Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0040888
TypeCategorySeverityReproducibilityDate SubmittedLast Update
backport[Openbravo ERP] A. Platformmajorhave not tried2019-05-16 11:272019-05-17 09:53
ReporteralostaleView Statuspublic 
Assigned Toalostale 
PriorityimmediateResolutionfixedFixed in Version3.0PR19Q3
StatusclosedFix in branchFixed in SCM revisioned8cbe75deae
ProjectionnoneETAnoneTarget Version3.0PR19Q1.2
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Merge Request Status
Review Assigned Tocaristu
OBNetwork customerNo
Web browser
ModulesCore
Support ticket
Regression levelProduction - Confirmed Stable
Regression date2017-01-30
Regression introduced in release3.0PR17Q2
Regression introduced by commithttps://code.openbravo.com/erp/devel/pi/rev/15f5de36349f [^]
Triggers an Emergency PackNo
Summary

0040888: incorrect audit trail for DAL WebServices

DescriptionData changes performed by DAL WebServices are incorrectly audited.

User and process is set randomly. As these requests are not updating ad_context_info table, in case it was previously set within the same database connection that has now been retrieved from the connection pool, it will be reused.
Steps To Reproduce1. Log in as System Administrator
2. Open Tables and Columns window
3. Select C_City table and set it to fully audited
4. Rebuild and restart Tomcat
5. Execute WSUpdateTest (which creates entries in C_City)
6. Query ad_audit_trail
   -> Check that entries for c_city have random user + process

TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
blocks defect 0040886 closedalostale incorrect audit trail for DAL WebServices 

-  Notes
(0111715)
hgbot (developer)
2019-05-16 12:23

 Repository: erp/backports/3.0PR19Q1.2
Changeset: ed8cbe75deaec6c2ed11687fcbdf8498e10cdb2d
Author: Asier Lostalé <asier.lostale <at> openbravo.com>
Date: Thu May 16 12:11:51 2019 +0200
URL: http://code.openbravo.com/erp/backports/3.0PR19Q1.2/rev/ed8cbe75deaec6c2ed11687fcbdf8498e10cdb2d [^]

fixed bug 40888: incorrect audit trail for DAL WebServices

  DAL WebServices were incorrectly audited because ad_context_info was not set as
  it was disabled for the thread during login and they are executed in the same
  thread.

  This fix consists in:
    1. Now after login completion, thread is reset to allow auditing of actions
       occurred afterward.
    2. Correct user id and new WebService process type is set to be audited. Note
       this didn't occur even before the regression was introduced, reulting in
       records in ad_audit_trail without user or process information.

---
M src-db/database/sourcedata/AD_REF_LIST.xml
M src/org/openbravo/erpCommon/security/SessionLogin.java
M src/org/openbravo/service/web/BaseWebServiceServlet.java
---
(0111764)
caristu (viewer)
2019-05-17 09:53

 Reviewed + tested

- Issue History
Date Modified Username Field Change
2019-05-16 11:30 alostale Type defect => backport
2019-05-16 11:30 alostale Target Version => 3.0PR19Q1.2
2019-05-16 12:23 hgbot Checkin
2019-05-16 12:23 hgbot Note Added: 0111715
2019-05-16 12:23 hgbot Status scheduled => resolved
2019-05-16 12:23 hgbot Resolution open => fixed
2019-05-16 12:23 hgbot Fixed in SCM revision => http://code.openbravo.com/erp/backports/3.0PR19Q1.2/rev/ed8cbe75deaec6c2ed11687fcbdf8498e10cdb2d [^]
2019-05-17 09:53 caristu Note Added: 0111764
2019-05-17 09:53 caristu Status resolved => closed
2019-05-17 09:53 caristu Fixed in Version => 3.0PR19Q3

Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker