[
https://issues.apache.org/jira/browse/OFBIZ-2093?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bruno Busco updated OFBIZ-2093:
-------------------------------
Attachment: newPermToGroupCache.patch
Thank you Albert,
I tryed your suggestion and found that it fixes the bug.
I have attached a patch that implements what you suggest in a simpler way.
I have simply swapped the <create-value> and <call-bsh> tags so that now the
cache.remove is called with an untouched entity.
I cannot commit it but I have tested and I guess a committer will do it.
-Bruno
> bug when adding new permissions to group
> ----------------------------------------
>
> Key: OFBIZ-2093
> URL: https://issues.apache.org/jira/browse/OFBIZ-2093
> Project: OFBiz
> Issue Type: Bug
> Components: party
> Affects Versions: SVN trunk, Release Branch 4.0
> Reporter: Albert Mayo
> Priority: Minor
> Fix For: SVN trunk, Release Branch 4.0
>
> Attachments: newPermToGroupCache.patch
>
> Original Estimate: 0.5h
> Remaining Estimate: 0.5h
>
> *Problem*
> When I add a permission to a security group it will not be recognized
> immediately if the permission is already cached.
> Example:
> 1. Log in with testuser to the order manager and it fails and caches the
> permission.
> 2. Give the testuser the order manager view and OFBTOOLS_VIEW permissions and
> try to log in again. OFBiz will say the user still does not have permissions.
> *Reason:*
> I noticed the cache would update correctly when I take permissions away, but
> the cache wouldn't clear when I added new permissions. The
> addSecurityPermissionToSecurityGroup service
> (securityext/script/org/ofbiz/securityext/securitygroup/SecurityGroupServices.xml)
> attempts to remove the cached security group permission but it fails to find
> the key. The key given for cache removal is newEntity, but after the
> newEntity is created it contains all the entity's values (like the
> createdStamp and createdTxStamp). The cache key should only have the PK
> values.
> I still need to read the guidelines of contributing to the project, but below
> I put the fix I used on my ofbiz copy if someone wants to apply the fix
> sooner.
> *Fix:*
> Either you can call securityGroupPermissionCache.remove(newEntity) before the
> new <create-value value-name="newEntity"/> is called or you can make a
> lookupPKMap that only has the PK values and then use lookupPKMap to remove
> the permission cache.
> Here is what my new function looks like:
> {quote}
> <simple-method method-name="addSecurityPermissionToSecurityGroup"
> short-description="Add SecurityPermission To SecurityGroup">
> <check-permission permission="SECURITY"
> action="_CREATE"><fail-message message="Security Error: to run
> addSecurityPermissionToSecurityGroup you must have the SECURITY_CREATE or
> SECURITY_ADMIN permission"/></check-permission>
> <check-errors/>
> <make-value value-name="newEntity"
> entity-name="SecurityGroupPermission"/>
> <set-pk-fields map-name="parameters" value-name="newEntity"/>
> <create-value value-name="newEntity"/>
>
> <!-- newEntity will have all SecurityGroupPermission values, so must
> create a PK entity for cache lookup to work -->
> <make-value value-name="lookupPKMap"
> entity-name="SecurityGroupPermission"/>
> <set-pk-fields map-name="parameters" value-name="lookupPKMap"/>
>
> <!-- clear the org.ofbiz.security.Security object's custom cache by
> newEntity -->
> <call-bsh><![CDATA[
> org.ofbiz.security.Security.securityGroupPermissionCache.remove(lookupPKMap);
> ]]></call-bsh>
> </simple-method>
> {quote}
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
