: role defined for an specific org (norte) is able to see data from sister orgs (sur) 
depends on backport 00330553.0PR15Q4.7 closedmarkmm82 Permissions problem after process payment: role defined for an specific org (norte) is able to see data from sister orgs (sur) 
caused by defect 0028931 closedAtulOpenbravo Cannot add a payment from an invoice if the role does not have access to the organization of the document sequence 

-  Notes
(0086788)
markmm82 (developer)
2016-05-27 14:35

Test Plan 1:
1. Access Role window, search "F&B España, S.A - Finance" role and DELETE permissions to "F&B España, S.A" and "F&B España - Región Sur" in Org Access. So role only has access to "F&B España - Región Norte" organization
2. Logout and login again using "F&B España, S.A - Finance" role
3. Access Payment IN window and realize that only records from "F&B España - Región Norte" organization and "F&B España, S.A" (read only) are shown
4. Create new Payment In record, run "Add Payment" process, select any invoice and process
5. Realize that only records from "F&B España - Región Norte" are shown in grid, which is correct.

Test Plan 2 (Test for 28931)
Repeat steps 1 and 2.
3. Create a Sales Invoice and complete it
4. Click on Add Payment button
5. Check the payment is created correctly
6. Realize that only records from "F&B España - Región Norte" are shown in grid, which is correct.
(0086825)
hgbot (developer)
2016-05-30 20:21

Repository: erp/devel/pi
Changeset: 008b04a52b68e233ec58cd0440b951b1bb962205
Author: Mark <markmm82 <at> gmail.com>
Date: Fri May 27 12:53:49 2016 -0400
URL: http://code.openbravo.com/erp/devel/pi/rev/008b04a52b68e233ec58cd0440b951b1bb962205 [^]

Fixes issue 33043: Permissions problems after process payment solved

Role defined for an specific org is not able to see data from sister orgs.

Regression was introduced by the commit associated to issue 28931:
http://code.openbravo.com/erp/devel/pi/rev/78fd9bade67beea0399977fcdc05fd267c4af8c4 [^]

Changes were rolled back.
Also this patch includes fix for the issue 28931, avoiding to remove from the Writable Organizations List of the OBContext object, the Organization of the sequence of the payment's document type, if this organization is already in the list of accesible organizations of the current logged role.

---
M modules/org.openbravo.advpaymentmngt/src/org/openbravo/advpaymentmngt/actionHandler/AddPaymentActionHandler.java
M modules/org.openbravo.advpaymentmngt/src/org/openbravo/advpaymentmngt/dao/AdvPaymentMngtDao.java
---
(0086826)
hgbot (developer)
2016-05-30 20:21

Repository: erp/devel/pi
Changeset: e9d2e5b6cc634e127039725ff03e1b79d022c024
Author: Alvaro Ferraz <alvaro.ferraz <at> openbravo.com>
Date: Mon May 30 18:33:13 2016 +0200
URL: http://code.openbravo.com/erp/devel/pi/rev/e9d2e5b6cc634e127039725ff03e1b79d022c024 [^]

Related to issue 33043: Code review improvements

---
M modules/org.openbravo.advpaymentmngt/src/org/openbravo/advpaymentmngt/actionHandler/AddPaymentActionHandler.java
---
(0086827)
aferraz (manager)
2016-05-30 20:25

Code review + Testing OK
(0087574)
hudsonbot (developer)
2016-06-17 19:37

A changeset related to this issue has been promoted main and to the
Central Repository, after passing a series of tests.

Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/0dc7be081b1c [^]
Maturity status: Test
(0087577)
hudsonbot (developer)
2016-06-17 19:37

A changeset related to this issue has been promoted main and to the
Central Repository, after passing a series of tests.

Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/0dc7be081b1c [^]
Maturity status: Test
(0090175)
nonofrancisco (developer)
2016-09-22 17:19

Test Cases in TestLink

URL: https://testlink.openbravo.com/testlink/linkto.php?tprojectPrefix=Communit&item=testcase&id=Communit-10195 [^]
URL: https://testlink.openbravo.com/testlink/linkto.php?tprojectPrefix=Communit&item=testcase&id=Communit-10196 [^]
(0102607)
hgbot (developer)
2018-02-22 17:21

Repository: tools/automation/int
Changeset: 573001cc802b2739f7269ba05d68d795772a3fc4
Author: Nono Carballo <nonofce <at> gmail.com>
Date: Thu Oct 20 11:21:31 2016 -0400
URL: http://code.openbravo.com/tools/automation/int/rev/573001cc802b2739f7269ba05d68d795772a3fc4 [^]

Related to issue 33043: Added some automated tests

---
M src-test/com/openbravo/test/integration/erp/modules/functionalteam/procurement/testsuites/PRO_Regressions/PRO_RegressionSuite.java
M src-test/com/openbravo/test/integration/erp/modules/functionalteam/procurement/testsuites/PRO_Regressions/build.xml
M src-test/com/openbravo/test/integration/erp/modules/functionalteam/sales/testsuites/SAL_Regressions/SAL_RegressionSuite.java
M src-test/com/openbravo/test/integration/erp/modules/functionalteam/sales/testsuites/SAL_Regressions/build.xml
A src-test/com/openbravo/test/integration/erp/modules/functionalteam/procurement/testsuites/PRO_Regressions/PRORegression33043.java
A src-test/com/openbravo/test/integration/erp/modules/functionalteam/sales/testsuites/SAL_Regressions/SALRegression33043.java
---
(0102608)
hgbot (developer)
2018-02-22 17:21

Repository: tools/automation/int
Changeset: e2ece0f18e20b238c6fe846dfbfe3db70a75597c
Author: Armaignac <collazoandy4 <at> gmail.com>
Date: Fri Aug 04 11:34:16 2017 -0400
URL: http://code.openbravo.com/tools/automation/int/rev/e2ece0f18e20b238c6fe846dfbfe3db70a75597c [^]

Related to issue 33043: Fix Paymen In Add details empty grid list

An empty payment in grid list was shown in add details button causing the test
to fail

An Sales Invoices is created in the test to check the grid access to other
organization

---
M src-test/com/openbravo/test/integration/erp/modules/functionalteam/sales/testsuites/SAL_Regressions/SALRegression33043.java
---

- Issue History
Date Modified Username Field Change
2016-05-25 11:04 maite New Issue
2016-05-25 11:04 maite Assigned To => Triage Finance
2016-05-25 11:04 maite Modules => Core
2016-05-25 11:04 maite Triggers an Emergency Pack => No
2016-05-25 11:05 maite Resolution time => 1464300000
2016-05-25 11:06 maite Issue Monitored: networkb
2016-05-25 12:19 jfrances Issue Monitored: jfrances
2016-05-25 17:19 aferraz Assigned To Triage Finance => markmm82
2016-05-25 17:23 aferraz Relationship added caused by 0028931
2016-05-25 17:25 ngarcia Issue Monitored: ngarcia
2016-05-25 17:51 markmm82 Status new => acknowledged
2016-05-25 19:44 markmm82 Status acknowledged => scheduled
2016-05-25 19:50 markmm82 Regression level => Coding ( Testing )
2016-05-25 19:50 markmm82 Regression date => 2015-04-15
2016-05-25 19:50 markmm82 Regression introduced in release => 3.0PR15Q3
2016-05-25 19:50 markmm82 Regression introduced by commit => http://code.openbravo.com/erp/devel/pi/rev/78fd9bade67beea0399977fcdc05fd267c4af8c4 [^]
2016-05-26 09:29 aferraz Regression level Coding ( Testing ) => Production - Confirmed Stable
2016-05-26 09:29 aferraz Regression introduced by commit http://code.openbravo.com/erp/devel/pi/rev/78fd9bade67beea0399977fcdc05fd267c4af8c4 [^] => https://code.openbravo.com/erp/devel/pi/rev/78fd9bade67b [^]
2016-05-26 19:18 egoitz Issue Monitored: egoitz
2016-05-27 14:35 markmm82 Note Added: 0086788
2016-05-30 20:21 hgbot Checkin
2016-05-30 20:21 hgbot Note Added: 0086825
2016-05-30 20:21 hgbot Status scheduled => resolved
2016-05-30 20:21 hgbot Resolution open => fixed
2016-05-30 20:21 hgbot Fixed in SCM revision => http://code.openbravo.com/erp/devel/pi/rev/008b04a52b68e233ec58cd0440b951b1bb962205 [^]
2016-05-30 20:21 hgbot Checkin
2016-05-30 20:21 hgbot Note Added: 0086826
2016-05-30 20:25 aferraz Review Assigned To => aferraz
2016-05-30 20:25 aferraz Note Added: 0086827
2016-05-30 20:25 aferraz Status resolved => closed
2016-05-30 20:25 aferraz Fixed in Version => 3.0PR16Q3
2016-06-17 19:37 hudsonbot Checkin
2016-06-17 19:37 hudsonbot Note Added: 0087574
2016-06-17 19:37 hudsonbot Checkin
2016-06-17 19:37 hudsonbot Note Added: 0087577
2016-09-22 17:19 nonofrancisco Note Added: 0090175
2018-02-22 17:21 hgbot Checkin
2018-02-22 17:21 hgbot Note Added: 0102607
2018-02-22 17:21 hgbot Checkin
2018-02-22 17:21 hgbot Note Added: 0102608


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker