user admin disables during batch run
Locked
user admin disables during batch run
 
|
Re: user admin disables during batch run
|
|
Hi Grant,
Other than the error below, what is that makes you think the admin user has been disabled? Is it possible that the userLogin being passed to the services accidentally gets changed at some point during execution? Regards Scott HotWax Media http://www.hotwaxmedia.com On 16/07/2009, at 8:46 PM, Grant Edwards wrote: > Hi, > > I have a batch program that I run as user admin. In a nutshell the > batch program reads data from a 3rd party and creates products, > parties etc ... > > It starts off fine, but at some point during the batch run the admin > password becomes disabled which causes some of the services required > by the batch run to fail. The first bit of the log below shows the > service createPartyContactMechPurpose working fine, the second bit > of the log shows the permission errors ocurring as a result of the > admin user been disabled. > > Any ideas on what is causing the admin user to disable?Any work > arounds? > > Kind regards > > Grant Edwards > > [PartyContactMechServices.xml#createPartyTelecomNumber] Creating > telecom number > [ContactMechServices.xml#createContactMech] Contact mech created > with id 12142 > Sync service [webtools/createTelecomNumber] finished in [103] > milliseconds > [PartyContactMechServices.xml#createPartyTelecomNumber] Copied id to > createPartyContactMechMap: 12142 > [CommonPermissionServices.xml#genericBasePermissionCheck] Checking > for primary permission PARTYMGR_CREATE > [CommonPermissionServices.xml#genericBasePermissionCheck] Checking > for alternate permission PARTYMGR_PCM_CREATE > [PartyContactMechServices.xml#createPartyContactMech] Contact > mechTypeId: 12142 already exists with value: for party: 8140 > Running Service ECA Service: createPartyContactMechPurpose, > triggered by rule on Service: createPartyContactMech > Sync service [webtools/createPartyTelecomNumber] finished in [223] > milliseconds > Setting ACCOUNTS_PARTY = EventsNow for productId = 8140 > Running Entity ECA Service: indexProductKeywords, triggered by rule > on Entity: Product > > > > > CommonPermissionServices.xml#genericBasePermissionCheck] Checking > for primary permission PARTYMGR_CREATE > [CommonPermissionServices.xml#genericBasePermissionCheck] Checking > for alternate permission PARTYMGR_PCM_CREATE > PartyContactMechServices.xml#createPartyContactMech] Contact > mechTypeId: 12144 already exists with value: for party: 8806 > Running Service ECA Service: createPartyContactMechPurpose, > triggered by rule on Service: createPartyContactMech > ResourceBundle ServiceErrorUiLabels (en) created in 0.135s with 6 > properties > ServiceDispatcher.java:530:ERROR] Error in Service > [createPartyContactMechPurpose]: You do not have permission to > perform this operation for this party. > 2009-07-16 10:12:58,615 (http-0.0.0.0-18443-1) > [ TransactionUtil.java:321:WARN ] > ---- exception report > ---------------------------------------------------------- > [TransactionUtil.setRollbackOnly] Calling transaction > setRollbackOnly; this stack trace shows where this is happening: > Exception: java.lang.Exception > Message: Error in Service [createPartyContactMechPurpose]: You do > not have permission to perform this operation for this party. > ---- stack trace > --------------------------------------------------------------- > java.lang.Exception: Error in Service > [createPartyContactMechPurpose]: You do not have permission to > perform this operation for this party. > org > .ofbiz > .entity > .transaction.TransactionUtil.setRollbackOnly(TransactionUtil.java:321) > > > |
smime.p7s (3K)
Re: user admin disables during batch run
|
|
Re: user admin disables during batch run
|
|
Are you talking about the statusId on the admin Party record? Even if
it is strange, that wouldn't cause the permission check to fail because it is dealing with the UserLogin record and even then hasEntityPermission just uses it to get the related UserLoginSecurityGroup records. Something strange is going on but I think you'll have to keep digging to get to the bottom of it. Regards Scott On 17/07/2009, at 12:40 AM, Grant Edwards wrote: > Hi Scott, > > Following on from your email I did some further digging ...... > > Prior to starting the batch run, check that the admin account is NOT > DISABLED. > For each row of data read from the 3rd party, a new transaction is > created. > As part of this transaction product, party and other entities are > created. Because the current transaction is not yet committed I am > unable to set the userLogin based on the new party, as a result I am > making use of the admin user to set the userLogin. At some point > during the processing the code below is called. > > partyId = 4641 userLogin = admin result = ok (1st row of data > processed) > partyId = 9423 userLogin = admin result = ok > partyId = 8140 userLogin = admin result = ok > partyId = 8806 userLogin = admin result = not ok (4th row of > data processed) > > Its is in processing the 4th row of data that the > serviceUtil.no_permission_to_operation error is thrown. > > While a break point set on this row stops execution, via a second > browser tab and the Party Manager Console I am able to see the the > user admin account is now DISABLED > > > ServiceUtil.getPartyIdCheckSecurity(.......) { > > ................... > > // <b>security check</b>: userLogin partyId must equal > partyId, or must have PARTYMGR_CREATE permission > if (!partyId.equals(userLogin.getString("partyId"))) { > if (!security.hasEntityPermission(secEntity, > secOperation, userLogin)) { > result.put(ModelService.RESPONSE_MESSAGE, > ModelService.RESPOND_ERROR); > String errMsg = > UtilProperties.getMessage(ServiceUtil.resource, > "serviceUtil.no_permission_to_operation", locale) + "."; > result.put(ModelService.ERROR_MESSAGE, errMsg); > return partyId; > } > } > > .............................. > > } > > Any help would be appreciated. > > Kind regards > > Grant Edwards > > > > > > ________________________________ > From: Scott Gray <[hidden email]> > To: [hidden email] > Sent: Thursday, July 16, 2009 12:54:13 PM > Subject: Re: user admin disables during batch run > > Hi Grant, > > Other than the error below, what is that makes you think the admin > user has been disabled? Is it possible that the userLogin being > passed to the services accidentally gets changed at some point > during execution? > > Regards > Scott > > HotWax Media > http://www.hotwaxmedia.com > > On 16/07/2009, at 8:46 PM, Grant Edwards wrote: > >> Hi, >> >> I have a batch program that I run as user admin. In a nutshell the >> batch program reads data from a 3rd party and creates products, >> parties etc ... >> >> It starts off fine, but at some point during the batch run the >> admin password becomes disabled which causes some of the services >> required by the batch run to fail. The first bit of the log below >> shows the service createPartyContactMechPurpose working fine, the >> second bit of the log shows the permission errors ocurring as a >> result of the admin user been disabled. >> >> Any ideas on what is causing the admin user to disable?Any work >> arounds? >> >> Kind regards >> >> Grant Edwards >> >> [PartyContactMechServices.xml#createPartyTelecomNumber] Creating >> telecom number >> [ContactMechServices.xml#createContactMech] Contact mech created >> with id 12142 >> Sync service [webtools/createTelecomNumber] finished in [103] >> milliseconds >> [PartyContactMechServices.xml#createPartyTelecomNumber] Copied id >> to createPartyContactMechMap: 12142 >> [CommonPermissionServices.xml#genericBasePermissionCheck] Checking >> for primary permission PARTYMGR_CREATE >> [CommonPermissionServices.xml#genericBasePermissionCheck] Checking >> for alternate permission PARTYMGR_PCM_CREATE >> [PartyContactMechServices.xml#createPartyContactMech] Contact >> mechTypeId: 12142 already exists with value: for party: 8140 >> Running Service ECA Service: createPartyContactMechPurpose, >> triggered by rule on Service: createPartyContactMech >> Sync service [webtools/createPartyTelecomNumber] finished in [223] >> milliseconds >> Setting ACCOUNTS_PARTY = EventsNow for productId = 8140 >> Running Entity ECA Service: indexProductKeywords, triggered by rule >> on Entity: Product >> >> >> >> >> CommonPermissionServices.xml#genericBasePermissionCheck] Checking >> for primary permission PARTYMGR_CREATE >> [CommonPermissionServices.xml#genericBasePermissionCheck] Checking >> for alternate permission PARTYMGR_PCM_CREATE >> PartyContactMechServices.xml#createPartyContactMech] Contact >> mechTypeId: 12144 already exists with value: for party: 8806 >> Running Service ECA Service: createPartyContactMechPurpose, >> triggered by rule on Service: createPartyContactMech >> ResourceBundle ServiceErrorUiLabels (en) created in 0.135s with 6 >> properties >> ServiceDispatcher.java:530:ERROR] Error in Service >> [createPartyContactMechPurpose]: You do not have permission to >> perform this operation for this party. >> 2009-07-16 10:12:58,615 (http-0.0.0.0-18443-1) >> [ TransactionUtil.java:321:WARN ] >> ---- exception report >> ---------------------------------------------------------- >> [TransactionUtil.setRollbackOnly] Calling transaction >> setRollbackOnly; this stack trace shows where this is happening: >> Exception: java.lang.Exception >> Message: Error in Service [createPartyContactMechPurpose]: You do >> not have permission to perform this operation for this party. >> ---- stack trace >> --------------------------------------------------------------- >> java.lang.Exception: Error in Service >> [createPartyContactMechPurpose]: You do not have permission to >> perform this operation for this party. >> org >> .ofbiz >> .entity >> .transaction.TransactionUtil.setRollbackOnly(TransactionUtil.java: >> 321) >> >> >> > > |
Re: user admin disables during batch run
|
|
| Free forum by Nabble | Edit this page |