OFBiz OFBiz - Commits

[ofbiz-framework] branch trunk updated: Fixed: Make ruleName field in PriceForms.xml#AddPriceRules safe (OFBIZ-12098)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
jleroux@apache.org
Reply | Threaded
Open this post in threaded view
|

[ofbiz-framework] branch trunk updated: Fixed: Make ruleName field in PriceForms.xml#AddPriceRules safe (OFBIZ-12098)

jleroux@apache.org
This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git


The following commit(s) were added to refs/heads/trunk by this push:
     new 72d3dd1  Fixed: Make ruleName field in PriceForms.xml#AddPriceRules safe (OFBIZ-12098)
72d3dd1 is described below

commit 72d3dd18ac47c381eee7c368febd25f3b6c1c101
Author: Jacques Le Roux <[hidden email]>
AuthorDate: Sun Dec 20 11:02:27 2020 +0100

    Fixed: Make ruleName field in PriceForms.xml#AddPriceRules safe (OFBIZ-12098)
   
    I noticed an issue due to entity-auto. Unlike with a standard service you can't
    protect fields using allow-html="safe" except by overriding fields. So in case
    this must be done one by one...
   
    An example is ruleName field in PriceForms.xml#AddPriceRules with
    createProductPriceRule and updateProductPriceRule services
   
    This fixes this only case...
    Also removes trailing blanks and only that (by IDE setting)
---
 .../product/servicedef/services_pricepromo.xml     | 55 +++++++++++-----------
 1 file changed, 28 insertions(+), 27 deletions(-)

diff --git a/applications/product/servicedef/services_pricepromo.xml b/applications/product/servicedef/services_pricepromo.xml
index 3233f3f..cc02baf 100644
--- a/applications/product/servicedef/services_pricepromo.xml
+++ b/applications/product/servicedef/services_pricepromo.xml
@@ -72,13 +72,14 @@ under the License.
         <permission-service service-name="productPriceGenericPermission" main-action="CREATE"/>
         <auto-attributes include="pk" mode="OUT" optional="false"/>
         <auto-attributes include="nonpk" mode="IN" optional="true"/>
-        <override name="ruleName" optional="false"/>
+        <override name="ruleName" optional="false" allow-html="safe"/>
     </service>
     <service name="updateProductPriceRule" default-entity-name="ProductPriceRule" engine="entity-auto" invoke="update" auth="true">
         <description>Update a ProductPriceRule</description>
         <permission-service service-name="productPriceGenericPermission" main-action="UPDATE"/>
         <auto-attributes include="pk" mode="IN" optional="false"/>
         <auto-attributes include="nonpk" mode="IN" optional="true"/>
+        <override name="ruleName" optional="false" allow-html="safe"/>
     </service>
     <service name="deleteProductPriceRule" default-entity-name="ProductPriceRule" engine="entity-auto" invoke="delete" auth="true">
         <description>Delete a ProductPriceRule</description>
@@ -386,62 +387,62 @@ under the License.
     <service name="productPromoCondProductTotal" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoCondServices.groovy" invoke="productTotal">
         <description>Product promo condition service on the product Total</description>
-        <implements service="interfaceProductPromoCond"/>
+        <implements service="interfaceProductPromoCond"/>
     </service>
     <service name="productPromoCondProductQuant" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoCondServices.groovy" invoke="productQuant">
         <description>Product promo condition service on quantity </description>
-        <implements service="interfaceProductPromoCond"/>
+        <implements service="interfaceProductPromoCond"/>
     </service>
     <service name="productPromoCondNewACCT" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoCondServices.groovy" invoke="productNewACCT">
         <description>Product promo condition service on Account Days Since Created </description>
-        <implements service="interfaceProductPromoCond"/>
+        <implements service="interfaceProductPromoCond"/>
     </service>
     <service name="productPromoCondPartyID" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoCondServices.groovy" invoke="productPartyID">
         <description>Product promo condition service on party ID </description>
-        <implements service="interfaceProductPromoCond"/>
+        <implements service="interfaceProductPromoCond"/>
     </service>
     <service name="productPromoCondPartyGM" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoCondServices.groovy" invoke="productPartyGM">
         <description>Product promo condition service on party group member </description>
-        <implements service="interfaceProductPromoCond"/>
+        <implements service="interfaceProductPromoCond"/>
     </service>
     <service name="productPromoCondPartyClass" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoCondServices.groovy" invoke="productPartyClass">
         <description>Product promo condition service on party Classification </description>
-        <implements service="interfaceProductPromoCond"/>
+        <implements service="interfaceProductPromoCond"/>
     </service>
     <service name="productPromoCondRoleType" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoCondServices.groovy" invoke="productRoleType">
         <description>Product promo condition service on role type </description>
-        <implements service="interfaceProductPromoCond"/>
+        <implements service="interfaceProductPromoCond"/>
     </service>
     <service name="productPromoCondGeoID" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoCondServices.groovy" invoke="productGeoID">
         <description>Product promo condition service on shipping destination </description>
-        <implements service="interfaceProductPromoCond"/>
+        <implements service="interfaceProductPromoCond"/>
     </service>
     <service name="productPromoCondOrderTotal" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoCondServices.groovy" invoke="productOrderTotal">
         <description>Product promo condition service on cart sub-total </description>
-        <implements service="interfaceProductPromoCond"/>
+        <implements service="interfaceProductPromoCond"/>
     </service>
     <service name="productPromoCondOrderHist" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoCondServices.groovy" invoke="productOrderHist">
         <description>Product promo condition service on Order sub-total X in last Y Months </description>
-        <implements service="interfaceProductPromoCond"/>
+        <implements service="interfaceProductPromoCond"/>
     </service>
     <service name="productPromoCondOrderYear" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoCondServices.groovy" invoke="productOrderYear">
         <description>Product promo condition service on Order sub-total X since beginning of current year </description>
-        <implements service="interfaceProductPromoCond"/>
+        <implements service="interfaceProductPromoCond"/>
     </service>
     <service name="productPromoCondOrderLastYear" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoCondServices.groovy" invoke="productOrderLastYear">
         <description>Product promo condition service on Order sub-total X last year </description>
-        <implements service="interfaceProductPromoCond"/>
+        <implements service="interfaceProductPromoCond"/>
     </service>
     <service name="productPromoCondPromoRecurrence" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoCondServices.groovy" invoke="productPromoRecurrence">
@@ -451,17 +452,17 @@ under the License.
     <service name="productPromoCondOrderShipTotal" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoCondServices.groovy" invoke="productShipTotal">
         <description>Product promo condition service on promotion recurrence </description>
-        <implements service="interfaceProductPromoCond"/>
+        <implements service="interfaceProductPromoCond"/>
     </service>
     <service name="productPromoCondListPriceMinAmount" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoCondServices.groovy" invoke="productListPriceMinAmount">
         <description>Product promo condition service on shipping total </description>
-        <implements service="interfaceProductPromoCond"/>
+        <implements service="interfaceProductPromoCond"/>
     </service>
     <service name="productPromoCondListPriceMinPercent" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoCondServices.groovy" invoke="productListPriceMinPercent">
         <description>Product promo condition service on shipping total </description>
-        <implements service="interfaceProductPromoCond"/>
+        <implements service="interfaceProductPromoCond"/>
     </service>
 
     <!-- ProductPricePromoAction services -->
@@ -475,51 +476,51 @@ under the License.
     <service name="productPromoActGiftGWP" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoActionServices.groovy" invoke="productGWP">
         <description>Product promo Action gift with purchase </description>
-        <implements service="interfaceProductPromoAction"/>
+        <implements service="interfaceProductPromoAction"/>
     </service>
     <service name="productPromoActFreeShip" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoActionServices.groovy" invoke="productActFreeShip">
         <description>Product promo Action free shipping </description>
-        <implements service="interfaceProductPromoAction"/>
+        <implements service="interfaceProductPromoAction"/>
     </service>
     <service name="productPromoActProdDISC" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoActionServices.groovy" invoke="productDISC">
         <description>Product promo Action product discount % </description>
-        <implements service="interfaceProductPromoAction"/>
+        <implements service="interfaceProductPromoAction"/>
     </service>
     <service name="productPromoActProdAMDISC" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoActionServices.groovy" invoke="productAMDISC">
         <description>Product promo Action product discount </description>
-        <implements service="interfaceProductPromoAction"/>
+        <implements service="interfaceProductPromoAction"/>
     </service>
     <service name="productPromoActProdPrice" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoActionServices.groovy" invoke="productPrice">
         <description>Product promo Action product price </description>
-        <implements service="interfaceProductPromoAction"/>
+        <implements service="interfaceProductPromoAction"/>
     </service>
     <service name="productPromoActOrderPercent" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoActionServices.groovy" invoke="productOrderPercent">
         <description>Product promo Action order percent </description>
-        <implements service="interfaceProductPromoAction"/>
+        <implements service="interfaceProductPromoAction"/>
     </service>
     <service name="productPromoActOrderAmount" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoActionServices.groovy" invoke="productOrderAmount">
         <description>Product promo Action order amount </description>
-        <implements service="interfaceProductPromoAction"/>
+        <implements service="interfaceProductPromoAction"/>
     </service>
     <service name="productPromoActProdSpecialPrice" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoActionServices.groovy" invoke="productSpecialPrice">
         <description>Product promo Action product special price </description>
-        <implements service="interfaceProductPromoAction"/>
+        <implements service="interfaceProductPromoAction"/>
     </service>
     <service name="productPromoActTaxPercent" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoActionServices.groovy" invoke="productTaxPercent">
         <description>Product promo Action product tax percent </description>
-        <implements service="interfaceProductPromoAction"/>
+        <implements service="interfaceProductPromoAction"/>
     </service>
     <service name="productPromoActShipCharge" engine="groovy" auth="false"
             location="component://product/groovyScripts/product/promo/ProductPromoActionServices.groovy" invoke="productShipCharge">
         <description>Product promo Action product shipping charge </description>
-        <implements service="interfaceProductPromoAction"/>
+        <implements service="interfaceProductPromoAction"/>
     </service>
-</services>
+</services>

Free forum by Nabble Edit this page