Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0054753
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[POS2] Coremajorhave not tried2024-02-23 10:082024-06-25 10:06
ReportercaristuView Statuspublic 
Assigned ToTriage Platform Base 
PriorityhighResolutionopenFixed in Version
StatusnewFix in branchFixed in SCM revision
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned To
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0054753: Missing SecuredJSONProcess securization based on user actions

DescriptionIt is needed to add a securization mechanism to determine the users that can execute a SecuredJSONProcess based in the user action access.

In "old" POS this securization was done through preferences[1], but in core2 applications the user actions is the standard way to provide access to the application features.

[1] https://gitlab.com/openbravo/product/pmods/org.openbravo.mobile.core/-/blob/master/src/org/openbravo/mobile/core/process/SecuredJSONProcess.java?ref_type=heads#L173 [^]
Steps To Reproduce.
Proposed SolutionAdd a way to define the UserActions associated to a SecuredJSONProcess and allow the execution of the process only if the user is allowed to execute the UserAction.
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
related to defect 0054527 closedcaristu Retail Modules You can't use Reprintable Documents in POS with an user with a Manual Role 
related to feature request 0054537 closedcaristu Modules Support authenticating users with Web Authentication (phase 1) 

-  Notes
(0166290)
caristu (manager)
2024-06-25 10:06
edited on: 2024-06-25 10:08

Remember to include this as part of the fix: https://gitlab.com/openbravo/product/pmods/org.openbravo.authentication.webauthn/-/merge_requests/1#note_1801316641 [^]


- Issue History
Date Modified Username Field Change
2024-02-23 10:08 caristu New Issue
2024-02-23 10:08 caristu Assigned To => caristu
2024-02-23 10:08 caristu Issue generated from 0054537
2024-02-23 10:08 caristu Relationship added depends on 0054537
2024-02-23 10:13 caristu Description Updated View Revisions
2024-02-26 16:03 caristu Relationship deleted depends on 0054537
2024-02-26 16:04 caristu Relationship added related to 0054527
2024-02-26 16:06 caristu Summary Support authenticating users with Web Authentication (phase 2) => Missing SecuredJSONProcess securization based on user actions
2024-02-26 16:06 caristu Description Updated View Revisions
2024-02-26 16:06 caristu Proposed Solution updated
2024-02-26 16:08 caristu Description Updated View Revisions
2024-02-26 16:08 caristu Project Modules => POS2
2024-02-26 16:08 caristu Triggers an Emergency Pack => No
2024-02-26 16:08 caristu Category Web Authentication => Core
2024-02-26 16:08 caristu Assigned To caristu => Triage Platform Base
2024-02-28 09:29 caristu Severity minor => major
2024-02-28 09:29 caristu Type feature request => defect
2024-03-06 17:42 caristu Relationship added related to 0054537
2024-06-25 10:06 caristu Note Added: 0166290
2024-06-25 10:08 caristu Note Edited: 0166290 View Revisions


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker