[ofbiz-framework] branch release17.12 updated (77f7ace -> 6ce1027)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[ofbiz-framework] branch release17.12 updated (77f7ace -> 6ce1027)

jleroux@apache.org
This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a change to branch release17.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git.


    from 77f7ace  Improvement: German translation improvements in HumanResUiLabels (OFBIZ-11134)
     new b2e3cc7  Fixed: impersonateLogin (OFBIZ-5409)
     new 6ce1027  Fixed: setUserTimeZone should ran only once based on error (OFBIZ-11329)

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../groovyScripts/SetLocaleFromBrowser.groovy      |  5 +++--
 .../java/org/apache/ofbiz/common/CommonEvents.java |  7 ++++--
 .../common/webapp/common/js/util/setUserLocale.js  | 25 ++++++++++++----------
 3 files changed, 22 insertions(+), 15 deletions(-)

Reply | Threaded
Open this post in threaded view
|

[ofbiz-framework] 01/02: Fixed: impersonateLogin (OFBIZ-5409)

jleroux@apache.org
This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch release17.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git

commit b2e3cc717dcea74110d4b152ae46a9a2b2c62a89
Author: Jacques Le Roux <[hidden email]>
AuthorDate: Tue Feb 4 15:35:40 2020 +0100

    Fixed: impersonateLogin
    (OFBIZ-5409)
   
    I reopended this old issue because, while working on  OFBIZ-11329, I found that
    userLogin and impersonateLogin should be removed from
    jsonResponseFromRequestAttributes
   
    Thanks: James Yong for pointing that out
   
    # Conflicts:
    # framework/common/src/main/java/org/apache/ofbiz/common/CommonEvents.java
---
 .../common/src/main/java/org/apache/ofbiz/common/CommonEvents.java | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/framework/common/src/main/java/org/apache/ofbiz/common/CommonEvents.java b/framework/common/src/main/java/org/apache/ofbiz/common/CommonEvents.java
index 663a0d3..835de82 100644
--- a/framework/common/src/main/java/org/apache/ofbiz/common/CommonEvents.java
+++ b/framework/common/src/main/java/org/apache/ofbiz/common/CommonEvents.java
@@ -62,7 +62,7 @@ public class CommonEvents {
 
     public static final String module = CommonEvents.class.getName();
 
-    private static final String[] ignoreAttrs = new String[] { // Attributes removed for security reason; _ERROR_MESSAGE_ is kept
+    private static final String[] ignoreAttrs = new String[] { // Attributes removed for security reason; _ERROR_MESSAGE_ and _ERROR_MESSAGE_LIST are kept
         "javax.servlet.request.key_size",
         "_CONTEXT_ROOT_",
         "_FORWARDED_FROM_SERVLET_",
@@ -73,7 +73,10 @@ public class CommonEvents {
         "targetRequestUri",
         "_SERVER_ROOT_URL_",
         "_CONTROL_PATH_",
-        "thisRequestUri"
+        "thisRequestUri",
+        "org.apache.tomcat.util.net.secure_protocol_version",
+        "userLogin",
+        "impersonateLogin"
     };
 
     public static String setFollowerPage(HttpServletRequest request, HttpServletResponse response) {

Reply | Threaded
Open this post in threaded view
|

[ofbiz-framework] 02/02: Fixed: setUserTimeZone should ran only once based on error (OFBIZ-11329)

jleroux@apache.org
In reply to this post by jleroux@apache.org
This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch release17.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git

commit 6ce10278a391a5c588d7a97f6e779c4e4256f5d2
Author: Jacques Le Roux <[hidden email]>
AuthorDate: Wed Feb 5 09:30:55 2020 +0100

    Fixed: setUserTimeZone should ran only once based on error
    (OFBIZ-11329)
   
    This will be notably useful when committing CSRF solution as explained in
    OFBIZ-11306:
   
    SetTimeZoneFromBrowser when starting gives a  RequestHandlerException:
    Invalid or missing CSRF token for AJAX call to path '/SetTimeZoneFromBrowser'.
    Also not only when starting.
   
    Thanks: James Yong for review
    (cherry picked from commit 350c71f4df45cbe5671b54e61f74f9a352d78e05)
   
    # Conflicts:
    # framework/common/groovyScripts/SetLocaleFromBrowser.groovy
    # themes/common-theme/webapp/common/js/util/setUserTimeZone.js replaced
    by setUserLocale.js modified by hand
   
    I can compile locally but I can see a reason why and certainly not related to
    these changes
---
 .../groovyScripts/SetLocaleFromBrowser.groovy      |  5 +++--
 .../common/webapp/common/js/util/setUserLocale.js  | 25 ++++++++++++----------
 2 files changed, 17 insertions(+), 13 deletions(-)

diff --git a/framework/common/groovyScripts/SetLocaleFromBrowser.groovy b/framework/common/groovyScripts/SetLocaleFromBrowser.groovy
index 9e00511..690d06b 100644
--- a/framework/common/groovyScripts/SetLocaleFromBrowser.groovy
+++ b/framework/common/groovyScripts/SetLocaleFromBrowser.groovy
@@ -20,13 +20,14 @@
 import org.apache.ofbiz.service.ServiceUtil
 
 public Map setLocaleFromBrowser() {
-    Map results = ServiceUtil.returnSuccess()
     userLogin = from("UserLogin").where("userLoginId", parameters.userLogin.userLoginId).queryFirst();
     if (userLogin) {
         if (!userLogin.lastTimeZone || "null".equals(userLogin.lastTimeZone)) {
             userLogin.lastTimeZone = parameters.localeName
             userLogin.store()
+            return ServiceUtil.returnSuccess()
         }
+    } else {
+        return ServiceUtil.returnError()
     }
-    return results
 }
diff --git a/themes/common/webapp/common/js/util/setUserLocale.js b/themes/common/webapp/common/js/util/setUserLocale.js
index 4d0676c..0f32dba 100644
--- a/themes/common/webapp/common/js/util/setUserLocale.js
+++ b/themes/common/webapp/common/js/util/setUserLocale.js
@@ -17,15 +17,18 @@ specific language governing permissions and limitations
 under the License.
 */
 
-var timezone = moment.tz.guess();
-$.ajax({
-    url: "setLocaleFromBrowser",
-    type: "POST",
-    async: false,
-    data: "localeName=" + timezone,
-    error: function(error) {
-        if (error != "") {
-            console.error("Error while setting user locale: ", error);
+// Only once by session (ref https://developer.mozilla.org/en-US/docs/Web/API/Window/sessionStorage)
+if (sessionStorage.getItem("setLocaleFromBrowser") === null || sessionStorage.getItem("setLocaleFromBrowser") !== "done") {
+    var timezone = moment.tz.guess();
+    $.ajax({
+        url: "setLocaleFromBrowser",
+        type: "POST",
+        async: false,
+        data: "localeName=" + timezone,
+        success: function(success) {
+            if (success._ERROR_MESSAGE_ === undefined && success._ERROR_MESSAGE_LIST_ === undefined) {
+                sessionStorage.setItem("setLocaleFromBrowser", "done");
+            }
         }
-    }
-});
+    });
+}