OFBiz OFBiz - Dev

[jira] Created: (OFBIZ-731) Security permission bug when adding product to category

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] Created: (OFBIZ-731) Security permission bug when adding product to category

Nicolas Malin (Jira)
Security permission bug when adding product to category
-------------------------------------------------------

                 Key: OFBIZ-731
                 URL: https://issues.apache.org/jira/browse/OFBIZ-731
             Project: OFBiz (The Open for Business Project)
          Issue Type: Bug
          Components: product
            Reporter: Si Chen


Did the recent change to security permissions break things?  I'm no longer able to add products to a category.

2007-02-16 13:38:34,889 (http-0.0.0.0-8441-Processor8) [     RequestHandler.java:200:INFO ] [Processing Request]: addCategoryProductMember sessionId=7679FF1A15446C53327D8BA2B292E433.jvm1
2007-02-16 13:38:34,959 (http-0.0.0.0-8441-Processor8) [            UtilXml.java:243:DEBUG] XML Read 0.067s: file:/Users/sichen/Documents/workspace/ofbiz/applications/product/script/org/ofbiz/product/category/CategoryServices.xml
2007-02-16 13:38:34,970 (http-0.0.0.0-8441-Processor8) [FlexibleStringExpander.java:355:WARN ] Could not find value in environment for the name [roleCategories], inserting nothing.
2007-02-16 13:38:34,971 (http-0.0.0.0-8441-Processor8) [                Log.java:94 :INFO ] Checking category permission, roleCategories=
2007-02-16 13:38:34,972 (http-0.0.0.0-8441-Processor8) [  ServiceDispatcher.java:459:DEBUG] [[Sync service finished- total:0.0020,since last(Begin):0.0020]] - 'catalog / productCategoryGenericPermission'
2007-02-16 13:38:34,991 (http-0.0.0.0-8441-Processor8) [      FieldToResult.java:66 :WARN ] Field value not found with name hasPermission in Map with name
2007-02-16 13:38:34,992 (http-0.0.0.0-8441-Processor8) [      FieldToResult.java:66 :WARN ] Field value not found with name failMessage in Map with name
2007-02-16 13:38:34,998 (http-0.0.0.0-8441-Processor8) [  ServiceDispatcher.java:459:DEBUG] [[Sync service finished- total:0.106,since last(Begin):0.106]] - 'catalog / checkCategoryPermissionWithViewPurchaseAllow'
2007-02-16 13:38:34,999 (http-0.0.0.0-8441-Processor8) [  ServiceDispatcher.java:389:DEBUG] [[Sync service failed...- total:0.0,since last(Begin):0.0]] - 'catalog / safeAddProductToCategory'
2007-02-16 13:38:35,001 (http-0.0.0.0-8441-Processor8) [  ServiceDispatcher.java:392:ERROR]
---- exception report ----------------------------------------------------------
Service [safeAddProductToCategory] threw an unexpected exception/error
Exception: org.ofbiz.service.ServiceAuthException
Message: ERROR: the permission-service did not return a result. Not running the service [safeAddProductToCategory]
---- stack trace ---------------------------------------------------------------
org.ofbiz.service.ServiceAuthException: ERROR: the permission-service did not return a result. Not running the service [safeAddProductToCategory]
org.ofbiz.service.ServiceDispatcher.checkAuth(ServiceDispatcher.java:767)
org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:307)
org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:211)
org.ofbiz.service.GenericDispatcher.runSync(GenericDispatcher.java:113)
org.ofbiz.webapp.event.ServiceEventHandler.invoke(ServiceEventHandler.java:290)
org.ofbiz.webapp.control.RequestHandler.runEvent(RequestHandler.java:409)
org.ofbiz.webapp.control.RequestHandler.doRequest(RequestHandler.java:240)
org.ofbiz.webapp.control.ControlServlet.doGet(ControlServlet.java:185)
org.ofbiz.webapp.control.ControlServlet.doPost(ControlServlet.java:77)
javax.servlet.http.HttpServlet.service(HttpServlet.java:615)
javax.servlet.http.HttpServlet.service(HttpServlet.java:688)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.ofbiz.webapp.control.ContextFilter.doFilter(ContextFilter.java:248)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
java.lang.Thread.run(Thread.java:552)


--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] Closed: (OFBIZ-731) Security permission bug when adding product to category

Nicolas Malin (Jira)

     [ https://issues.apache.org/jira/browse/OFBIZ-731?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

David E. Jones closed OFBIZ-731.
--------------------------------

       Resolution: Fixed
    Fix Version/s: SVN trunk
         Assignee: David E. Jones

Thanks for reporting this Si, it was my oversight.

The fix is in SVN rev 508885.

> Security permission bug when adding product to category
> -------------------------------------------------------
>
>                 Key: OFBIZ-731
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-731
>             Project: OFBiz (The Open for Business Project)
>          Issue Type: Bug
>          Components: product
>            Reporter: Si Chen
>         Assigned To: David E. Jones
>             Fix For: SVN trunk
>
>
> Did the recent change to security permissions break things?  I'm no longer able to add products to a category.
> 2007-02-16 13:38:34,889 (http-0.0.0.0-8441-Processor8) [     RequestHandler.java:200:INFO ] [Processing Request]: addCategoryProductMember sessionId=7679FF1A15446C53327D8BA2B292E433.jvm1
> 2007-02-16 13:38:34,959 (http-0.0.0.0-8441-Processor8) [            UtilXml.java:243:DEBUG] XML Read 0.067s: file:/Users/sichen/Documents/workspace/ofbiz/applications/product/script/org/ofbiz/product/category/CategoryServices.xml
> 2007-02-16 13:38:34,970 (http-0.0.0.0-8441-Processor8) [FlexibleStringExpander.java:355:WARN ] Could not find value in environment for the name [roleCategories], inserting nothing.
> 2007-02-16 13:38:34,971 (http-0.0.0.0-8441-Processor8) [                Log.java:94 :INFO ] Checking category permission, roleCategories=
> 2007-02-16 13:38:34,972 (http-0.0.0.0-8441-Processor8) [  ServiceDispatcher.java:459:DEBUG] [[Sync service finished- total:0.0020,since last(Begin):0.0020]] - 'catalog / productCategoryGenericPermission'
> 2007-02-16 13:38:34,991 (http-0.0.0.0-8441-Processor8) [      FieldToResult.java:66 :WARN ] Field value not found with name hasPermission in Map with name
> 2007-02-16 13:38:34,992 (http-0.0.0.0-8441-Processor8) [      FieldToResult.java:66 :WARN ] Field value not found with name failMessage in Map with name
> 2007-02-16 13:38:34,998 (http-0.0.0.0-8441-Processor8) [  ServiceDispatcher.java:459:DEBUG] [[Sync service finished- total:0.106,since last(Begin):0.106]] - 'catalog / checkCategoryPermissionWithViewPurchaseAllow'
> 2007-02-16 13:38:34,999 (http-0.0.0.0-8441-Processor8) [  ServiceDispatcher.java:389:DEBUG] [[Sync service failed...- total:0.0,since last(Begin):0.0]] - 'catalog / safeAddProductToCategory'
> 2007-02-16 13:38:35,001 (http-0.0.0.0-8441-Processor8) [  ServiceDispatcher.java:392:ERROR]
> ---- exception report ----------------------------------------------------------
> Service [safeAddProductToCategory] threw an unexpected exception/error
> Exception: org.ofbiz.service.ServiceAuthException
> Message: ERROR: the permission-service did not return a result. Not running the service [safeAddProductToCategory]
> ---- stack trace ---------------------------------------------------------------
> org.ofbiz.service.ServiceAuthException: ERROR: the permission-service did not return a result. Not running the service [safeAddProductToCategory]
> org.ofbiz.service.ServiceDispatcher.checkAuth(ServiceDispatcher.java:767)
> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:307)
> org.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:211)
> org.ofbiz.service.GenericDispatcher.runSync(GenericDispatcher.java:113)
> org.ofbiz.webapp.event.ServiceEventHandler.invoke(ServiceEventHandler.java:290)
> org.ofbiz.webapp.control.RequestHandler.runEvent(RequestHandler.java:409)
> org.ofbiz.webapp.control.RequestHandler.doRequest(RequestHandler.java:240)
> org.ofbiz.webapp.control.ControlServlet.doGet(ControlServlet.java:185)
> org.ofbiz.webapp.control.ControlServlet.doPost(ControlServlet.java:77)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:615)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:688)
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
> org.ofbiz.webapp.control.ContextFilter.doFilter(ContextFilter.java:248)
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> java.lang.Thread.run(Thread.java:552)

--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Free forum by Nabble Edit this page