Project:
| View Issue Details[ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||||||
| ID | ||||||||||||
| 0054753 | ||||||||||||
| Type | Category | Severity | Reproducibility | Date Submitted | Last Update | |||||||
| defect | [POS2] Core | major | have not tried | 2024-02-23 10:08 | 2024-06-25 10:06 | |||||||
| Reporter | caristu | View Status | public | |||||||||
| Assigned To | Triage Platform Base | |||||||||||
| Priority | high | Resolution | open | Fixed in Version | ||||||||
| Status | new | Fix in branch | Fixed in SCM revision | |||||||||
| Projection | none | ETA | none | Target Version | ||||||||
| OS | Any | Database | Any | Java version | ||||||||
| OS Version | Database version | Ant version | ||||||||||
| Product Version | SCM revision | |||||||||||
| Review Assigned To | ||||||||||||
| Regression level | ||||||||||||
| Regression date | ||||||||||||
| Regression introduced in release | ||||||||||||
| Regression introduced by commit | ||||||||||||
| Triggers an Emergency Pack | No | |||||||||||
| Summary | 0054753: Missing SecuredJSONProcess securization based on user actions | |||||||||||
| Description | It is needed to add a securization mechanism to determine the users that can execute a SecuredJSONProcess based in the user action access. In "old" POS this securization was done through preferences[1], but in core2 applications the user actions is the standard way to provide access to the application features. [1] https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/blob/master/src/org/openbravo/mobile/core/process/SecuredJSONProcess.java?ref_type=heads#L173 [^] | |||||||||||
| Steps To Reproduce | . | |||||||||||
| Proposed Solution | Add a way to define the UserActions associated to a SecuredJSONProcess and allow the execution of the process only if the user is allowed to execute the UserAction. | |||||||||||
| Tags | No tags attached. | |||||||||||
| Attached Files | ||||||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
|||||||||||||||||
|
|||||||||||||||||
 Relationships |
|
Notes |
|
|
(0166290) caristu (manager) 2024-06-25 10:06 edited on: 2024-06-25 10:08 |
Remember to include this as part of the fix: https://gitlab.com/openbravo/product/pmods/org.openbravo.authentication.webauthn/-/merge_requests/1#note_1801316641 [^] |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2024-02-23 10:08 | caristu | New Issue | |
| 2024-02-23 10:08 | caristu | Assigned To | => caristu |
| 2024-02-23 10:08 | caristu | Issue generated from | 0054537 |
| 2024-02-23 10:08 | caristu | Relationship added | depends on 0054537 |
| 2024-02-23 10:13 | caristu | Description Updated | View Revisions |
| 2024-02-26 16:03 | caristu | Relationship deleted | depends on 0054537 |
| 2024-02-26 16:04 | caristu | Relationship added | related to 0054527 |
| 2024-02-26 16:06 | caristu | Summary | Support authenticating users with Web Authentication (phase 2) => Missing SecuredJSONProcess securization based on user actions |
| 2024-02-26 16:06 | caristu | Description Updated | View Revisions |
| 2024-02-26 16:06 | caristu | Proposed Solution updated | |
| 2024-02-26 16:08 | caristu | Description Updated | View Revisions |
| 2024-02-26 16:08 | caristu | Project | Modules => POS2 |
| 2024-02-26 16:08 | caristu | Triggers an Emergency Pack | => No |
| 2024-02-26 16:08 | caristu | Category | Web Authentication => Core |
| 2024-02-26 16:08 | caristu | Assigned To | caristu => Triage Platform Base |
| 2024-02-28 09:29 | caristu | Severity | minor => major |
| 2024-02-28 09:29 | caristu | Type | feature request => defect |
| 2024-03-06 17:42 | caristu | Relationship added | related to 0054537 |
| 2024-06-25 10:06 | caristu | Note Added: 0166290 | |
| 2024-06-25 10:08 | caristu | Note Edited: 0166290 | View Revisions |
|
Issue History |
| Copyright © 2000 - 2009 MantisBT Group |
 |