OFBiz OFBiz - Commits

[ofbiz-framework] branch release17.12 updated: Fixed: Make ruleName field in PriceForms.xml#AddPriceRules safe (OFBIZ-12098)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
jleroux@apache.org
Reply | Threaded
Open this post in threaded view
|

[ofbiz-framework] branch release17.12 updated: Fixed: Make ruleName field in PriceForms.xml#AddPriceRules safe (OFBIZ-12098)

jleroux@apache.org
This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch release17.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git


The following commit(s) were added to refs/heads/release17.12 by this push:
     new 3982f8d  Fixed: Make ruleName field in PriceForms.xml#AddPriceRules safe (OFBIZ-12098)
3982f8d is described below

commit 3982f8d526d2cee9bd4bf4093e806c5af1bd880a
Author: Jacques Le Roux <[hidden email]>
AuthorDate: Sun Dec 20 11:02:27 2020 +0100

    Fixed: Make ruleName field in PriceForms.xml#AddPriceRules safe (OFBIZ-12098)
   
    I noticed an issue due to entity-auto. Unlike with a standard service you can't
    protect fields using allow-html="safe" except by overriding fields. So in case
    this must be done one by one...
   
    An example is ruleName field in PriceForms.xml#AddPriceRules with
    createProductPriceRule and updateProductPriceRule services
   
    This fixes this only case...
    Also removes trailing blanks and only that (by IDE setting)
   
    Conflicts handled by hand
    applications/product/servicedef/services_pricepromo.xml
---
 applications/product/servicedef/services_pricepromo.xml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/applications/product/servicedef/services_pricepromo.xml b/applications/product/servicedef/services_pricepromo.xml
index 5b67bec..82faa90 100644
--- a/applications/product/servicedef/services_pricepromo.xml
+++ b/applications/product/servicedef/services_pricepromo.xml
@@ -72,13 +72,14 @@ under the License.
         <permission-service service-name="productPriceGenericPermission" main-action="CREATE"/>
         <auto-attributes include="pk" mode="OUT" optional="false"/>
         <auto-attributes include="nonpk" mode="IN" optional="true"/>
-        <override name="ruleName" optional="false"/>
+        <override name="ruleName" optional="false" allow-html="safe"/>
     </service>
     <service name="updateProductPriceRule" default-entity-name="ProductPriceRule" engine="entity-auto" invoke="update" auth="true">
         <description>Update a ProductPriceRule</description>
         <permission-service service-name="productPriceGenericPermission" main-action="UPDATE"/>
         <auto-attributes include="pk" mode="IN" optional="false"/>
         <auto-attributes include="nonpk" mode="IN" optional="true"/>
+        <override name="ruleName" optional="false" allow-html="safe"/>
     </service>
     <service name="deleteProductPriceRule" default-entity-name="ProductPriceRule" engine="entity-auto" invoke="delete" auth="true">
         <description>Delete a ProductPriceRule</description>

Free forum by Nabble Edit this page