details: https://code.openbravo.com/erp/devel/pi/rev/1a11093927b5 changeset: 34877:1a11093927b5 user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Tue Sep 11 13:41:42 2018 +0200 summary: [session] OBContext is set in session so it should be Serializable
details: https://code.openbravo.com/erp/devel/pi/rev/82f52d651e98 changeset: 34878:82f52d651e98 user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Tue Sep 11 13:50:50 2018 +0200 summary: [session] simplified OBContext serialization/deserialization: * using transient fields rather than nullifying them on serialization * everything is transient except the IDs required to recalculate the full thing: -userID -roleID -clientID -orgID -warehouseID -langID * on deserialization use those fields to calculate the rest details: https://code.openbravo.com/erp/devel/pi/rev/ab12d3e48af1 changeset: 34879:ab12d3e48af1 user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Tue Sep 11 13:51:29 2018 +0200 summary: [session] do not set same OBContext in session on each request details: https://code.openbravo.com/erp/devel/pi/rev/8a06b19a165e changeset: 34880:8a06b19a165e user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Tue Sep 11 13:52:37 2018 +0200 summary: [session] added OBContext.serialVersionUID details: https://code.openbravo.com/erp/devel/pi/rev/91970b88923f changeset: 34881:91970b88923f user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Mon Oct 01 13:17:38 2018 +0200 summary: [session] OBError and FieldProvider are now Serializable They are set in session by 2.50 processes. details: https://code.openbravo.com/erp/devel/pi/rev/7a6a38157e07 changeset: 34882:7a6a38157e07 user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Thu Oct 04 08:35:43 2018 +0200 summary: [session] FIC sets strings in session details: https://code.openbravo.com/erp/devel/pi/rev/d53a44d89b87 changeset: 34883:d53a44d89b87 user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Thu Oct 04 08:39:17 2018 +0200 summary: [session] Deprecated VariablesBase.setSessionObject(String, Object) It's now replaced by VariablesBase.setSessionObject(String,Serializable) in order to easier detect cases of no Serializable objects set in session. details: https://code.openbravo.com/erp/devel/pi/rev/64dea4e7840a changeset: 34884:64dea4e7840a user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Thu Oct 04 08:45:14 2018 +0200 summary: [session] PrintController sets reports in session - Changed variable definition from generic Map to Serializable HashMap - Report is now Serializable details: https://code.openbravo.com/erp/devel/pi/rev/5e73c1b521a2 changeset: 34885:5e73c1b521a2 user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Thu Oct 04 09:14:32 2018 +0200 summary: [session] MMC sets objects in session they're now Serializable details: https://code.openbravo.com/erp/devel/pi/rev/a206630ce914 changeset: 34886:a206630ce914 user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Thu Oct 04 09:26:31 2018 +0200 summary: [session] OSP must ensure it's initialized before getting organizations details: https://code.openbravo.com/erp/devel/pi/rev/622ba0df6432 changeset: 34887:622ba0df6432 user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Thu Oct 04 10:19:17 2018 +0200 summary: [session] warn: missing serialVersionUID in sqlc generated FieldProviders details: https://code.openbravo.com/erp/devel/pi/rev/af182976dcf0 changeset: 34888:af182976dcf0 user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Thu Oct 04 11:28:40 2018 +0200 summary: [session] remove warning in manual FieldProviders details: https://code.openbravo.com/erp/devel/pi/rev/7588c0a031a8 changeset: 34889:7588c0a031a8 user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Thu Oct 04 14:16:09 2018 +0200 summary: [sesion] added test cases for OBContext serialization details: https://code.openbravo.com/erp/devel/pi/rev/13ea651ecddd changeset: 34890:13ea651ecddd user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Thu Oct 04 14:16:24 2018 +0200 summary: [session] OBContext.additionalWritableOrganizations is transient details: https://code.openbravo.com/erp/devel/pi/rev/fb17acbdbc19 changeset: 34891:fb17acbdbc19 user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Tue Oct 09 09:23:06 2018 +0200 summary: [session] removed some redudancies details: https://code.openbravo.com/erp/devel/pi/rev/906638c95af6 changeset: 34892:906638c95af6 user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Tue Oct 09 09:26:17 2018 +0200 summary: [session] updated copyright details: https://code.openbravo.com/erp/devel/pi/rev/bbdb0b65eb6c changeset: 34893:bbdb0b65eb6c user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Tue Oct 09 10:12:13 2018 +0200 summary: [session] reorganize and clean up some useless comments details: https://code.openbravo.com/erp/devel/pi/rev/629e6710431e changeset: 34894:629e6710431e user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Tue Oct 09 10:15:50 2018 +0200 summary: [session] when session replication is active context will be often serialized don't create log String if not needed details: https://code.openbravo.com/erp/devel/pi/rev/acbe13c356ad changeset: 34895:acbe13c356ad user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Mon Oct 22 13:03:17 2018 +0200 summary: [session] removed sysouts details: https://code.openbravo.com/erp/devel/pi/rev/fdc6535b17f6 changeset: 34896:fdc6535b17f6 user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Mon Oct 22 13:05:48 2018 +0200 summary: [session] fixed assertions details: https://code.openbravo.com/erp/devel/pi/rev/11b1c20873a2 changeset: 34897:11b1c20873a2 user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Mon Oct 22 13:07:45 2018 +0200 summary: [session] typos in method names details: https://code.openbravo.com/erp/devel/pi/rev/76ac6dc7b181 changeset: 34898:76ac6dc7b181 user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Mon Oct 22 13:10:30 2018 +0200 summary: [session] moved test cases to previous OBContextTest class details: https://code.openbravo.com/erp/devel/pi/rev/b5be74965f9c changeset: 34899:b5be74965f9c user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Mon Oct 22 13:33:27 2018 +0200 summary: [session] don't use fully qualified names in method params details: https://code.openbravo.com/erp/devel/pi/rev/81abb68df45a changeset: 34900:81abb68df45a user: Asier Lostalé <asier.lostale <at> openbravo.com> date: Mon Oct 22 14:27:12 2018 +0200 summary: fixed issue 39400: Openbravo session is now Serializable diffstat: build.xml | 32 +- modules/org.openbravo.client.application/src/org/openbravo/client/application/navigationbarcomponents/UserInfoWidgetActionHandler.java | 15 +- modules/org.openbravo.client.application/src/org/openbravo/client/application/process/ResponseActionsBuilder.java | 30 +- modules/org.openbravo.client.application/src/org/openbravo/client/application/window/FormInitializationComponent.java | 5 +- modules/org.openbravo.client.application/web/org.openbravo.client.application/js/form/ob-view-form-notes.js | 5 +- modules/org.openbravo.client.application/web/org.openbravo.client.application/js/form/ob-view-form.js | 17 +- modules/org.openbravo.client.application/web/org.openbravo.client.application/js/main/ob-standard-view-datasource.js | 5 + modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/ApplicationDynamicComponent.java | 7 +- modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/templates/application-dynamic-js.ftl | 5 +- modules/org.openbravo.service.datasource/src/org/openbravo/service/datasource/DataSourceServlet.java | 46 +- modules/org.openbravo.service.datasource/web/org.openbravo.service.datasource/js/ob-datasource-utilities.js | 32 +- modules/org.openbravo.service.json/src/org/openbravo/service/json/JsonConstants.java | 3 +- modules/org.openbravo.userinterface.smartclient/web/org.openbravo.userinterface.smartclient/js/ob-smartclient.js | 2 +- referencedata/sampledata/QA_Testing/AD_PINSTANCE.xml | 32 + referencedata/sampledata/QA_Testing/AD_PROCESS_REQUEST.xml | 36 + referencedata/sampledata/QA_Testing/AD_SEQUENCE.xml | 2 +- referencedata/sampledata/QA_Testing/C_ORDER.xml | 65 + referencedata/sampledata/QA_Testing/C_ORDERLINE.xml | 48 + referencedata/sampledata/QA_Testing/C_ORDERLINETAX.xml | 17 + referencedata/sampledata/QA_Testing/C_ORDERTAX.xml | 16 + referencedata/sampledata/QA_Testing/M_PRODUCT.xml | 4 +- referencedata/sampledata/QA_Testing/M_STORAGE_PENDING.xml | 17 + src-core/src/org/openbravo/base/MultipartRequest.java | 3 +- src-core/src/org/openbravo/base/VariablesBase.java | 12 +- src-core/src/org/openbravo/data/FieldProvider.java | 6 +- src-core/src/org/openbravo/data/Sqlc.java | 4 +- src-core/src/org/openbravo/uiTranslation/FieldGroupLabelsData.java | 3 +- src-core/src/org/openbravo/uiTranslation/FieldLabelsData.java | 3 +- src-core/src/org/openbravo/uiTranslation/InterfaceModuleInfoData.java | 3 +- src-core/src/org/openbravo/uiTranslation/InterfaceTrlInfoData.java | 3 +- src-core/src/org/openbravo/uiTranslation/ProcessLabelsData.java | 3 +- src-core/src/org/openbravo/uiTranslation/TextInterfacesData.java | 3 +- src-db/database/model/functions/M_RESERVATION_CONSUMPTION.xml | 14 +- src-db/database/model/tables/C_ORDERLINE.xml | 9 + src-db/database/model/triggers/C_DOCTYPE_TRG.xml | 14 + src-db/database/model/triggers/C_ORDERLINE_TRG.xml | 13 + src-db/database/model/triggers/C_ORDERLINE_TRG2.xml | 5 +- src-db/database/model/triggers/C_ORDER_TRG.xml | 26 +- src-db/database/model/triggers/M_MOVEMENTLINE_TRG.xml | 2 +- src-db/database/model/views/M_RM_RECEIPT_PICK_EDIT.xml | 2 +- src-db/database/sourcedata/AD_COLUMN.xml | 38 + src-db/database/sourcedata/AD_ELEMENT.xml | 14 + src-db/database/sourcedata/AD_MESSAGE.xml | 12 + src-test/src/org/openbravo/test/AllAntTaskTests.java | 3 +- src-test/src/org/openbravo/test/AllQuickAntTaskTests.java | 2 +- src-test/src/org/openbravo/test/AllTests.java | 2 +- src-test/src/org/openbravo/test/AllWebserviceTests.java | 4 +- src-test/src/org/openbravo/test/AntTaskTests.java | 2 +- src-test/src/org/openbravo/test/costing/utils/TestCostingConstants.java | 2 + src-test/src/org/openbravo/test/costing/utils/TestCostingUtils.java | 1978 ++++----- src-test/src/org/openbravo/test/dal/OBContextTest.java | 60 + src-test/src/org/openbravo/test/datasource/BaseDataSourceTestDal.java | 65 +- src-test/src/org/openbravo/test/datasource/BaseDataSourceTestNoDal.java | 22 +- src-test/src/org/openbravo/test/datasource/DataSourceSecurity.java | 26 +- src-test/src/org/openbravo/test/datasource/DatasourceTestUtil.java | 17 +- src-test/src/org/openbravo/test/datasource/TestNoteDatasource.java | 30 +- src-test/src/org/openbravo/test/security/CSRFAttackTest.java | 133 + src-util/modulescript/build/classes/org/openbravo/modulescript/UpdateReturnLineInOrderLine.class | Bin src-util/modulescript/build/classes/org/openbravo/modulescript/UpdateReturnLineInOrderLineData.class | Bin src-util/modulescript/src/org/openbravo/modulescript/UpdateReturnLineInOrderLine.java | 55 + src-util/modulescript/src/org/openbravo/modulescript/UpdateReturnLineInOrderLine_data.xsql | 39 + src/org/openbravo/authentication/AuthenticationManager.java | 13 + src/org/openbravo/authentication/basic/DefaultAuthenticationManager.java | 2 + src/org/openbravo/base/secureApp/DefaultValuesData.java | 6 +- src/org/openbravo/base/secureApp/HttpSecureAppServlet.java | 7 +- src/org/openbravo/base/secureApp/LoginHandler.java | 1 + src/org/openbravo/base/secureApp/LoginUtils.java | 5 +- src/org/openbravo/common/actionhandler/CashflowForecast_data.xsql | 3 +- src/org/openbravo/dal/core/OBContext.java | 176 +- src/org/openbravo/dal/security/OrganizationStructureProvider.java | 1 + src/org/openbravo/erpCommon/ad_actionButton/CreateFrom.java | 6 +- src/org/openbravo/erpCommon/ad_forms/MaturityLevel.java | 7 +- src/org/openbravo/erpCommon/ad_forms/SQLExecutor_Query.java | 1 + src/org/openbravo/erpCommon/ad_forms/ShowSessionVariablesStructureData.java | 3 +- src/org/openbravo/erpCommon/ad_help/HelpWindow.java | 3 +- src/org/openbravo/erpCommon/ad_process/UpdateActuals.java | 28 +- src/org/openbravo/erpCommon/ad_reports/ReportBudgetExportExcel.java | 16 +- src/org/openbravo/erpCommon/ad_reports/ReportTrialBalanceExcel.jrxml | 20 +- src/org/openbravo/erpCommon/ad_reports/SummaryProductCategory.java | 3 +- src/org/openbravo/erpCommon/businessUtility/COAData.java | 3 +- src/org/openbravo/erpCommon/modules/ImportModule.java | 6 +- src/org/openbravo/erpCommon/utility/FieldProviderFactory.java | 3 +- src/org/openbravo/erpCommon/utility/OBError.java | 6 +- src/org/openbravo/erpCommon/utility/OBObjectFieldProvider.java | 3 +- src/org/openbravo/erpCommon/utility/SQLReturnObject.java | 3 +- src/org/openbravo/erpCommon/utility/SetPriorityCategoryData.java | 3 +- src/org/openbravo/erpCommon/utility/SimpleFieldProvider.java | 4 +- src/org/openbravo/erpCommon/utility/TreeUtility.java | 65 +- src/org/openbravo/erpCommon/utility/reporting/Report.java | 6 +- src/org/openbravo/erpCommon/utility/reporting/printing/AttachContent.java | 3 +- src/org/openbravo/erpCommon/utility/reporting/printing/PrintController.java | 19 +- src/org/openbravo/erpReports/ReportTaxPaymentJR.java | 3 +- src/org/openbravo/erpReports/ReportVatRegisterJR.java | 3 +- src/org/openbravo/service/system/ReloadContext.java | 78 - 94 files changed, 2156 insertions(+), 1426 deletions(-) diffs (truncated from 6728 to 300 lines): diff -r ba9ef09516cf -r 81abb68df45a build.xml --- a/build.xml Tue Oct 02 09:43:11 2018 +0200 +++ b/build.xml Mon Oct 22 14:27:12 2018 +0200 @@ -426,11 +426,6 @@ <ant dir="${base.db}" target="setApplied" inheritAll="true" inheritRefs="true" /> <antcall target="build.deploy" /> <updatesystemstatuswhennot v="RB51" previous="RB12"/> - <!-- only restart tomcat if the restart prop was set to true --> - <condition property="dorestart"> - <istrue value="${restart}" /> - </condition> - <antcall target="if.restart.tomcat" /> </target> <target name="update.database.if.no.local" if="no.local"> @@ -459,10 +454,6 @@ <antcall target="war" /> </target> - <target name="if.restart.tomcat" if="dorestart"> - <antcall target="tomcat.restart" /> - </target> - <target name="compile" depends="init,core.lib, wad.lib, trl.lib"> <ant dir="${base.src}" target="compile" inheritAll="true" inheritRefs="true" /> </target> @@ -807,7 +798,7 @@ This task is called from the Openbravo ui, it spawns a java call which again calls the restart.tomcat.do task as a spawned task. --> - <target name="tomcat.restart" description="Restart the tomcat server process"> + <target name="tomcat.restart"> <echo message="Restarting tomcat..." /> <java classname="org.openbravo.service.system.RestartTomcat" spawn="true" fork="true" maxmemory="${build.maxmemory}"> <arg line="${base.src}" /> @@ -818,7 +809,7 @@ <!-- Is called by the org.openbravo.service.system.RestartTomcat class. --> - <target name="tomcat.restart.do" description="Restart the tomcat server process"> + <target name="tomcat.restart.do"> <echo message="Restarting Tomcat at ${env.CATALINA_HOME}" /> <java classname="org.apache.catalina.startup.Bootstrap" fork="true"> <classpath path=":${env.CATALINA_HOME}/bin/bootstrap.jar:${env.CATALINA_HOME}/bin/commons-logging-api.jar:${env.CATALINA_HOME}/bin/tomcat-juli.jar" /> @@ -844,25 +835,6 @@ </java> </target> - <!-- - This task is called from the Openbravo ui, it spawns a java call which again - calls the tomcat.reload.do task as a spawned task. - --> - <target name="tomcat.reload" description="Reload the Openbravo context"> - <echo message="Reloading webapp..." /> - <java classname="org.openbravo.service.system.ReloadContext" jvm="${env.JAVA_HOME}/bin/java" maxmemory="${build.maxmemory}" spawn="true" fork="true"> - <arg line="${base.src}" /> - <classpath refid="project.class.path" /> - </java> - </target> - - <target name="tomcat.reload.do"> - <taskdef name="reload" classname="org.apache.catalina.ant.ReloadTask"> - <classpath refid="project.class.path" /> - </taskdef> - <reload url="${tomcat.manager.url}" username="${tomcat.manager.username}" password="${tomcat.manager.password}" path="/${context.name}" /> - </target> - <target name="tomcat.list"> <taskdef name="list" classname="org.apache.catalina.ant.ListTask"> <classpath refid="project.class.path" /> diff -r ba9ef09516cf -r 81abb68df45a modules/org.openbravo.client.application/src/org/openbravo/client/application/navigationbarcomponents/UserInfoWidgetActionHandler.java --- a/modules/org.openbravo.client.application/src/org/openbravo/client/application/navigationbarcomponents/UserInfoWidgetActionHandler.java Tue Oct 02 09:43:11 2018 +0200 +++ b/modules/org.openbravo.client.application/src/org/openbravo/client/application/navigationbarcomponents/UserInfoWidgetActionHandler.java Mon Oct 22 14:27:12 2018 +0200 @@ -225,6 +225,9 @@ // ugly inheriting from HttpSecureAppServlet because it provides a number of methods... private static class UserSessionSetter extends HttpSecureAppServlet { private static final long serialVersionUID = 1L; + private static final String TEXT_DIRECTION = "#TextDirection"; + private static final String SESSION_ID = "#AD_Session_ID"; + private static final String AUTHENTICATED_USER = "#Authenticated_user"; private void resetSession(HttpServletRequest request, boolean isDefault, String userId, String roleId, String clientId, String organizationId, String languageId, @@ -232,9 +235,9 @@ final VariablesSecureApp vars = new VariablesSecureApp(request); // refresh final Language language = OBDal.getInstance().get(Language.class, languageId); if (language.isRTLLanguage()) { - vars.setSessionValue("#TextDirection", "RTL"); + vars.setSessionValue(TEXT_DIRECTION, "RTL"); } else { - vars.setSessionValue("#TextDirection", "LTR"); + vars.setSessionValue(TEXT_DIRECTION, "LTR"); } if (isDefault) { @@ -259,11 +262,11 @@ } // Clear session variables maintaining session and user - String sessionID = vars.getSessionValue("#AD_Session_ID"); - String sessionUser = (String) request.getSession(true).getAttribute("#Authenticated_user"); + String sessionID = vars.getSessionValue(SESSION_ID); + String sessionUser = (String) request.getSession(true).getAttribute(AUTHENTICATED_USER); vars.clearSession(false); - vars.setSessionValue("#AD_Session_ID", sessionID); - request.getSession(true).setAttribute("#Authenticated_user", sessionUser); + vars.setSessionValue(SESSION_ID, sessionID); + request.getSession(true).setAttribute(AUTHENTICATED_USER, sessionUser); OBDal.getInstance().flush(); boolean result = LoginUtils diff -r ba9ef09516cf -r 81abb68df45a modules/org.openbravo.client.application/src/org/openbravo/client/application/process/ResponseActionsBuilder.java --- a/modules/org.openbravo.client.application/src/org/openbravo/client/application/process/ResponseActionsBuilder.java Tue Oct 02 09:43:11 2018 +0200 +++ b/modules/org.openbravo.client.application/src/org/openbravo/client/application/process/ResponseActionsBuilder.java Mon Oct 22 14:27:12 2018 +0200 @@ -11,7 +11,7 @@ * under the License. * The Original Code is Openbravo ERP. * The Initial Developer of the Original Code is Openbravo SLU - * All portions are Copyright (C) 2017 Openbravo SLU + * All portions are Copyright (C) 2017-2018 Openbravo SLU * All Rights Reserved. * Contributor(s): ______________________________________. ************************************************************************ @@ -266,7 +266,33 @@ try { retryExecution = true; retryExecutionMsg = new JSONObject(); - retryExecutionMsg.put("msgType", msgType.getType()); + retryExecutionMsg.put("severity", msgType.getType()); + retryExecutionMsg.put("text", msgText); + } catch (JSONException ignore) { + } + return this; + } + + /** + * Allows to re-execute the process again, by enabling the process UI. This is useful to do + * backend validations as this allows the user to fix data and resubmit again. In addition, a + * message will be displayed with the severity, title and text specified with the parameters of + * this method. + * + * @param msgType + * The message type. + * @param msgTitle + * The title of the message. + * @param msgText + * The text of the message. + * @return a ResponseActionsBuilder configured to retry the process execution. + */ + public ResponseActionsBuilder retryExecution(MessageType msgType, String msgTitle, String msgText) { + try { + retryExecution = true; + retryExecutionMsg = new JSONObject(); + retryExecutionMsg.put("severity", msgType.getType()); + retryExecutionMsg.put("title", msgTitle); retryExecutionMsg.put("text", msgText); } catch (JSONException ignore) { } diff -r ba9ef09516cf -r 81abb68df45a modules/org.openbravo.client.application/src/org/openbravo/client/application/window/FormInitializationComponent.java --- a/modules/org.openbravo.client.application/src/org/openbravo/client/application/window/FormInitializationComponent.java Tue Oct 02 09:43:11 2018 +0200 +++ b/modules/org.openbravo.client.application/src/org/openbravo/client/application/window/FormInitializationComponent.java Mon Oct 22 14:27:12 2018 +0200 @@ -1371,8 +1371,9 @@ } private void setSessionValue(String key, Object value) { - log.debug("Setting session value. Key: " + key + " Value:" + value); - RequestContext.get().setSessionAttribute(key, value); + log.debug("Setting session value. Key: " + key + " Value:" + value + " - type " + + (value != null ? value.getClass() : null)); + RequestContext.get().setSessionAttribute(key, value != null ? value.toString() : null); } private void setRequestContextParameter(Field field, JSONObject jsonObj) { diff -r ba9ef09516cf -r 81abb68df45a modules/org.openbravo.client.application/web/org.openbravo.client.application/js/form/ob-view-form-notes.js --- a/modules/org.openbravo.client.application/web/org.openbravo.client.application/js/form/ob-view-form-notes.js Tue Oct 02 09:43:11 2018 +0200 +++ b/modules/org.openbravo.client.application/web/org.openbravo.client.application/js/form/ob-view-form-notes.js Mon Oct 22 14:27:12 2018 +0200 @@ -11,7 +11,7 @@ * under the License. * The Original Code is Openbravo ERP. * The Initial Developer of the Original Code is Openbravo SLU - * All portions are Copyright (C) 2011-2016 Openbravo SLU + * All portions are Copyright (C) 2011-2018 Openbravo SLU * All Rights Reserved. * Contributor(s): Valery Lezhebokov. ************************************************************************ @@ -205,6 +205,8 @@ organizationOfTheNote = this.notesForm.values.organization; } + noteDS.setCsrfToken(OB.User.csrfToken); + noteDS.addData({ 'client': OB.User.clientId, 'organization': organizationOfTheNote, @@ -235,6 +237,7 @@ } var noteDS = this.getNoteDataSource(); + noteDS.setCsrfToken(OB.User.csrfToken); var noteSection = this.parentElement.noteSection; isc.confirm(OB.I18N.getLabel('OBUIAPP_ConfirmRemoveNote'), function (clickedOK) { if (clickedOK) { diff -r ba9ef09516cf -r 81abb68df45a modules/org.openbravo.client.application/web/org.openbravo.client.application/js/form/ob-view-form.js --- a/modules/org.openbravo.client.application/web/org.openbravo.client.application/js/form/ob-view-form.js Tue Oct 02 09:43:11 2018 +0200 +++ b/modules/org.openbravo.client.application/web/org.openbravo.client.application/js/form/ob-view-form.js Mon Oct 22 14:27:12 2018 +0200 @@ -11,7 +11,7 @@ * under the License. * The Original Code is Openbravo ERP. * The Initial Developer of the Original Code is Openbravo SLU - * All portions are Copyright (C) 2010-2016 Openbravo SLU + * All portions are Copyright (C) 2010-2018 Openbravo SLU * All Rights Reserved. * Contributor(s): ______________________________________. ************************************************************************ @@ -2155,22 +2155,23 @@ }, redraw: function () { - var focusItemValue; + var focusItem, focusItemValue; this._isRedrawing = true; + focusItem = this.getFocusItem(); //fetch the focus item value as it is lost sometimes during reflow. Refer issue https://issues.openbravo.com/view.php?id=24960 - if (this.getFocusItem()) { - focusItemValue = this.getFocusItem().getValue(); + if (focusItem) { + focusItemValue = focusItem.getValue(); } this.Super('redraw', arguments); delete this._isRedrawing; //reset focus item value if lost - if (focusItemValue && this.getFocusItem() && this.getFocusItem().getValue() !== focusItemValue) { - this.getFocusItem().setValue(focusItemValue); + if (focusItemValue && focusItem && focusItem.getValue() !== focusItemValue) { + focusItem.setValue(focusItemValue); } // Restore the focus item if it has been deleted because it was a number and was mistaken as an UUID - if (this.getFocusItem() && this.getFocusItem().targetEntity !== null && (/^\d+$/).test(focusItemValue) && !this.getFocusItem().getElementValue() && (!this.getFocusItem().valueMap || !this.getFocusItem().valueMap[focusItemValue])) { - this.getFocusItem().setElementValue(focusItemValue); + if (focusItem && focusItem.targetEntity !== null && (/^\d+$/).test(focusItemValue) && !focusItem.getElementValue() && (!focusItem.valueMap || !focusItem.valueMap[focusItemValue])) { + focusItem.setElementValue(focusItemValue); } if (this.selectOnFocusStored) { diff -r ba9ef09516cf -r 81abb68df45a modules/org.openbravo.client.application/web/org.openbravo.client.application/js/main/ob-standard-view-datasource.js --- a/modules/org.openbravo.client.application/web/org.openbravo.client.application/js/main/ob-standard-view-datasource.js Tue Oct 02 09:43:11 2018 +0200 +++ b/modules/org.openbravo.client.application/web/org.openbravo.client.application/js/main/ob-standard-view-datasource.js Mon Oct 22 14:27:12 2018 +0200 @@ -81,6 +81,10 @@ requestProperties = requestProperties || {}; requestProperties.clientContext = requestProperties.clientContext || {}; + if (operationType === 'add' || operationType === 'update' || operationType === 'remove') { + this.setCsrfToken(OB.User.csrfToken); + } + // only update the values of the record itself but not of any referenced // entity if (operationType === 'update' || operationType === 'add') { @@ -133,6 +137,7 @@ sendOriginalIDBack: true, _extraProperties: this.getAdditionalProps() }; + isc.addProperties(newRequestProperties.params, additionalPara); if (!newRequestProperties.dataSource) { newRequestProperties.dataSource = this; diff -r ba9ef09516cf -r 81abb68df45a modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/ApplicationDynamicComponent.java --- a/modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/ApplicationDynamicComponent.java Tue Oct 02 09:43:11 2018 +0200 +++ b/modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/ApplicationDynamicComponent.java Mon Oct 22 14:27:12 2018 +0200 @@ -11,7 +11,7 @@ * under the License. * The Original Code is Openbravo ERP. * The Initial Developer of the Original Code is Openbravo SLU - * All portions are Copyright (C) 2010-2017 Openbravo SLU + * All portions are Copyright (C) 2010-2018 Openbravo SLU * All Rights Reserved. * Contributor(s): ______________________________________. ************************************************************************ @@ -170,4 +170,9 @@ strVersion += OBVersion.getInstance().getMP(); return strVersion; } + + public String getCsrfToken() { + String token = (String) RequestContext.get().getSessionAttribute("#CSRF_TOKEN"); + return token != null ? token : ""; + } } diff -r ba9ef09516cf -r 81abb68df45a modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/templates/application-dynamic-js.ftl --- a/modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/templates/application-dynamic-js.ftl Tue Oct 02 09:43:11 2018 +0200 +++ b/modules/org.openbravo.client.kernel/src/org/openbravo/client/kernel/templates/application-dynamic-js.ftl Mon Oct 22 14:27:12 2018 +0200 @@ -11,7 +11,7 @@ * under the License. * The Original Code is Openbravo ERP. * The Initial Developer of the Original Code is Openbravo SLU - * All portions are Copyright (C) 2009-2017 Openbravo SLU + * All portions are Copyright (C) 2009-2018 Openbravo SLU * All Rights Reserved. * Contributor(s): ______________________________________. _______________________________________________ Openbravo-commits mailing list Openbravo-commits@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openbravo-commits
