Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0040886
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Openbravo ERP] A. Platformmajorhave not tried2019-05-16 11:272019-05-21 15:17
ReporteralostaleView Statuspublic 
Assigned Toalostale 
PriorityimmediateResolutionfixedFixed in Version3.0PR19Q3
StatusclosedFix in branchFixed in SCM revision2e0c74eeeea1
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned Tocaristu
Web browser
ModulesCore
Regression levelProduction - Confirmed Stable
Regression date2017-01-30
Regression introduced in release3.0PR17Q2
Regression introduced by commithttps://code.openbravo.com/erp/devel/pi/rev/15f5de36349f [^]
Triggers an Emergency PackNo
Summary

0040886: incorrect audit trail for DAL WebServices

DescriptionData changes performed by DAL WebServices are incorrectly audited.

User and process is set randomly. As these requests are not updating ad_context_info table, in case it was previously set within the same database connection that has now been retrieved from the connection pool, it will be reused.
Steps To Reproduce1. Log in as System Administrator
2. Open Tables and Columns window
3. Select C_City table and set it to fully audited
4. Rebuild and restart Tomcat
5. Execute WSUpdateTest (which creates entries in C_City)
6. Query ad_audit_trail
   -> Check that entries for c_city have random user + process

TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
depends on backport 00408873.0PR19Q2.1 closedalostale incorrect audit trail for DAL WebServices 
depends on backport 00408883.0PR19Q1.2 closedalostale incorrect audit trail for DAL WebServices 
caused by design defect 0035007 closedalostale audit trail causes excessive overhead 

-  Notes
(0111714)
hgbot (developer)
2019-05-16 12:12

Repository: erp/devel/pi
Changeset: 2e0c74eeeea1093196680dbdaf8d676cce60bda3
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Thu May 16 12:11:51 2019 +0200
URL: http://code.openbravo.com/erp/devel/pi/rev/2e0c74eeeea1093196680dbdaf8d676cce60bda3 [^]

fixed bug 40886: incorrect audit trail for DAL WebServices

  DAL WebServices were incorrectly audited because ad_context_info was not set as
  it was disabled for the thread during login and they are executed in the same
  thread.

  This fix consists in:
    1. Now after login completion, thread is reset to allow auditing of actions
       occurred afterward.
    2. Correct user id and new WebService process type is set to be audited. Note
       this didn't occur even before the regression was introduced, reulting in
       records in ad_audit_trail without user or process information.

---
M src-db/database/sourcedata/AD_REF_LIST.xml
M src/org/openbravo/erpCommon/security/SessionLogin.java
M src/org/openbravo/service/web/BaseWebServiceServlet.java
---
(0111765)
caristu (developer)
2019-05-17 09:53

Reviewed + tested
(0112032)
hudsonbot (developer)
2019-05-21 15:17

A changeset related to this issue has been promoted main and to the
Central Repository, after passing a series of tests.

Promotion changeset: https://code.openbravo.com/erp/devel/main/rev/9b8f37d9d85e [^]
Maturity status: Test

- Issue History
Date Modified Username Field Change
2019-05-16 11:27 alostale New Issue
2019-05-16 11:27 alostale Assigned To => platform
2019-05-16 11:27 alostale Modules => Core
2019-05-16 11:27 alostale Triggers an Emergency Pack => No
2019-05-16 11:29 alostale Review Assigned To => caristu
2019-05-16 11:29 alostale Regression level => Production - Confirmed Stable
2019-05-16 11:29 alostale Regression date => 2017-01-30
2019-05-16 11:29 alostale Regression introduced in release => 3.0PR17Q2
2019-05-16 11:29 alostale Regression introduced by commit => https://code.openbravo.com/erp/devel/pi/rev/15f5de36349f [^]
2019-05-16 11:29 alostale Assigned To platform => alostale
2019-05-16 11:29 alostale Priority normal => immediate
2019-05-16 11:30 alostale Status new => scheduled
2019-05-16 12:04 alostale Relationship added caused by 0035007
2019-05-16 12:12 hgbot Checkin
2019-05-16 12:12 hgbot Note Added: 0111714
2019-05-16 12:12 hgbot Status scheduled => resolved
2019-05-16 12:12 hgbot Resolution open => fixed
2019-05-16 12:12 hgbot Fixed in SCM revision => http://code.openbravo.com/erp/devel/pi/rev/2e0c74eeeea1093196680dbdaf8d676cce60bda3 [^]
2019-05-17 09:53 caristu Note Added: 0111765
2019-05-17 09:53 caristu Status resolved => closed
2019-05-17 09:53 caristu Fixed in Version => 3.0PR19Q3
2019-05-21 15:17 hudsonbot Checkin
2019-05-21 15:17 hudsonbot Note Added: 0112032


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker