svn commit: r686630 - in /ofbiz/trunk: applications/accounting/webapp
Locked
svn commit: r686630 - in /ofbiz/trunk: applications/accounting/webapp
 
|
Author: bibryam
Date: Sun Aug 17 11:51:26 2008 New Revision: 686630 URL: http://svn.apache.org/viewvc?rev=686630&view=rev Log: Fixed few requests which allow access to main page without authorization check. Modified: ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/controller.xml ofbiz/trunk/applications/content/webapp/content/WEB-INF/controller.xml ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/controller.xml ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/controller.xml ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/controller.xml ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/controller.xml ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/controller.xml ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/controller.xml ofbiz/trunk/applications/product/webapp/facility/WEB-INF/controller.xml ofbiz/trunk/specialpurpose/shark/webapp/shark/WEB-INF/controller.xml Modified: ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/controller.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/controller.xml?rev=686630&r1=686629&r2=686630&view=diff ============================================================================== --- ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/controller.xml (original) +++ ofbiz/trunk/applications/accounting/webapp/accounting/WEB-INF/controller.xml Sun Aug 17 11:51:26 2008 @@ -42,7 +42,7 @@ <!-- Request Mappings --> <request-map uri="view"> <security https="true" auth="false"/> - <response name="success" type="view" value="main"/> + <response name="success" type="request" value="main"/> </request-map> <request-map uri="authview"> <security https="true" auth="true"/> @@ -1761,16 +1761,19 @@ <response name="success" type="view" value="EditAgreementRoles"/> </request-map> <request-map uri="createAgreementRole"> + <security https="true" auth="true"/> <event type="service" invoke="createAgreementRole"/> <response name="success" type="view" value="EditAgreementRoles"/> <response name="error" type="view" value="EditAgreementRoles"/> </request-map> <request-map uri="updateAgreementRole"> + <security https="true" auth="true"/> <event type="service" invoke="updateAgreementRole"/> <response name="success" type="view" value="EditAgreementRoles"/> <response name="error" type="view" value="EditAgreementRoles"/> </request-map> <request-map uri="deleteAgreementRole"> + <security https="true" auth="true"/> <event type="service" invoke="deleteAgreementRole"/> <response name="success" type="view" value="EditAgreementRoles"/> <response name="error" type="view" value="EditAgreementRoles"/> Modified: ofbiz/trunk/applications/content/webapp/content/WEB-INF/controller.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/content/webapp/content/WEB-INF/controller.xml?rev=686630&r1=686629&r2=686630&view=diff ============================================================================== --- ofbiz/trunk/applications/content/webapp/content/WEB-INF/controller.xml (original) +++ ofbiz/trunk/applications/content/webapp/content/WEB-INF/controller.xml Sun Aug 17 11:51:26 2008 @@ -40,8 +40,8 @@ --> <!-- Request Mappings --> - <request-map uri="view"><security https="false" auth="false"/><response name="success" type="view" value="main"/></request-map> - <request-map uri="views"><security https="true" auth="false"/><response name="success" type="view" value="main"/></request-map> + <request-map uri="view"><security https="false" auth="false"/><response name="success" type="request" value="main"/></request-map> + <request-map uri="views"><security https="true" auth="false"/><response name="success" type="request" value="main"/></request-map> <request-map uri="chain"> <event type="java" path="org.ofbiz.webapp.event.TestEvent" invoke="test"/> @@ -872,7 +872,7 @@ <security auth="false" https="false"/> <event type="java" path="org.ofbiz.content.data.DataEvents" invoke="serveImage"/> <response name="success" type="none"/> - <response name="error" type="view" value="main"/> + <response name="error" type="request" value="main"/> </request-map> <request-map uri="stream"> <event type="java" path="org.ofbiz.content.data.DataEvents" invoke="serveObjectData"/> Modified: ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/controller.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/controller.xml?rev=686630&r1=686629&r2=686630&view=diff ============================================================================== --- ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/controller.xml (original) +++ ofbiz/trunk/applications/humanres/webapp/humanres/WEB-INF/controller.xml Sun Aug 17 11:51:26 2008 @@ -45,7 +45,7 @@ <!-- Request Mappings --> <request-map uri="view"> <security https="true" auth="false"/> - <response name="success" type="view" value="main"/> + <response name="success" type="request" value="main"/> </request-map> <request-map uri="authview"> <security https="true" auth="true"/> Modified: ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/controller.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/controller.xml?rev=686630&r1=686629&r2=686630&view=diff ============================================================================== --- ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/controller.xml (original) +++ ofbiz/trunk/applications/manufacturing/webapp/manufacturing/WEB-INF/controller.xml Sun Aug 17 11:51:26 2008 @@ -43,7 +43,7 @@ <!-- Request Mappings --> <request-map uri="view"> <security https="false" auth="false"/> - <response name="success" type="view" value="main"/> + <response name="success" type="request" value="main"/> </request-map> <request-map uri="authview"> Modified: ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/controller.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/controller.xml?rev=686630&r1=686629&r2=686630&view=diff ============================================================================== --- ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/controller.xml (original) +++ ofbiz/trunk/applications/marketing/webapp/marketing/WEB-INF/controller.xml Sun Aug 17 11:51:26 2008 @@ -42,7 +42,7 @@ <response name="success" type="view" value="MarketingReport"/> </request-map> - <request-map uri="view"><security https="true" auth="false"/><response name="success" type="view" value="main"/></request-map> + <request-map uri="view"><security https="true" auth="false"/><response name="success" type="request" value="main"/></request-map> <request-map uri="authview"><security https="true" auth="true"/><response name="success" type="view" value="main"/></request-map> <request-map uri="main"><security https="true" auth="true"/><response name="success" type="view" value="main"/></request-map> Modified: ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/controller.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/controller.xml?rev=686630&r1=686629&r2=686630&view=diff ============================================================================== --- ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/controller.xml (original) +++ ofbiz/trunk/applications/order/webapp/ordermgr/WEB-INF/controller.xml Sun Aug 17 11:51:26 2008 @@ -43,7 +43,7 @@ <!-- Request Mappings --> <request-map uri="view"> <security https="false" auth="false"/> - <response name="success" type="view" value="main"/> + <response name="success" type="request" value="main"/> </request-map> <request-map uri="authview"> Modified: ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/controller.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/controller.xml?rev=686630&r1=686629&r2=686630&view=diff ============================================================================== --- ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/controller.xml (original) +++ ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/controller.xml Sun Aug 17 11:51:26 2008 @@ -41,7 +41,7 @@ --> <!-- Request Mappings --> - <request-map uri="view"><security https="true" auth="false"/><response name="success" type="view" value="main"/></request-map> + <request-map uri="view"><security https="true" auth="false"/><response name="success" type="request" value="main"/></request-map> <request-map uri="authview"><security https="true" auth="true"/><response name="success" type="view" value="main"/></request-map> <request-map uri="main"><security https="true" auth="true"/><response name="success" type="view" value="main"/></request-map> @@ -954,7 +954,7 @@ <security auth="false" https="false"/> <event type="java" path="org.ofbiz.content.data.DataEvents" invoke="serveImage"/> <response name="success" type="none"/> - <response name="error" type="view" value="main"/> + <response name="error" type="request" value="main"/> </request-map> <request-map uri="editCarrierAccount"> Modified: ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/controller.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/controller.xml?rev=686630&r1=686629&r2=686630&view=diff ============================================================================== --- ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/controller.xml (original) +++ ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/controller.xml Sun Aug 17 11:51:26 2008 @@ -43,7 +43,7 @@ <!-- Request Mappings --> <request-map uri="view"> <security https="true" auth="false"/> - <response name="success" type="view" value="main"/> + <response name="success" type="request" value="main"/> </request-map> <request-map uri="chain"> <event type="java" path="org.ofbiz.webapp.event.TestEvent" invoke="test"/> Modified: ofbiz/trunk/applications/product/webapp/facility/WEB-INF/controller.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/webapp/facility/WEB-INF/controller.xml?rev=686630&r1=686629&r2=686630&view=diff ============================================================================== --- ofbiz/trunk/applications/product/webapp/facility/WEB-INF/controller.xml (original) +++ ofbiz/trunk/applications/product/webapp/facility/WEB-INF/controller.xml Sun Aug 17 11:51:26 2008 @@ -43,7 +43,7 @@ <!-- Request Mappings --> <request-map uri="view"> <security https="true" auth="false"/> - <response name="success" type="view" value="main"/> + <response name="success" type="request" value="main"/> </request-map> <request-map uri="authview"> Modified: ofbiz/trunk/specialpurpose/shark/webapp/shark/WEB-INF/controller.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/shark/webapp/shark/WEB-INF/controller.xml?rev=686630&r1=686629&r2=686630&view=diff ============================================================================== --- ofbiz/trunk/specialpurpose/shark/webapp/shark/WEB-INF/controller.xml (original) +++ ofbiz/trunk/specialpurpose/shark/webapp/shark/WEB-INF/controller.xml Sun Aug 17 11:51:26 2008 @@ -75,14 +75,14 @@ <request-map uri="setSessionLocale"> <security https="true" auth="false"/> <event type="java" path="org.ofbiz.common.CommonEvents" invoke="setSessionLocale"/> - <response name="success" type="view" value="main"/> - <response name="error" type="view" value="main"/> + <response name="success" type="request" value="main"/> + <response name="error" type="request" value="main"/> </request-map> <request-map uri="setSessionTimeZone"> <security https="true" auth="false"/> <event type="java" path="org.ofbiz.common.CommonEvents" invoke="setSessionTimeZone"/> - <response name="success" type="view" value="main"/> - <response name="error" type="view" value="main"/> + <response name="success" type="request" value="main"/> + <response name="error" type="request" value="main"/> </request-map> <request-map uri="LookupLocales"> <security https="true" auth="false" /> @@ -96,7 +96,7 @@ <!-- Request Mappings --> <request-map uri="view"> <security https="false" auth="false"/> - <response name="success" type="view" value="main"/> + <response name="success" type="request" value="main"/> </request-map> <request-map uri="authview"> |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |