Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0033194 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| defect | [Openbravo ERP] A. Platform | major | always | 2016-06-08 14:43 | 2016-06-17 19:38 | |||
| Reporter | aferraz | View Status | public | |||||
| Assigned To | alostale | |||||||
| Priority | urgent | Resolution | fixed | Fixed in Version | 3.0PR16Q3 | |||
| Status | closed | Fix in branch | Fixed in SCM revision | 7c7933ca1dca | ||||
| Projection | none | ETA | none | Target Version | 3.0PR16Q3 | |||
| OS | Linux 64 bit | Database | PostgreSQL | Java version | 1.6.0_18 | |||
| OS Version | Professional Appliance | Database version | 8.3.9 | Ant version | 1.7.1 | |||
| Product Version | SCM revision | |||||||
| Review Assigned To | inigosanchez | |||||||
| Web browser | ||||||||
| Modules | Core | |||||||
| Regression level | Pre packaging ( pi ) | |||||||
| Regression date | 2016-04-22 | |||||||
| Regression introduced in release | pi | |||||||
| Regression introduced by commit | https://code.openbravo.com/erp/devel/pi/rev/daf66237fa614b8fd8e72b08b17bcd893ed5e264 [^] | |||||||
| Triggers an Emergency Pack | No | |||||||
| Summary | 0033194: Access not granted to Multi Selector Entity | |||||||
| Description | Access not granted to Multi Selector Entity | |||||||
| Steps To Reproduce | As System Admin: - Create a new Reference child of OBUISEL_Multi Selector Reference reference. - Add a defined selector with ADTablePostV table. - Create a new Process Definition. - Add a parameter with created reference. As F&B Admin: - Access to created process definition - Open the multi selector - Realize the following error is shown: Entity ADTablePostV is not accessible by this role/user: F&B International Group Admin/Openbravo | |||||||
| Proposed Solution | Attached possible solution | |||||||
| Tags | No tags attached. | |||||||
| Attached Files |  33194.diff [^] (1,730 bytes) 2016-06-08 14:46 [Show Content]
| |||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
|||||||||||||||
|
|||||||||||||||
 Relationships |
|
Notes |
|
|
(0087110) hgbot (developer) 2016-06-09 10:29 |
Repository: erp/devel/pi Changeset: 7c7933ca1dca65cc09c5f9c790b78c45484d286f Author: Asier Lostalé <asier.lostale <at> openbravo.com> Date: Thu Jun 09 10:27:43 2016 +0200 URL: http://code.openbravo.com/erp/devel/pi/rev/7c7933ca1dca65cc09c5f9c790b78c45484d286f [^] fixed bug 33194: Access not granted to Multiple Selector When a mulitple selector was added to a proccess definition, access to its enttity was not automatically granted, causing potential data request denial. Now multiple selector reference is taken into account to grant privileges when included in a process definition. --- M src/org/openbravo/dal/security/EntityAccessChecker.java --- |
|
(0087152) inigosanchez (developer) 2016-06-10 12:44 |
Code reviewed in pi@f517e8c6bf44 |
|
(0087598) hudsonbot (developer) 2016-06-17 19:38 |
A changeset related to this issue has been promoted main and to the Central Repository, after passing a series of tests. Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/0dc7be081b1c [^] Maturity status: Test |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2016-06-08 14:43 | aferraz | New Issue | |
| 2016-06-08 14:43 | aferraz | Assigned To | => platform |
| 2016-06-08 14:43 | aferraz | Modules | => Core |
| 2016-06-08 14:43 | aferraz | Triggers an Emergency Pack | => No |
| 2016-06-08 14:44 | aferraz | Resolution time | => 1465509600 |
| 2016-06-08 14:44 | aferraz | Relationship added | blocks 0033063 |
| 2016-06-08 14:46 | aferraz | Proposed Solution updated | |
| 2016-06-08 14:46 | aferraz | File Added: 33194.diff | |
| 2016-06-09 10:17 | alostale | Relationship added | related to 0032728 |
| 2016-06-09 10:22 | alostale | Assigned To | platform => alostale |
| 2016-06-09 10:23 | alostale | Review Assigned To | => inigosanchez |
| 2016-06-09 10:25 | alostale | Regression level | => Pre packaging ( pi ) |
| 2016-06-09 10:25 | alostale | Regression date | => 2016-04-22 |
| 2016-06-09 10:25 | alostale | Regression introduced in release | => pi |
| 2016-06-09 10:25 | alostale | Regression introduced by commit | => https://code.openbravo.com/erp/devel/pi/rev/daf66237fa614b8fd8e72b08b17bcd893ed5e264 [^] |
| 2016-06-09 10:25 | alostale | Relationship replaced | caused by 0032728 |
| 2016-06-09 10:29 | hgbot | Checkin | |
| 2016-06-09 10:29 | hgbot | Note Added: 0087110 | |
| 2016-06-09 10:29 | hgbot | Status | new => resolved |
| 2016-06-09 10:29 | hgbot | Resolution | open => fixed |
| 2016-06-09 10:29 | hgbot | Fixed in SCM revision | => http://code.openbravo.com/erp/devel/pi/rev/7c7933ca1dca65cc09c5f9c790b78c45484d286f [^] |
| 2016-06-10 12:44 | inigosanchez | Note Added: 0087152 | |
| 2016-06-10 12:44 | inigosanchez | Status | resolved => closed |
| 2016-06-10 12:44 | inigosanchez | Fixed in Version | => 3.0PR16Q3 |
| 2016-06-17 19:38 | hudsonbot | Checkin | |
| 2016-06-17 19:38 | hudsonbot | Note Added: 0087598 | |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |