Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0043954
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Retail Modules] Web POSmajoralways2020-05-06 09:132020-06-01 14:18
ReportergorkaionView Statuspublic 
Assigned Toranjith_qualiantech_com 
PriorityhighResolutionfixedFixed in Version
StatusresolvedFix in branchFixed in SCM revisionf2ec12ca2abe
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned To
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0043954: ExternalOrderLoader wrong error management when user calling the EOL does not have access to Web POS form

DescriptionThe ExternalOrderLoader (EOL) when loading the POS Terminal provided in the json it tries to set up the OBContext based on it. To do so it tries to search a Role assigned to the user that is execuing the EOL that has access to that POS Terminal.

When the user does not have any role matching that condition. For example it only has the Admin role with the Web POS Form access removed. In this case no role is found and a NPE is thrown. This exception is caught in the importOrder() method but no message or trace in the log is left making very difficult the analysis to understand why has failed the EOL process.

We request 2 fixes to be made in the EOL process:

1. In case that no role is found a OBException with a descriptive message should be thrown instead of a NPE.
2. The importOrder method when it catches an unexpected exception it should leave a message in the log with the error.
Steps To Reproduce1. Remove the access to the "Web POS" form to the Openbravo Admin role.
2. Create a user that only has access to that role or revoke any other role access to an existing user.
3. Call the EOL WebService using that user credentials.
4. Check that:
- result -1 is returned but no message.
- no error logs can be found in openbravo.log
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]

-  Notes
(0120071)
hgbot (developer)
2020-05-20 03:08

Repository: erp/pmods/org.openbravo.retail.posterminal
Changeset: f2ec12ca2abebfd896125b25bcbcbc05ee3c2997
Author: Ranjith S R <ranjith <at> qualiantech.com>
Date: Wed May 20 06:38:17 2020 +0530
URL: http://code.openbravo.com/erp/pmods/org.openbravo.retail.posterminal/rev/f2ec12ca2abebfd896125b25bcbcbc05ee3c2997 [^]

Fixed issue-43954 : Exception should be thrown if role not found for Webservice

* Updated getNearestRole Query by removing the webpos form validation for WebService

---
M src/org/openbravo/retail/posterminal/ExternalOrderLoader.java
M src/org/openbravo/retail/posterminal/POSLoginHandler.java
---
(0120326)
marvintm (developer)
2020-05-27 09:10

The fix is not what we want here. Conceptually, the ExternalOrderLoader should not require form access in the role used, as the context simply should be set to a role that supports webservices.

So, instead of the current fix, the "bypassSecurity" method should be overridden in the ExternalOrderLoader class.

It is also important to check that the ExternalOrderLoader is correctly requiring a role that has webservices access.
(0120344)
hgbot (developer)
2020-05-27 11:07

Repository: erp/pmods/org.openbravo.retail.posterminal
Changeset: d34892801860e3d17979bb9d2246f65a0cc4b1a7
Author: Ranjith S R <ranjith <at> qualiantech.com>
Date: Wed May 27 12:51:24 2020 +0530
URL: http://code.openbravo.com/erp/pmods/org.openbravo.retail.posterminal/rev/d34892801860e3d17979bb9d2246f65a0cc4b1a7 [^]

Related to issue-43954 : Backed out changeset: f2ec12ca2abe

---
M src/org/openbravo/retail/posterminal/ExternalOrderLoader.java
M src/org/openbravo/retail/posterminal/POSLoginHandler.java
---
(0120477)
hgbot (developer)
2020-05-31 08:07

Repository: erp/pmods/org.openbravo.retail.posterminal
Changeset: 27671f3f91bb465c01d603f1f4f10bd22c8372bf
Author: Ranjith S R <ranjith <at> qualiantech.com>
Date: Sun May 31 11:37:08 2020 +0530
URL: http://code.openbravo.com/erp/pmods/org.openbravo.retail.posterminal/rev/27671f3f91bb465c01d603f1f4f10bd22c8372bf [^]

Related to issue-43954 : Added validation to check Webservice is enabled for User Role

* Context role should be used instead of User's Nearest Role

---
M src/org/openbravo/retail/posterminal/ExternalOrderLoader.java
---
(0120493)
hgbot (developer)
2020-06-01 14:18

Repository: erp/pmods/org.openbravo.service.integration.magento.mappings
Changeset: 9fdff601f6f2b959109c97a4acb85bd400c3f66b
Author: Ranjith S R <ranjith <at> qualiantech.com>
Date: Mon Jun 01 17:48:21 2020 +0530
URL: http://code.openbravo.com/erp/pmods/org.openbravo.service.integration.magento.mappings/rev/9fdff601f6f2b959109c97a4acb85bd400c3f66b [^]

Related to issue-43954: Enabled Webservice for Role in junit tests

* Formatted Eclipse Java Eclipse code

---
M src-test/org/openbravo/service/integration/magento/mappings/inbound/MagentoImportBaseTest.java
M src-test/org/openbravo/service/integration/magento/mappings/inbound/orders/MagentoImportOrderEntityTest.java
---

- Issue History
Date Modified Username Field Change
2020-05-06 09:13 gorkaion New Issue
2020-05-06 09:13 gorkaion Assigned To => Retail
2020-05-06 09:13 gorkaion Triggers an Emergency Pack => No
2020-05-11 11:09 maite Issue Monitored: maite
2020-05-14 14:35 ranjith_qualiantech_com Assigned To Retail => ranjith_qualiantech_com
2020-05-19 12:41 ranjith_qualiantech_com Status new => scheduled
2020-05-20 03:08 hgbot Checkin
2020-05-20 03:08 hgbot Note Added: 0120071
2020-05-20 03:08 hgbot Status scheduled => resolved
2020-05-20 03:08 hgbot Resolution open => fixed
2020-05-20 03:08 hgbot Fixed in SCM revision => http://code.openbravo.com/erp/pmods/org.openbravo.retail.posterminal/rev/f2ec12ca2abebfd896125b25bcbcbc05ee3c2997 [^]
2020-05-27 09:10 marvintm Note Added: 0120326
2020-05-27 09:10 marvintm Status resolved => new
2020-05-27 09:10 marvintm Resolution fixed => open
2020-05-27 09:16 ranjith_qualiantech_com Status new => scheduled
2020-05-27 11:07 hgbot Checkin
2020-05-27 11:07 hgbot Note Added: 0120344
2020-05-31 08:07 hgbot Checkin
2020-05-31 08:07 hgbot Note Added: 0120477
2020-06-01 08:02 ranjith_qualiantech_com Status scheduled => resolved
2020-06-01 08:02 ranjith_qualiantech_com Resolution open => fixed
2020-06-01 14:18 hgbot Checkin
2020-06-01 14:18 hgbot Note Added: 0120493


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker