Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0047852
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[POS2] Coremajorhave not tried2021-10-14 17:432021-10-18 14:04
ReportercbernerView Statuspublic 
Assigned Tocberner 
PrioritynormalResolutionfixedFixed in Version
StatusclosedFix in branchFixed in SCM revision
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned To
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0047852: JIRA-2368: Permissions are wrong for drawer menu subentries if changing user

DescriptionWhen pressing login, user actions permissions are not updated for the entries of groups of the drawer menu, resulting in this appearing as disabled when they should be enabled, and enabled when should be disabled, because the previous state is the one being mantained.

For example, a Manager with permission to all subentries logs in, he has all options available. If he doesn't refresh, logs out, and an employee with no permissions logs in, he'll have the same access to the drawer menu subentries as the manager.

Note: This doesn't affect the group button, for example Customers window works fine, and permissions are updated correctly.
Steps To Reproduce1. Login in Backoffice as Openbravo and WhiteValleyGroup admin role
2. Go to Role window and select VallBlancaManual role
2.1. In UserActionAccess remove "SwitchToOrgVariablesWindow" entry
2.2. You may logout from backoffice
3. Login in WebPOS as Vallblanca, check that Organization Variables subentry is available
4. Click on user Vallblanca to the top right, and change Profile to VallBlancaManual and check that Organization Variables subentry is disabled
5. Click Logout and login again as Vallblanca user

Option Organization Variables appears as disabled, although you're connected with a role that has permission to that user action.
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
depends on backport 0047853TAP closedcberner JIRA-2368: Permissions are wrong for drawer menu subentries if changing user 

-  Notes
(0132357)
hgbot (developer)
2021-10-15 09:51

Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/649 [^]
(0132412)
hgbot (developer)
2021-10-18 14:04

Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2 [^]
Changeset: 6bebef4a7f0477a3cd011c3afe7e7a4ccf31f539
Author: Cristian Berner <cristian.berner@openbravo.com>
Date: 2021-10-18T13:28:46+02:00
URL: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/commit/6bebef4a7f0477a3cd011c3afe7e7a4ccf31f539 [^]

Fixes ISSUE-47852: Permissions are wrong for drawer menu subentries if changing user

UserAction executability was not being recalculated on login, resulting
in using the previous session/user executability for the newly logged
user. If the previous user had different permissions for a certain user
action, this was not being updated(except for the ones that are updated
due to them listening to a state model).

As such, it is required to recalculate the executability of user actions
on login. To do that, initializeAll from UserAction.js was moved to
initializeAllUserActions in Registry.js, which checks all registered
user actions, and if initialized, it only recalculates executability
with the current state.

Other options would have been to do a refresh on login or logout
process, but that is unacceptable just for this simple fix.

---
M web-jspack/org.openbravo.core2/src/core/Registry.js
M web-jspack/org.openbravo.core2/src/core/authentication/OnLoginActions.js
M web-jspack/org.openbravo.core2/src/core/user-action/UserAction.js
M web-jspack/org.openbravo.core2/src/core/user-action/__test__/UserAction.test.js
---
(0132413)
hgbot (developer)
2021-10-18 14:04

Merge request merged: https://gitlab.com/openbravo/product/pmods/org.openbravo.core2/-/merge_requests/649 [^]

- Issue History
Date Modified Username Field Change
2021-10-14 17:43 cberner New Issue
2021-10-14 17:43 cberner Assigned To => cberner
2021-10-14 17:43 cberner Triggers an Emergency Pack => No
2021-10-14 17:43 guilleaer Status new => scheduled
2021-10-14 17:43 guilleaer Status scheduled => acknowledged
2021-10-14 17:58 cberner Steps to Reproduce Updated View Revisions
2021-10-15 09:51 hgbot Note Added: 0132357
2021-10-18 09:26 cberner Status acknowledged => scheduled
2021-10-18 14:04 hgbot Resolution open => fixed
2021-10-18 14:04 hgbot Status scheduled => closed
2021-10-18 14:04 hgbot Note Added: 0132412
2021-10-18 14:04 hgbot Note Added: 0132413


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker