Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0033053 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| backport | [Openbravo ERP] Z. Others | major | always | 2016-05-25 11:04 | 2016-05-30 21:23 | |||
| Reporter | maite | View Status | public | |||||
| Assigned To | markmm82 | |||||||
| Priority | immediate | Resolution | fixed | Fixed in Version | 3.0PR16Q2 | |||
| Status | closed | Fix in branch | Fixed in SCM revision | 2c5ee42cc258 | ||||
| Projection | none | ETA | none | Target Version | 3.0PR16Q2 | |||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | SCM revision | |||||||
| Review Assigned To | aferraz | |||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Regression level | ||||||||
| Regression date | ||||||||
| Regression introduced in release | ||||||||
| Regression introduced by commit | ||||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0033053: Permissions problem after process payment: role defined for an specific org (norte) is able to see data from sister orgs (sur) | |||||||
| Description | Problem is caused by resolution of issue: https://issues.openbravo.com/view.php?id=28931, [^] which also needs to be reviewed as error "Organization B843C30461EA4501935CB1D125C9C25A of object (ADSequence(0BC1D46D77844119AAAC72636119BF43) (name: AR Receipt)) is not present in OrganizationList " is obtained when trying to create payment fro "Add payment from invoice" process | |||||||
| Steps To Reproduce | 1. Access Role window, search "F&B España, S.A - Finance" role and DELETE permissions to "F&B España, S.A" and "F&B España - Región Sur" in Org Access. So role only has access to "F&B España - Región Norte" organization 2. Logout and login again using "F&B España, S.A - Finance" role 3. Access Payment IN window and realize that only records from "F&B España - Región Norte" organization and "F&B España, S.A" (read only) are shown 4. Create new Payment In record, run "Add Payment" process, select any invoice and process 5. Realize that also records from "F&B España - Región Sur" are shown in grid, which is wrong | |||||||
| Tags | No tags attached. | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
||||||||
|
||||||||
 Relationships |
|
Notes |
|
|
(0086829) hgbot (developer) 2016-05-30 21:21 |
Repository: erp/backports/3.0PR16Q2 Changeset: 2c5ee42cc25845403e5df69e8ac274799d923d71 Author: Mark <markmm82 <at> gmail.com> Date: Fri May 27 12:53:49 2016 -0400 URL: http://code.openbravo.com/erp/backports/3.0PR16Q2/rev/2c5ee42cc25845403e5df69e8ac274799d923d71 [^] Fixed issue 33053: Permissions problems after process payment solved. Role defined for an specific org is not able to see data from sister orgs. Regression was introduced by the commit associated to issue 28931: http://code.openbravo.com/erp/devel/pi/rev/78fd9bade67beea0399977fcdc05fd267c4af8c4 [^] Changes were rolled back. Also this patch includes fix for the issue 28931, avoiding to remove from the Writable Organizations List of the OBContext object, the Organization of the sequence of the payment's document type, if this organization is already in the list of accesible organizations of the current logged role. --- M modules/org.openbravo.advpaymentmngt/src/org/openbravo/advpaymentmngt/actionHandler/AddPaymentActionHandler.java M modules/org.openbravo.advpaymentmngt/src/org/openbravo/advpaymentmngt/dao/AdvPaymentMngtDao.java --- |
|
(0086830) hgbot (developer) 2016-05-30 21:21 |
Repository: erp/backports/3.0PR16Q2 Changeset: 4f8e8fd51a6892566ebfbcb32ca60b74f23a2909 Author: Alvaro Ferraz <alvaro.ferraz <at> openbravo.com> Date: Mon May 30 18:33:13 2016 +0200 URL: http://code.openbravo.com/erp/backports/3.0PR16Q2/rev/4f8e8fd51a6892566ebfbcb32ca60b74f23a2909 [^] Related to issue 33053: Code review improvements --- M modules/org.openbravo.advpaymentmngt/src/org/openbravo/advpaymentmngt/actionHandler/AddPaymentActionHandler.java --- |
|
(0086837) aferraz (manager) 2016-05-30 21:23 |
Code review + Testing OK |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2016-05-25 19:44 | markmm82 | Type | defect => backport |
| 2016-05-25 19:44 | markmm82 | Target Version | => 3.0PR16Q2 |
| 2016-05-30 21:21 | hgbot | Checkin | |
| 2016-05-30 21:21 | hgbot | Note Added: 0086829 | |
| 2016-05-30 21:21 | hgbot | Status | scheduled => resolved |
| 2016-05-30 21:21 | hgbot | Resolution | open => fixed |
| 2016-05-30 21:21 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/backports/3.0PR16Q2/rev/2c5ee42cc25845403e5df69e8ac274799d923d71 [^] |
| 2016-05-30 21:21 | hgbot | Checkin | |
| 2016-05-30 21:21 | hgbot | Note Added: 0086830 | |
| 2016-05-30 21:23 | aferraz | Assigned To | markmm82 => aferraz |
| 2016-05-30 21:23 | aferraz | Assigned To | aferraz => markmm82 |
| 2016-05-30 21:23 | aferraz | Review Assigned To | => aferraz |
| 2016-05-30 21:23 | aferraz | Note Added: 0086837 | |
| 2016-05-30 21:23 | aferraz | Status | resolved => closed |
| 2016-05-30 21:23 | aferraz | Fixed in Version | => 3.0PR16Q2 |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |