Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0048126
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Retail Modules] Web POSmajorhave not tried2021-11-22 17:272024-07-15 16:29
ReportermarvintmView Statuspublic 
Assigned Toeugen_hamuraru 
PriorityhighResolutionfixedFixed in VersionRR24Q2
StatusclosedFix in branchFixed in SCM revision
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned To
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0048126: ExternalOrderLoader is not working because of CSRF token check

DescriptionCorrect requests to ExternalOrderLoader fail, because the CSRF Token check is performed there, and it doesn't pass, so the request is rejected.
Steps To ReproduceThe problem can be reproduced in livebuilds just using the Swagger documentation example:

https://livebuilds.openbravo.com/retail_modules_pgsql_pi/api?urls.primaryName=orderloader [^]

It can also be reproduced by using the Postman example of the RetailAPI module:

https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.api/-/blob/master/examples/Retail%20API.postman_collection.json [^]
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
related to backport 0055218RR24Q1 closedadrianromero ExternalOrderLoader is not working because of CSRF token check 

-  Notes
(0161030)
hgbot (developer)
2024-02-21 14:17

 Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.posterminal/-/merge_requests/1483 [^]
(0161031)
hgbot (developer)
2024-02-21 14:19

 Merge Request created: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/merge_requests/665 [^]
(0161447)
hgbot (developer)
2024-02-29 16:41

 Merge request merged: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/merge_requests/665 [^]
(0161448)
hgbot (developer)
2024-02-29 16:41

 Repository: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core [^]
Changeset: d14d9ea59e93a40422310cc8434440723aa94fb7
Author: Eugen Hamuraru <eugen.hamuraru@openbravo.com>
Date: 29-02-2024 15:41:01
URL: https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/commit/d14d9ea59e93a40422310cc8434440723aa94fb7 [^]

Related to BUG-48126: ability to skip CSRF token check for SecuredJSONProcess

---
A src-test/org/openbravo/mobile/core/process/MobileServiceTest.java
M src-test/org/openbravo/mobile/core/StandaloneTestSuite.java
M src/org/openbravo/mobile/core/process/MobileService.java
M src/org/openbravo/mobile/core/process/MobileServiceProcessor.java
M src/org/openbravo/mobile/core/process/SecuredJSONProcess.java
---
(0161449)
hgbot (developer)
2024-02-29 16:41

 Directly closing issue as related merge request is already approved.

Repository: https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.posterminal [^]
Changeset: 653c3a7c365c967e16e034ea67db463ab673db9a
Author: Eugen Hamuraru <eugen.hamuraru@openbravo.com>
Date: 29-02-2024 07:49:26
URL: https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.posterminal/-/commit/653c3a7c365c967e16e034ea67db463ab673db9a [^]

Fixes ISSUE-48126: skip CSRF token check for the ExternalOrderLoader

---
M src/org/openbravo/retail/posterminal/ExternalOrderLoader.java
---
(0161450)
hgbot (developer)
2024-02-29 16:41

 Merge request merged: https://gitlab.com/openbravo/product/pmods/org.openbravo.retail.posterminal/-/merge_requests/1483 [^]

- Issue History
Date Modified Username Field Change
2021-11-22 17:27 marvintm New Issue
2021-11-22 17:27 marvintm Assigned To => Retail
2021-11-22 17:27 marvintm Triggers an Emergency Pack => No
2021-11-25 07:17 ivancaceres Issue Monitored: ivancaceres
2022-07-21 12:12 radhakrishnan Assigned To Retail => radhakrishnan
2022-07-21 12:13 radhakrishnan Status new => scheduled
2023-05-08 15:56 marvintm Assigned To radhakrishnan => Retail
2023-05-20 12:36 ranjith_qualiantech_com Status scheduled => feedback
2024-02-08 09:22 rafademiguel Priority normal => high
2024-02-08 09:22 rafademiguel Status feedback => new
2024-02-12 09:40 guillermogil Assigned To Retail => Triage Platform Conn
2024-02-16 10:33 adrianromero Assigned To Triage Platform Conn => eugen_hamuraru
2024-02-21 14:17 hgbot Note Added: 0161030
2024-02-21 14:19 hgbot Note Added: 0161031
2024-02-29 16:41 hgbot Note Added: 0161447
2024-02-29 16:41 hgbot Note Added: 0161448
2024-02-29 16:41 hgbot Resolution open => fixed
2024-02-29 16:41 hgbot Status new => closed
2024-02-29 16:41 hgbot Fixed in Version => RR24Q2
2024-02-29 16:41 hgbot Note Added: 0161449
2024-02-29 16:41 hgbot Note Added: 0161450
2024-04-17 12:00 adrianromero Issue cloned 0055218
2024-04-17 12:00 adrianromero Relationship added related to 0055218
2024-07-15 16:24 meriem_azaf Status closed => new
2024-07-15 16:24 meriem_azaf Resolution fixed => open
2024-07-15 16:24 meriem_azaf Fixed in Version RR24Q2 =>
2024-07-15 16:24 meriem_azaf Status new => scheduled
2024-07-15 16:24 meriem_azaf Status scheduled => resolved
2024-07-15 16:24 meriem_azaf Resolution open => fixed
2024-07-15 16:24 meriem_azaf Status resolved => closed
2024-07-15 16:27 meriem_azaf Fixed in Version => RR24Q2
2024-07-15 16:29 meriem_azaf Relationship added related to 0056017

Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker