[
https://issues.apache.org/jira/browse/OFBIZ-431?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12464423 ]
Scott Gray commented on OFBIZ-431:
----------------------------------
Hi Jonathan
I really don't think I'd be of much help on this one, I've only done a once over on this myself and that was 2 months ago. I think this issue needs someone with a fair bit of order component experience or a lot of time, and I'm afraid I have neither at the moment. I can't really even offer any pointers about where to look first.
I am going to look over it again when I have time but it won't be in the next few days, sorry.
> Editting Order goes recursive with promotions...
> ------------------------------------------------
>
> Key: OFBIZ-431
> URL:
https://issues.apache.org/jira/browse/OFBIZ-431> Project: Apache OFBiz (The Open for Business Project)
> Issue Type: Bug
> Components: order
> Affects Versions: SVN trunk
> Environment: N/A - clean default
> Reporter: Ray Barlow
> Assigned To: Jacopo Cappellato
> Priority: Critical
>
> With the standard demo data raise an order for admin with 1 GZ-1000 and 1 GZ-7000, 3 promotional products will be added to the order which is fine.
> Find and view the newly created order in the order application. Click on the edit link and then try to increase the order quantity of the GZ-1000 from 1 to 2, the system will thrash away for a while and then fail with a transaction error, timed out.
> Once the dust has settled you can see that the party has also been sent 100 +/-5 email notification changes, which is were I'm getting the feeling that recursion is the problem!
> Trying to cancel a line item can also cause the same effect, in general editting orders with promotions seems to cause lots of problems at the moment.
> PS: I'd advise this only gets tested on local development machines as the impact is quite an intense load on the server and can result in DoS style problems. That said I did execute this once on the "demo.dejc.com" server (sorry David) just to check it wasn't anything I'd changed, the admin account now has a lot of order change notifications (at least until the next reload of the site!).
> PPS: This can also be triggered via the customer facing site, when cancelling a line item from the order history page, bit of an exposure for live sites to DoS from malicious users.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://issues.apache.org/jira/secure/Administrators.jspa-
For more information on JIRA, see:
http://www.atlassian.com/software/jira