Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
| ID | ||||||||
| 0044783 | ||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||
| defect | [Modules] French Fiscal | minor | always | 2020-08-11 13:22 | 2020-09-08 14:34 | |||
| Reporter | vmromanos | View Status | public | |||||
| Assigned To | vmromanos | |||||||
| Priority | normal | Resolution | fixed | Fixed in Version | ||||
| Status | closed | Fix in branch | Fixed in SCM revision | |||||
| Projection | none | ETA | none | Target Version | ||||
| OS | Any | Database | Any | Java version | ||||
| OS Version | Database version | Ant version | ||||||
| Product Version | SCM revision | |||||||
| Regression date | ||||||||
| Regression introduced by commit | ||||||||
| Regression level | ||||||||
| Review Assigned To | ||||||||
| Regression introduced in release | ||||||||
| Summary | 0044783: Replace client's name by client's ID in the French Fiscal Security Background | |||||||
| Description | The French Fiscal Security background process logs the client's name that is checking, and this log can be seen by any client. In a multi tenant environment this could create problems with GDPR, so it could be better to avoid it. | |||||||
| Steps To Reproduce | In an environment with French Fiscal module. Go to Process Request and search for French Fiscal Security Background process. Go to Process Monitor tab and check the log. You will say the names of every client available in that instance. Example: 2020-08-11 11:10:00.033 - Run process for client F&B International Group... 2020-08-11 11:10:00.038 - Process completed successfully 2020-08-11 11:10:00.038 - Run process for client QA Testing... 2020-08-11 11:10:00.04 - Process completed successfully 2020-08-11 11:10:00.04 - Run process for client The White Valley Group... | |||||||
| Proposed Solution | Replace client name by Id to hide sensitive data | |||||||
| Tags | No tags attached. | |||||||
| Attached Files | ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
|||||||||
|
|||||||||
 Relationships |
|
Notes |
|
|
(0121983) hgbot (developer) 2020-08-11 13:59 |
Merge Request created: https://gitlab.com/openbravo/ci/modules/org.openbravo.certification.france.dev/-/merge_requests/5 [^] |
|
(0121984) vmromanos (manager) 2020-08-11 14:00 |
Test plan: In an environment with French Fiscal module. Go to Process Request and search for French Fiscal Security Background process. Go to Process Monitor tab and check the log. You will say the IDs of every client available in that instance. Example: 2020-08-11 14:00:00.015 - Run process for client ID 23C59575B9CF467C9620760EB255B389... 2020-08-11 14:00:00.021 - Process completed successfully 2020-08-11 14:00:00.021 - Run process for client ID 4028E6C72959682B01295A070852010D... 2020-08-11 14:00:00.025 - Process completed successfully 2020-08-11 14:00:00.025 - Run process for client ID A64C68776B544B0DB59C16456C43E608... 2020-08-11 14:00:00.031 - Process completed successfully 2020-08-11 14:00:00.031 - Run process for client ID A320B5B0813A48BCB3522772432FCDF8... 2020-08-11 14:00:00.036 - Process completed successfully 2020-08-11 14:00:00.036 - Run process for client ID 39363B0921BB4293B48383844325E84C... 2020-08-11 14:00:00.041 - Process completed successfully |
|
(0122090) hgbot (developer) 2020-08-17 08:20 |
Directly closing issue as related merge request is already approved. Repository: https://gitlab.com/openbravo/ci/modules/org.openbravo.certification.france.dev [^] Changeset: 3246341f4e0c05b574152afc17c3eda213f877d2 Author: Víctor Martínez Romanos <victor.martinez@openbravo.com> Date: 2020-08-17T06:20:18+00:00 URL: https://gitlab.com/openbravo/ci/modules/org.openbravo.certification.france.dev/-/commit/3246341f4e0c05b574152afc17c3eda213f877d2 [^] Fixed BUG-44783: Log client's ID in Security Background This avoids to expose the clients names in a multitenant environment --- M src/org/openbravo/certification/france/background/FrenchFiscalSecurityManager.java --- |
|
(0122091) hgbot (developer) 2020-08-17 08:20 |
Merge request merged: https://gitlab.com/openbravo/ci/modules/org.openbravo.certification.france.dev/-/merge_requests/5 [^] |
|
(0122797) hgbot (developer) 2020-09-08 14:34 |
Directly closing issue as related merge request is already approved. Repository: https://gitlab.com/openbravo/product/pmods/org.openbravo.certification.france [^] Changeset: f5224785d5d69309ea9695694920a91112b45905 Author: Víctor Martínez Romanos <victor.martinez@openbravo.com> Date: 2020-09-08T14:04:02+02:00 URL: https://gitlab.com/openbravo/product/pmods/org.openbravo.certification.france/-/commit/f5224785d5d69309ea9695694920a91112b45905 [^] Synchronized from development repo (rev 9f2178b) Synchronized src-db Updated jar Synchronized JS files Updated module hash Updated module version to 1.0.110 -- Included changesets: f2f343c Updated minor version to 1.0.110 34d5f92 Fixes ISSUE-44884: Reduce hashed json scope including only main ticket properties 7cf2a16 Updated module hash 68446f1 Related to ISSUE-44843: Fix jslint errors b582563 Related to ISSUE-44843: Implement the TicketList model in the new state engine 4268332 [ticket-list] delete unneeded validations ca30265 Updated module hash abf01bd Fixed ISSUE-44785: New flag at Organization level to default terminal blockchain 3246341 Fixed BUG-44783: Log client's ID in Security Background 2106315 fixes BUG-44542:APplied new HQL style 3d2c5e4 Update module hash daf6af4 Fixes ISSUE-44749: Run TicketInitialValidation only if terminal has blockchain initialized cef7608 Fixes ISSUE-44748: Change isBlockchained column default value to false 42c9637 Fixes ISSUE-44669: Avoid client/org check when setting admin mode --- A src-db/database/model/modifiedTables/AD_ORG.xml A src-db/database/sourcedata/AD_AUXILIARINPUT.xml A src-db/database/sourcedata/AD_FIELDGROUP.xml M lib/runtime/org.openbravo.certification.france-1.0.jar M src-db/database/model/triggers/OBCFR_OBPOS_APPLICATIONS_TRG.xml M src-db/database/sourcedata/AD_COLUMN.xml M src-db/database/sourcedata/AD_ELEMENT.xml M src-db/database/sourcedata/AD_FIELD.xml M src-db/database/sourcedata/AD_MODULE.xml M web/org.openbravo.certification.france/js/ticket/preOrderSaveFinishCancelLayawayHook.js M web/org.openbravo.certification.france/js/ticket/preSyncReceiptHook.js --- |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2020-08-11 13:22 | vmromanos | New Issue | |
| 2020-08-11 13:22 | vmromanos | Assigned To | => Triage Finance |
| 2020-08-11 13:41 | vmromanos | Status | new => scheduled |
| 2020-08-11 13:41 | vmromanos | Assigned To | Triage Finance => vmromanos |
| 2020-08-11 13:59 | hgbot | Note Added: 0121983 | |
| 2020-08-11 14:00 | vmromanos | Note Added: 0121984 | |
| 2020-08-11 14:09 | vmromanos | Relationship added | related to 0044787 |
| 2020-08-17 08:20 | hgbot | Resolution | open => fixed |
| 2020-08-17 08:20 | hgbot | Status | scheduled => closed |
| 2020-08-17 08:20 | hgbot | Note Added: 0122090 | |
| 2020-08-17 08:20 | hgbot | Note Added: 0122091 | |
| 2020-09-08 14:34 | hgbot | Note Added: 0122797 | |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |