date:20141105


 [ 
https://issues.apache.org/jira/browse/OFBIZ-5853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Nicolas Malin reassigned OFBIZ-5853:


Assignee: Nicolas Malin

 The createPartyRole service does not check a duplicate key.
 ---

 Key: OFBIZ-5853
 URL: https://issues.apache.org/jira/browse/OFBIZ-5853
 Project: OFBiz
  Issue Type: Bug
  Components: party
Affects Versions: Trunk
Reporter: Supatthra Nawicha
Assignee: Nicolas Malin
Priority: Minor
 Fix For: Trunk

 Attachments: ofbizbug_CreatePartyroleService.diff


 The createPartyRole service is changed from minilang to entity-auto which 
 does not check a duplicate key. It effect to the 
 createPartyRelationshipContactAccount service which call the createPartyRole 
 service without check a duplicate key. And it might effect to other code that 
 call the createPartyRole service as well.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (OFBIZ-5853) The createPartyRole service does not check a duplicate key.


 [ 
https://issues.apache.org/jira/browse/OFBIZ-5853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Nicolas Malin updated OFBIZ-5853:
-
Attachment: OFBIZ-5853.patch

Hello Supatthra,

Thanks for your issue, can you try my patch correction, I prefer correct the 
caller instead of the service call.


 The createPartyRole service does not check a duplicate key.
 ---

 Key: OFBIZ-5853
 URL: https://issues.apache.org/jira/browse/OFBIZ-5853
 Project: OFBiz
  Issue Type: Bug
  Components: party
Affects Versions: Trunk
Reporter: Supatthra Nawicha
Assignee: Nicolas Malin
Priority: Minor
 Fix For: Trunk

 Attachments: OFBIZ-5853.patch, ofbizbug_CreatePartyroleService.diff


 The createPartyRole service is changed from minilang to entity-auto which 
 does not check a duplicate key. It effect to the 
 createPartyRelationshipContactAccount service which call the createPartyRole 
 service without check a duplicate key. And it might effect to other code that 
 call the createPartyRole service as well.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (OFBIZ-5800) Manage multi pk with sub-sequence on entity-auto


 [ 
https://issues.apache.org/jira/browse/OFBIZ-5800?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Nicolas Malin updated OFBIZ-5800:
-
Attachment: OFBIZ-5800.patch

New patch version with
 * test adaptation
 * centralize OUT service parameters after entity creation
 * update created/updated field after set all non pk field to ensure that the 
field manage only by ofbiz.

 Manage multi pk with sub-sequence on entity-auto
 

 Key: OFBIZ-5800
 URL: https://issues.apache.org/jira/browse/OFBIZ-5800
 Project: OFBiz
  Issue Type: Improvement
  Components: framework
Affects Versions: Trunk
Reporter: Nicolas Malin
Priority: Minor
  Labels: entity-auto
 Attachments: OFBIZ-5800.patch, OFBIZ-5800.patch


 Add the possibility to the entity-auto engine on the create action to manage 
 entities with more than 2 primary keys which one is under sub sequence or 
 fromDate, like PerfReview (employeePartyId,  employeeRoleTypeId, 
 *perfReviewId*) or PartyQual (partyId, partyQualTypeId, *fromDate*).
 Improve return message for the create action if the entity value exist and 
 the delete action if the entity value not exist instead of the database 
 message error.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Comment Edited] (OFBIZ-5800) Manage multi pk with sub-sequence on entity-auto


[ 
https://issues.apache.org/jira/browse/OFBIZ-5800?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14197843#comment-14197843
 ] 

Nicolas Malin edited comment on OFBIZ-5800 at 11/5/14 8:27 AM:
---

New patch version with
 * test adaptation
 * centralize OUT service parameters after entity creation
 * update created/updated[Date/UserLogin] fields after set all non pk field to 
ensure that fields manage only by ofbiz.


was (Author: soledad):
New patch version with
 * test adaptation
 * centralize OUT service parameters after entity creation
 * update created/updated field after set all non pk field to ensure that the 
field manage only by ofbiz.

 Manage multi pk with sub-sequence on entity-auto
 

 Key: OFBIZ-5800
 URL: https://issues.apache.org/jira/browse/OFBIZ-5800
 Project: OFBiz
  Issue Type: Improvement
  Components: framework
Affects Versions: Trunk
Reporter: Nicolas Malin
Priority: Minor
  Labels: entity-auto
 Attachments: OFBIZ-5800.patch, OFBIZ-5800.patch


 Add the possibility to the entity-auto engine on the create action to manage 
 entities with more than 2 primary keys which one is under sub sequence or 
 fromDate, like PerfReview (employeePartyId,  employeeRoleTypeId, 
 *perfReviewId*) or PartyQual (partyId, partyQualTypeId, *fromDate*).
 Improve return message for the create action if the entity value exist and 
 the delete action if the entity value not exist instead of the database 
 message error.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (OFBIZ-5853) The createPartyRole service does not check a duplicate key.

2014-11-05 Thread Supatthra Nawicha (JIRA)


[ 
https://issues.apache.org/jira/browse/OFBIZ-5853?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14197879#comment-14197879
 ] 

Supatthra Nawicha commented on OFBIZ-5853:
--

We use this service call external from OFBiz and do not want to change it. In 
general it is not a good practice to change a service in compatible with 
previous version. Please revert your change.

 The createPartyRole service does not check a duplicate key.
 ---

 Key: OFBIZ-5853
 URL: https://issues.apache.org/jira/browse/OFBIZ-5853
 Project: OFBiz
  Issue Type: Bug
  Components: party
Affects Versions: Trunk
Reporter: Supatthra Nawicha
Assignee: Nicolas Malin
Priority: Minor
 Fix For: Trunk

 Attachments: OFBIZ-5853.patch, ofbizbug_CreatePartyroleService.diff


 The createPartyRole service is changed from minilang to entity-auto which 
 does not check a duplicate key. It effect to the 
 createPartyRelationshipContactAccount service which call the createPartyRole 
 service without check a duplicate key. And it might effect to other code that 
 call the createPartyRole service as well.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (OFBIZ-5844) Convert java files to EntityQuery

2014-11-05 Thread Arun Patidar (JIRA)


 [ 
https://issues.apache.org/jira/browse/OFBIZ-5844?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Arun Patidar updated OFBIZ-5844:

Attachment: OFBIZ-5844-Party.patch

Converted java files of 'party' component to EntityQuery. Attached is the patch 
for the same.

 Convert java files to EntityQuery
 -

 Key: OFBIZ-5844
 URL: https://issues.apache.org/jira/browse/OFBIZ-5844
 Project: OFBiz
  Issue Type: Improvement
  Components: ALL COMPONENTS
Affects Versions: Trunk
Reporter: Arun Patidar
Priority: Minor
 Attachments: OFBIZ-5844-Party.patch


 Recently [~lektran] has been converted java files to use Entity Query methods 
 in place of Entity Engine methods. Components that has been converted are as 
 below:
 - content
 - humanres
 - manufacturing
 - ordermgr (partially converted)
 - Replaced findOne() method in all components
 And commit revisions are: r1635380, r1635381, r1635382 and r1635383
 Remaining components to be convert are:
 - product
 - party
 - commonext
 - securityext
 - workeffort
 - ordermgr (remaining part)
 - specialpurpose



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (OFBIZ-5844) Convert java files to EntityQuery

2014-11-05 Thread Scott Gray (JIRA)


[ 
https://issues.apache.org/jira/browse/OFBIZ-5844?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14197996#comment-14197996
 ] 

Scott Gray commented on OFBIZ-5844:
---

Hi Arun,

So far I've been taking the approach of inlining everything into the query 
that can be e.g. any variables that are used only in the query preparation such 
as select field lists, where conditions and order by lists; as well as any 
post-processing that could be done within the query itself such as 
EntityUtil.getFirst() or EntityUtil.filterByDate().  

Here's a few examples from the first few hunks of your patch 
(CommunicationEventServices.java):
Line 307: SetString fieldsToSelect = UtilMisc.toSet(partyId, 
preferredContactMechId, fromDate, infoString);
can be replaced inline by using EntityQuery.select(...):
EntityQuery.use(delegator).select(partyId, preferredContactMechId, 
fromDate, infoString).from(...)

Line 313: ListString orderBy = UtilMisc.toList(-fromDate);
can be replaced by using EntityQuery.orderBy(-fromDate)

Line 382: GenericValue contactListPartyStatus = 
EntityUtil.getFirst(contactListPartyStatuses);
can be replaced by using EntityQuery.queryFirst()

These are just a few examples of things to keep an eye out for.  In general I 
like to get as much of the processing into the query chain as possible so that 
you can quickly and easily see exactly what data is being returned and worked 
with.

 Convert java files to EntityQuery
 -

 Key: OFBIZ-5844
 URL: https://issues.apache.org/jira/browse/OFBIZ-5844
 Project: OFBiz
  Issue Type: Improvement
  Components: ALL COMPONENTS
Affects Versions: Trunk
Reporter: Arun Patidar
Priority: Minor
 Attachments: OFBIZ-5844-Party.patch


 Recently [~lektran] has been converted java files to use Entity Query methods 
 in place of Entity Engine methods. Components that has been converted are as 
 below:
 - content
 - humanres
 - manufacturing
 - ordermgr (partially converted)
 - Replaced findOne() method in all components
 And commit revisions are: r1635380, r1635381, r1635382 and r1635383
 Remaining components to be convert are:
 - product
 - party
 - commonext
 - securityext
 - workeffort
 - ordermgr (remaining part)
 - specialpurpose



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (OFBIZ-5844) Convert java files to EntityQuery

2014-11-05 Thread Arun Patidar (JIRA)


[ 
https://issues.apache.org/jira/browse/OFBIZ-5844?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14198131#comment-14198131
 ] 

Arun Patidar commented on OFBIZ-5844:
-

Thanks Scott for reviewing and feedback. I will update patch accordingly. 

 Convert java files to EntityQuery
 -

 Key: OFBIZ-5844
 URL: https://issues.apache.org/jira/browse/OFBIZ-5844
 Project: OFBiz
  Issue Type: Improvement
  Components: ALL COMPONENTS
Affects Versions: Trunk
Reporter: Arun Patidar
Priority: Minor
 Attachments: OFBIZ-5844-Party.patch


 Recently [~lektran] has been converted java files to use Entity Query methods 
 in place of Entity Engine methods. Components that has been converted are as 
 below:
 - content
 - humanres
 - manufacturing
 - ordermgr (partially converted)
 - Replaced findOne() method in all components
 And commit revisions are: r1635380, r1635381, r1635382 and r1635383
 Remaining components to be convert are:
 - product
 - party
 - commonext
 - securityext
 - workeffort
 - ordermgr (remaining part)
 - specialpurpose



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (OFBIZ-5853) The createPartyRole service does not check a duplicate key.

2014-11-05 Thread Supatthra Nawicha (JIRA)


 [ 
https://issues.apache.org/jira/browse/OFBIZ-5853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Supatthra Nawicha updated OFBIZ-5853:
-
Attachment: (was: ofbizbug_CreatePartyroleService.diff)

 The createPartyRole service does not check a duplicate key.
 ---

 Key: OFBIZ-5853
 URL: https://issues.apache.org/jira/browse/OFBIZ-5853
 Project: OFBiz
  Issue Type: Bug
  Components: party
Affects Versions: Trunk
Reporter: Supatthra Nawicha
Assignee: Nicolas Malin
Priority: Minor
 Fix For: Trunk

 Attachments: OFBIZ-5853.patch, ofbizbug_CreatePartyroleService.diff


 The createPartyRole service is changed from minilang to entity-auto which 
 does not check a duplicate key. It effect to the 
 createPartyRelationshipContactAccount service which call the createPartyRole 
 service without check a duplicate key. And it might effect to other code that 
 call the createPartyRole service as well.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (OFBIZ-5853) The createPartyRole service does not check a duplicate key.

2014-11-05 Thread Supatthra Nawicha (JIRA)


 [ 
https://issues.apache.org/jira/browse/OFBIZ-5853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Supatthra Nawicha updated OFBIZ-5853:
-
Attachment: ofbizbug_CreatePartyroleService.diff

 The createPartyRole service does not check a duplicate key.
 ---

 Key: OFBIZ-5853
 URL: https://issues.apache.org/jira/browse/OFBIZ-5853
 Project: OFBiz
  Issue Type: Bug
  Components: party
Affects Versions: Trunk
Reporter: Supatthra Nawicha
Assignee: Nicolas Malin
Priority: Minor
 Fix For: Trunk

 Attachments: OFBIZ-5853.patch, ofbizbug_CreatePartyroleService.diff


 The createPartyRole service is changed from minilang to entity-auto which 
 does not check a duplicate key. It effect to the 
 createPartyRelationshipContactAccount service which call the createPartyRole 
 service without check a duplicate key. And it might effect to other code that 
 call the createPartyRole service as well.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

entitytests.testConverters failed on 1636820

2014-11-05 Thread Nicolas Malin

Hello during my test on entity-auto, the non regression entitytests 
faild on testConverters. I believed at first to an error from my local 
improvement but after a svn revert and run an other ant clean-all 
load-demo run-tests, I have one error :


org.ofbiz.entity.GenericEntityException: Error while inserting: 
[GenericEntity:Testing][createdStamp,2014-11-05 
09:33:30.509(java.sql.Timestamp)][createdTxStamp,2014-11-05 
09:33:30.509(java.sql.Timestamp)][description,Testing JSON 
Converters(java.lang.String)][lastUpdatedStamp,2014-11-05 
09:33:30.509(java.sql.Timestamp)][lastUpdatedTxStamp,2014-11-05 
09:33:30.509(java.sql.Timestamp)][testingDate,2014-11-05 
09:33:30.509(java.sql.Timestamp)][testingId,JSON_TEST(java.lang.String)][testingSize,123(java.lang.Long)][testingTypeId,TEST-UPDATE-1(java.lang.String)] 
(SQL Exception while executing the following:INSERT INTO OFBIZ.TESTING 
(TESTING_ID, TESTING_TYPE_ID, TESTING_NAME, DESCRIPTION, COMMENTS, 
TESTING_SIZE, TESTING_DATE, LAST_UPDATED_STAMP, LAST_UPDATED_TX_STAMP, 
CREATED_STAMP, CREATED_TX_STAMP) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 
?) (INSERT on table 'TESTING' caused a violation of foreign key 
constraint 'ENTITY_ENTY_TYP' for key (TEST-UPDATE-1). The statement has 
been rolled back.)) (Error while inserting: 
[GenericEntity:Testing][createdStamp,2014-11-05 
09:33:30.509(java.sql.Timestamp)][createdTxStamp,2014-11-05 
09:33:30.509(java.sql.Timestamp)][description,Testing JSON 
Converters(java.lang.String)][lastUpdatedStamp,2014-11-05 
09:33:30.509(java.sql.Timestamp)][lastUpdatedTxStamp,2014-11-05 
09:33:30.509(java.sql.Timestamp)][testingDate,2014-11-05 
09:33:30.509(java.sql.Timestamp)][testingId,JSON_TEST(java.lang.String)][testingSize,123(java.lang.Long)][testingTypeId,TEST-UPDATE-1(java.lang.String)] 
(SQL Exception while executing the following:INSERT INTO OFBIZ.TESTING 
(TESTING_ID, TESTING_TYPE_ID, TESTING_NAME, DESCRIPTION, COMMENTS, 
TESTING_SIZE, TESTING_DATE, LAST_UPDATED_STAMP, LAST_UPDATED_TX_STAMP, 
CREATED_STAMP, CREATED_TX_STAMP) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 
?) (INSERT on table 'TESTING' caused a violation of foreign key 
constraint 'ENTITY_ENTY_TYP' for key (TEST-UPDATE-1). The statement has 
been rolled back.)))


|org.ofbiz.entity.GenericEntityException: 
org.ofbiz.entity.GenericEntityException: Error while inserting: 
[GenericEntity:Testing][createdStamp,2014-11-05 
09:33:30.509(java.sql.Timestamp)][createdTxStamp,2014-11-05 
09:33:30.509(java.sql.Timestamp)][description,Testing JSON 
Converters(java.lang.String)][lastUpdatedStamp,2014-11-05 
09:33:30.509(java.sql.Timestamp)][lastUpdatedTxStamp,2014-11-05 
09:33:30.509(java.sql.Timestamp)][testingDate,2014-11-05 
09:33:30.509(java.sql.Timestamp)][testingId,JSON_TEST(java.lang.String)][testingSize,123(java.lang.Long)][testingTypeId,TEST-UPDATE-1(java.lang.String)] 
(SQL Exception while executing the following:INSERT INTO OFBIZ.TESTING 
(TESTING_ID, TESTING_TYPE_ID, TESTING_NAME, DESCRIPTION, COMMENTS, 
TESTING_SIZE, TESTING_DATE, LAST_UPDATED_STAMP, LAST_UPDATED_TX_STAMP, 
CREATED_STAMP, CREATED_TX_STAMP) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 
?) (INSERT on table 'TESTING' caused a violation of foreign key 
constraint 'ENTITY_ENTY_TYP' for key (TEST-UPDATE-1). The statement has 
been rolled back.)) (Error while inserting: 
[GenericEntity:Testing][createdStamp,2014-11-05 
09:33:30.509(java.sql.Timestamp)][createdTxStamp,2014-11-05 
09:33:30.509(java.sql.Timestamp)][description,Testing JSON 
Converters(java.lang.String)][lastUpdatedStamp,2014-11-05 
09:33:30.509(java.sql.Timestamp)][lastUpdatedTxStamp,2014-11-05 
09:33:30.509(java.sql.Timestamp)][testingDate,2014-11-05 
09:33:30.509(java.sql.Timestamp)][testingId,JSON_TEST(java.lang.String)][testingSize,123(java.lang.Long)][testingTypeId,TEST-UPDATE-1(java.lang.String)] 
(SQL Exception while executing the following:INSERT INTO OFBIZ.TESTING 
(TESTING_ID, TESTING_TYPE_ID, TESTING_NAME, DESCRIPTION, COMMENTS, 
TESTING_SIZE, TESTING_DATE, LAST_UPDATED_STAMP, LAST_UPDATED_TX_STAMP, 
CREATED_STAMP, CREATED_TX_STAMP) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 
?) (INSERT on table 'TESTING' caused a violation of foreign key 
constraint 'ENTITY_ENTY_TYP' for key (TEST-UPDATE-1). The statement has 
been rolled back.)))

at org.ofbiz.entity.GenericDelegator.create(GenericDelegator.java:923)
at org.ofbiz.entity.GenericDelegator.create(GenericDelegator.java:745)
at org.ofbiz.entity.GenericDelegator.create(GenericDelegator.java:731)
at 
org.ofbiz.entity.test.EntityTestSuite.testConverters(EntityTestSuite.java:1218)


|I'm only one ?

Nicolas
--

Nicolas Malin - Consultant - 06 17 66 40 06 - nereide.fr 
http://nereide.fr

[jira] [Commented] (OFBIZ-5848) Poodle-disable sslv3

[
https://issues.apache.org/jira/browse/OFBIZ-5848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14198344#comment-14198344
]

Jacques Le Roux commented on OFBIZ-5848:

Hi The Poodle fixer,

It was not only a Tomcat 7 issue. We had the same un trunk HEAD.

Following your indications in above links I found the solution for the trunk
and fixed vulnerabilty in trunk HEAD using TLSv1.2 as explained at the bottom
of this comment https://blogs.atlassian.com/2014/10/ssl-poodle/#comment-190966
The same apply to supported releases branches since they all use Tomcat 7.

Committed in
trunk r1636864
R13.07 1636866
R12.04 1636867

We will certainly have to evolve this in the future because this correction
forces the protocol to TLSv1.2

Thanks Poodle fixer :)

Poodle-disable sslv3

Key: OFBIZ-5848
URL: https://issues.apache.org/jira/browse/OFBIZ-5848
Project: OFBiz
Issue Type: Bug
Affects Versions: Trunk
Environment: unix
Reporter: Hrc Boston
Priority: Critical
Labels: patch, security

Hi there--
This topic seemed relevant because it is a major security issue that recently
came up and will affect many ecommerce sites for ofbiz.
I am in process of trying to disable sslv3 on our version of of
ofbiz 09-04, which uses tomcat 6.
This is to eliminate the security vulnerability from poodle bleed.
http://www.symantec.com/connect/blogs/ssl-30-vulnerability-poodle-bug-aka-poodlebleed
We have tried updating the of ofbiz-containers.xml file like below, but it
did not disable sslv3. Poodle is still there.
I have also seen fixes that update server.xml with something similar.
property name=sslProtocol value=TLS/
property name=sslEnabledProtocols value=TLSv1/
Has anyone else had luck fixing the poodle issue on Apache ofbiz version
09-04?
Or in any of biz products… where is the best place to fix this in of biz??
Thanks!
The Poodle fixer :)

--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Closed] (OFBIZ-5848) Poodle-disable sslv3

[
https://issues.apache.org/jira/browse/OFBIZ-5848?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jacques Le Roux closed OFBIZ-5848.
--
Resolution: Fixed
Fix Version/s: 13.07.02
12.04.06
Upcoming Branch
Assignee: Jacques Le Roux

Poodle-disable sslv3

Key: OFBIZ-5848
URL: https://issues.apache.org/jira/browse/OFBIZ-5848
Project: OFBiz
Issue Type: Bug
Affects Versions: Trunk
Environment: unix
Reporter: Hrc Boston
Assignee: Jacques Le Roux
Priority: Critical
Labels: patch, security
Fix For: Upcoming Branch, 12.04.06, 13.07.02

--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (OFBIZ-5848) Poodle-disable sslv3

[
https://issues.apache.org/jira/browse/OFBIZ-5848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14198355#comment-14198355
]

Jacques Le Roux commented on OFBIZ-5848:

I have also committed a fix for Tomcat 6 which might be used in appserver

trunk r1636869
R12.04 1636870

Poodle-disable sslv3

--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Re: entitytests.testConverters failed on 1636820

2014-11-05 Thread Jacopo Cappellato


On Nov 5, 2014, at 1:47 PM, Nicolas Malin nicolas.ma...@nereide.fr wrote:

 |I'm only one ?

I actually got it too a few days ago but it was intermittent. Since then it 
didn't happen again. I will have to further investigate.

Jacopo

Re: entitytests.testConverters failed on 1636820

2014-11-05 Thread Nicolas Malin


Le 05/11/2014 14:46, Jacopo Cappellato a écrit :

Since then it didn't happen again. I will have to further investigate.

No problem, I continue tomorrow my test and I will check it in the same time

Nicolas

Re: entitytests.testConverters failed on 1636820

2014-11-05 Thread Jacques Le Roux


Hi Nicolas,

Yes it's a new random error in testConverters indeed

I 1st sent this message http://markmail.org/message/yevxxy5k2bleqics Could help 
to trace the initial reason...

Thanks

Jacques


Le 05/11/2014 14:58, Nicolas Malin a écrit :

Le 05/11/2014 14:46, Jacopo Cappellato a écrit :

Since then it didn't happen again. I will have to further investigate.

No problem, I continue tomorrow my test and I will check it in the same time

Nicolas

Re: entitytests.testConverters failed on 1636820

2014-11-05 Thread Adrian Crum

I committed a fix in rev 1636896. Please let me know if it solves the 
problem.


Adrian Crum
Sandglass Software
www.sandglass-software.com

On 11/5/2014 12:47 PM, Nicolas Malin wrote:

Hello during my test on entity-auto, the non regression entitytests
faild on testConverters. I believed at first to an error from my local
improvement but after a svn revert and run an other ant clean-all
load-demo run-tests, I have one error :

org.ofbiz.entity.GenericEntityException: Error while inserting:
[GenericEntity:Testing][createdStamp,2014-11-05
09:33:30.509(java.sql.Timestamp)][createdTxStamp,2014-11-05
09:33:30.509(java.sql.Timestamp)][description,Testing JSON
Converters(java.lang.String)][lastUpdatedStamp,2014-11-05
09:33:30.509(java.sql.Timestamp)][lastUpdatedTxStamp,2014-11-05
09:33:30.509(java.sql.Timestamp)][testingDate,2014-11-05
09:33:30.509(java.sql.Timestamp)][testingId,JSON_TEST(java.lang.String)][testingSize,123(java.lang.Long)][testingTypeId,TEST-UPDATE-1(java.lang.String)]
(SQL Exception while executing the following:INSERT INTO OFBIZ.TESTING
(TESTING_ID, TESTING_TYPE_ID, TESTING_NAME, DESCRIPTION, COMMENTS,
TESTING_SIZE, TESTING_DATE, LAST_UPDATED_STAMP, LAST_UPDATED_TX_STAMP,
CREATED_STAMP, CREATED_TX_STAMP) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
?) (INSERT on table 'TESTING' caused a violation of foreign key
constraint 'ENTITY_ENTY_TYP' for key (TEST-UPDATE-1). The statement has
been rolled back.)) (Error while inserting:
[GenericEntity:Testing][createdStamp,2014-11-05
09:33:30.509(java.sql.Timestamp)][createdTxStamp,2014-11-05
09:33:30.509(java.sql.Timestamp)][description,Testing JSON
Converters(java.lang.String)][lastUpdatedStamp,2014-11-05
09:33:30.509(java.sql.Timestamp)][lastUpdatedTxStamp,2014-11-05
09:33:30.509(java.sql.Timestamp)][testingDate,2014-11-05
09:33:30.509(java.sql.Timestamp)][testingId,JSON_TEST(java.lang.String)][testingSize,123(java.lang.Long)][testingTypeId,TEST-UPDATE-1(java.lang.String)]
(SQL Exception while executing the following:INSERT INTO OFBIZ.TESTING
(TESTING_ID, TESTING_TYPE_ID, TESTING_NAME, DESCRIPTION, COMMENTS,
TESTING_SIZE, TESTING_DATE, LAST_UPDATED_STAMP, LAST_UPDATED_TX_STAMP,
CREATED_STAMP, CREATED_TX_STAMP) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
?) (INSERT on table 'TESTING' caused a violation of foreign key
constraint 'ENTITY_ENTY_TYP' for key (TEST-UPDATE-1). The statement has
been rolled back.)))

|org.ofbiz.entity.GenericEntityException:
org.ofbiz.entity.GenericEntityException: Error while inserting:
[GenericEntity:Testing][createdStamp,2014-11-05
09:33:30.509(java.sql.Timestamp)][createdTxStamp,2014-11-05
09:33:30.509(java.sql.Timestamp)][description,Testing JSON
Converters(java.lang.String)][lastUpdatedStamp,2014-11-05
09:33:30.509(java.sql.Timestamp)][lastUpdatedTxStamp,2014-11-05
09:33:30.509(java.sql.Timestamp)][testingDate,2014-11-05
09:33:30.509(java.sql.Timestamp)][testingId,JSON_TEST(java.lang.String)][testingSize,123(java.lang.Long)][testingTypeId,TEST-UPDATE-1(java.lang.String)]
(SQL Exception while executing the following:INSERT INTO OFBIZ.TESTING
(TESTING_ID, TESTING_TYPE_ID, TESTING_NAME, DESCRIPTION, COMMENTS,
TESTING_SIZE, TESTING_DATE, LAST_UPDATED_STAMP, LAST_UPDATED_TX_STAMP,
CREATED_STAMP, CREATED_TX_STAMP) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
?) (INSERT on table 'TESTING' caused a violation of foreign key
constraint 'ENTITY_ENTY_TYP' for key (TEST-UPDATE-1). The statement has
been rolled back.)) (Error while inserting:
[GenericEntity:Testing][createdStamp,2014-11-05
09:33:30.509(java.sql.Timestamp)][createdTxStamp,2014-11-05
09:33:30.509(java.sql.Timestamp)][description,Testing JSON
Converters(java.lang.String)][lastUpdatedStamp,2014-11-05
09:33:30.509(java.sql.Timestamp)][lastUpdatedTxStamp,2014-11-05
09:33:30.509(java.sql.Timestamp)][testingDate,2014-11-05
09:33:30.509(java.sql.Timestamp)][testingId,JSON_TEST(java.lang.String)][testingSize,123(java.lang.Long)][testingTypeId,TEST-UPDATE-1(java.lang.String)]
(SQL Exception while executing the following:INSERT INTO OFBIZ.TESTING
(TESTING_ID, TESTING_TYPE_ID, TESTING_NAME, DESCRIPTION, COMMENTS,
TESTING_SIZE, TESTING_DATE, LAST_UPDATED_STAMP, LAST_UPDATED_TX_STAMP,
CREATED_STAMP, CREATED_TX_STAMP) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?,
?) (INSERT on table 'TESTING' caused a violation of foreign key
constraint 'ENTITY_ENTY_TYP' for key (TEST-UPDATE-1). The statement has
been rolled back.)))
at org.ofbiz.entity.GenericDelegator.create(GenericDelegator.java:923)
at org.ofbiz.entity.GenericDelegator.create(GenericDelegator.java:745)
at org.ofbiz.entity.GenericDelegator.create(GenericDelegator.java:731)
at
org.ofbiz.entity.test.EntityTestSuite.testConverters(EntityTestSuite.java:1218)


|I'm only one ?

Nicolas

Re: entitytests.testConverters failed on 1636820

2014-11-05 Thread Nicolas Malin


BUILD SUCCESSFUL
Total time: 5 minutes 45 seconds

Thanks Adrian !

Nicolas

Le 05/11/2014 16:35, Adrian Crum a écrit :
I committed a fix in rev 1636896. Please let me know if it solves the 
problem.


Adrian Crum
Sandglass Software
www.sandglass-software.com

[jira] [Commented] (OFBIZ-5848) Poodle-disable sslv3

[
https://issues.apache.org/jira/browse/OFBIZ-5848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14198596#comment-14198596
]

Jacques Le Roux commented on OFBIZ-5848:

For those that are interested by this vulnerability here are 2 references for
browser and server sides:
https://en.wikipedia.org/wiki/Transport_Layer_Security#Web_browsers
https://wiki.mozilla.org/Security/Server_Side_TLS

In trunk and releases branches I forced the protocol to TLS 1.2. This is a moot
point (we could use TLS 1.0).

Good to know: most web browsers support TLS 1.0 (not enabled by default in
Internet Explorer 6).
Browsers that by default support the latest TLS 1.2 version are:
* Google Chrome 30+
* Mozilla Firefox 27+
* Microsoft Internet Explorer 11+
* Opera 17+
* Apple Safari 7+

But time will quickly pass, with modern browsers updated online. So since I was
forced to force a protocol version I picked the last one. Also because my tests
with nmap were clear/sure with TLS 1.1/2 but not TLS 1.0.

Poodle-disable sslv3

--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Comment Edited] (OFBIZ-5848) Poodle-disable sslv3

[
https://issues.apache.org/jira/browse/OFBIZ-5848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14198596#comment-14198596
]

Jacques Le Roux edited comment on OFBIZ-5848 at 11/5/14 5:51 PM:
-

For those who are interested by this vulnerability, here are 2 references for
browser and server sides:
https://en.wikipedia.org/wiki/Transport_Layer_Security#Web_browsers
https://wiki.mozilla.org/Security/Server_Side_TLS

In trunk and releases branches I forced the protocol to TLS 1.2. This is a moot
point (we could use TLS 1.0).

was (Author: jacques.le.roux):
For those that are interested by this vulnerability here are 2 references for
browser and server sides:
https://en.wikipedia.org/wiki/Transport_Layer_Security#Web_browsers
https://wiki.mozilla.org/Security/Server_Side_TLS

In trunk and releases branches I forced the protocol to TLS 1.2. This is a moot
point (we could use TLS 1.0).

Poodle-disable sslv3

--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (OFBIZ-5848) Poodle-disable sslv3

[
https://issues.apache.org/jira/browse/OFBIZ-5848?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Poodle Fixer updated OFBIZ-5848:

Description:
Hi there--

This topic seemed relevant because it is a major security issue that recently
came up and will affect many ecommerce sites for ofbiz.

I am in process of trying to disable sslv3 on our version of of
ofbiz uses tomcat 6.

This is to eliminate the security vulnerability from poodle bleed.
http://www.symantec.com/connect/blogs/ssl-30-vulnerability-poodle-bug-aka-poodlebleed

We have tried updating the of ofbiz-containers.xml file like below, but it
did not disable sslv3. Poodle is still there.

I have also seen fixes that update server.xml with something similar.

property name=sslProtocol value=TLS/
property name=sslEnabledProtocols value=TLSv1/

Has anyone else had luck fixing the poodle issue on Apache ofbiz?

Or in any of biz products… where is the best place to fix this in of biz??

Thanks!

The Poodle fixer :)

was:
Hi there--

This topic seemed relevant because it is a major security issue that recently
came up and will affect many ecommerce sites for ofbiz.

I am in process of trying to disable sslv3 on our version of of
ofbiz 09-04, which uses tomcat 6.

This is to eliminate the security vulnerability from poodle bleed.
http://www.symantec.com/connect/blogs/ssl-30-vulnerability-poodle-bug-aka-poodlebleed

We have tried updating the of ofbiz-containers.xml file like below, but it
did not disable sslv3. Poodle is still there.

I have also seen fixes that update server.xml with something similar.

property name=sslProtocol value=TLS/
property name=sslEnabledProtocols value=TLSv1/

Has anyone else had luck fixing the poodle issue on Apache ofbiz version
09-04?

Or in any of biz products… where is the best place to fix this in of biz??

Thanks!

The Poodle fixer :)

Poodle-disable sslv3

Key: OFBIZ-5848
URL: https://issues.apache.org/jira/browse/OFBIZ-5848
Project: OFBiz
Issue Type: Bug
Affects Versions: Trunk
Environment: unix
Reporter: Poodle Fixer
Assignee: Jacques Le Roux
Priority: Critical
Labels: patch, security
Fix For: Upcoming Branch, 12.04.06, 13.07.02

Hi there--
This topic seemed relevant because it is a major security issue that recently
came up and will affect many ecommerce sites for ofbiz.
I am in process of trying to disable sslv3 on our version of of
ofbiz uses tomcat 6.
This is to eliminate the security vulnerability from poodle bleed.
http://www.symantec.com/connect/blogs/ssl-30-vulnerability-poodle-bug-aka-poodlebleed
We have tried updating the of ofbiz-containers.xml file like below, but it
did not disable sslv3. Poodle is still there.
I have also seen fixes that update server.xml with something similar.
property name=sslProtocol value=TLS/
property name=sslEnabledProtocols value=TLSv1/
Has anyone else had luck fixing the poodle issue on Apache ofbiz?
Or in any of biz products… where is the best place to fix this in of biz??
Thanks!
The Poodle fixer :)

--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Comment Edited] (OFBIZ-5848) Poodle-disable sslv3

[
https://issues.apache.org/jira/browse/OFBIZ-5848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14196357#comment-14196357
]

Poodle Fixer edited comment on OFBIZ-5848 at 11/5/14 7:27 PM:
--

Hi there--you can follow this thread here.
http://ofbiz.135035.n4.nabble.com/Re-Ofbiz-09-04-piddle-bleed-fix-td4657772.html#a4657792

I wonder if this ticket is worth addressing for newer versions well?

ofbiz is an ecommerce platform so this is going to be an important issue for
anyone using external companies to pass sensetive data to... over https...

anyway, food for thought.

was (Author: hrcboston):
Hi there--you can follow this thread here.
http://ofbiz.135035.n4.nabble.com/Re-Ofbiz-09-04-piddle-bleed-fix-td4657772.html#a4657792

I wonder if this ticket is worth addressing for newer versions well?

ofbiz is an ecommerce platform so this is going to be an important issue for
anyone using external companies to pass sensetive data to... over https...

anyway, food for thought.

Poodle-disable sslv3

Hi there--
This topic seemed relevant because it is a major security issue that recently
came up and will affect many ecommerce sites for ofbiz.
I am in process of trying to disable sslv3 on our version of of
ofbiz uses tomcat 6.
This is to eliminate the security vulnerability from poodle bleed.
http://www.symantec.com/connect/blogs/ssl-30-vulnerability-poodle-bug-aka-poodlebleed
We have tried updating the of ofbiz-containers.xml file like below, but it
did not disable sslv3. Poodle is still there.
I have also seen fixes that update server.xml with something similar.
property name=sslProtocol value=TLS/
property name=sslEnabledProtocols value=TLSv1/
Has anyone else had luck fixing the poodle issue on Apache ofbiz?
Or in any of biz products… where is the best place to fix this in of biz??
Thanks!
The Poodle fixer :)

--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Comment Edited] (OFBIZ-5848) Poodle-disable sslv3

[
https://issues.apache.org/jira/browse/OFBIZ-5848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14196357#comment-14196357
]

Poodle Fixer edited comment on OFBIZ-5848 at 11/5/14 7:27 PM:
--

Hi there--you can follow this thread here.
http://ofbiz.135035.n4.nabble.com/Re-Ofbiz-09-04-piddle-bleed-fix-td4657772.html#a4657792

I wonder if this ticket is worth addressing for newer versions well?

ofbiz is an ecommerce platform so this is going to be an important issue for
anyone using external companies to pass sensetive data to... over https...

anyway, food for thought.

was (Author: hrcboston):
Hi there--you can follow this thread here which I have been updating. Right
now, we are thinking of using our network to somehow not use sslv3 as we are
hitting a block with ofbiz itself.
http://ofbiz.135035.n4.nabble.com/Re-Ofbiz-09-04-piddle-bleed-fix-td4657772.html#a4657792

I wonder if this ticket is worth addressing for newer versions well?

ofbiz an ecommerce platform so this is going to be an important issue for
anyone using external companies to pass sensetive data to... over https...

anyway, food for thought.

Poodle-disable sslv3

Hi there--
This topic seemed relevant because it is a major security issue that recently
came up and will affect many ecommerce sites for ofbiz.
I am in process of trying to disable sslv3 on our version of of
ofbiz uses tomcat 6.
This is to eliminate the security vulnerability from poodle bleed.
http://www.symantec.com/connect/blogs/ssl-30-vulnerability-poodle-bug-aka-poodlebleed
We have tried updating the of ofbiz-containers.xml file like below, but it
did not disable sslv3. Poodle is still there.
I have also seen fixes that update server.xml with something similar.
property name=sslProtocol value=TLS/
property name=sslEnabledProtocols value=TLSv1/
Has anyone else had luck fixing the poodle issue on Apache ofbiz?
Or in any of biz products… where is the best place to fix this in of biz??
Thanks!
The Poodle fixer :)

--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Comment Edited] (OFBIZ-5848) Poodle-disable sslv3


[ 
https://issues.apache.org/jira/browse/OFBIZ-5848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14196605#comment-14196605
 ] 

Poodle Fixer edited comment on OFBIZ-5848 at 11/5/14 8:01 PM:
--

we had success with this when developing locally: 
 property name=sslProtocol value=TLSv1/
property name=protocols value=TLSv1/

the reason is that it is undoucmented to use protocols instead of 
sslEnabledProtocols 

see https://blogs.atlassian.com/2014/10/ssl-poodle/
http://tomcat.10.x6.nabble.com/How-to-allow-only-TLS-1-1-connections-to-Tomcat-6-0-server-with-https

we get this when trying to connect with ssl3 locally 

openssl s_client -connect localhost:portnumberhere -ssl3 
CONNECTED(0003) 
6990:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version 
number:/OpenSSL/src/ssl/s3_pkt.c:290:


was (Author: hrcboston):
we had success with this when developing locally: 
 property name=sslProtocol value=TLSv1/
property name=protocols value=TLSv1/

the reason is that it is undoucmented to use protocols instead of 
sslEnabledProtocols 

see https://blogs.atlassian.com/2014/10/ssl-poodle/
http://tomcat.10.x6.nabble.com/How-to-allow-only-TLS-1-1-connections-to-Tomcat-6-0-server-with-https

we get this when trying to connect with ssl3 locally 

openssl s_client -connect localhost:portnumberhere -ssl3 
CONNECTED(0003) 
6990:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version 
number:/SourceCache/OpenSSL098/OpenSSL098-47.2/src/ssl/s3_pkt.c:290:

 Poodle-disable sslv3
 

 Key: OFBIZ-5848
 URL: https://issues.apache.org/jira/browse/OFBIZ-5848
 Project: OFBiz
  Issue Type: Bug
Affects Versions: Trunk
 Environment: unix
Reporter: Poodle Fixer
Assignee: Jacques Le Roux
Priority: Critical
  Labels: patch, security
 Fix For: Upcoming Branch, 12.04.06, 13.07.02


 Hi there-- 
 This topic seemed relevant because it is a major security issue that recently 
 came up and will affect many ecommerce sites for ofbiz. 
 I am in process of trying to disable sslv3 on our version of of 
 ofbiz uses tomcat 6. 
 This is to eliminate the security vulnerability from poodle bleed. 
 http://www.symantec.com/connect/blogs/ssl-30-vulnerability-poodle-bug-aka-poodlebleed
 We have tried updating the of ofbiz-containers.xml file like below, but it 
 did not disable sslv3. Poodle is still there. 
 I have also seen fixes that update server.xml with something similar. 
 property name=sslProtocol value=TLS/  
 property name=sslEnabledProtocols value=TLSv1/  
 Has anyone else had luck fixing the poodle issue on Apache ofbiz? 
 Or in any of biz products… where is the best place to fix this in of biz??
 Thanks! 
 The Poodle fixer :)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Comment Edited] (OFBIZ-5848) Poodle-disable sslv3

[
https://issues.apache.org/jira/browse/OFBIZ-5848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14199883#comment-14199883
]

Vikas Mayur edited comment on OFBIZ-5848 at 11/6/14 6:29 AM:
-

Two Questions on how we handle security vulnerabilities:

1. Should we also update the information on the news section on the site for
such security/critical fixes?
2. Does it affect the regular release cycle in any manner or should we have a
different release strategy for such bugs. The bug will be fixed with release
12.04.06 and 13.07.02 but that won't be happening in next 4-5 months.

Pardon me if its already discussed but I don't find any information in the
archives.

was (Author: vikasmayur):
Two Questions on security vulnerabilities:

Pardon me if its already discussed but I don't find any information in the
archives.

Poodle-disable sslv3

Hi there--
This topic seemed relevant because it is a major security issue that recently
came up and will affect many ecommerce sites for ofbiz.
I am in process of trying to disable sslv3 on our version of of
ofbiz uses tomcat 6.
This is to eliminate the security vulnerability from poodle bleed.
http://www.symantec.com/connect/blogs/ssl-30-vulnerability-poodle-bug-aka-poodlebleed
We have tried updating the of ofbiz-containers.xml file like below, but it
did not disable sslv3. Poodle is still there.
I have also seen fixes that update server.xml with something similar.
property name=sslProtocol value=TLS/
property name=sslEnabledProtocols value=TLSv1/
Has anyone else had luck fixing the poodle issue on Apache ofbiz?
Or in any of biz products… where is the best place to fix this in of biz??
Thanks!
The Poodle fixer :)

--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (OFBIZ-5848) Poodle-disable sslv3

[
https://issues.apache.org/jira/browse/OFBIZ-5848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14199883#comment-14199883
]

Vikas Mayur commented on OFBIZ-5848:

Two Questions on security vulnerabilities:

Pardon me if its already discussed but I don't find any information in the
archives.

Poodle-disable sslv3

Hi there--
This topic seemed relevant because it is a major security issue that recently
came up and will affect many ecommerce sites for ofbiz.
I am in process of trying to disable sslv3 on our version of of
ofbiz uses tomcat 6.
This is to eliminate the security vulnerability from poodle bleed.
http://www.symantec.com/connect/blogs/ssl-30-vulnerability-poodle-bug-aka-poodlebleed
We have tried updating the of ofbiz-containers.xml file like below, but it
did not disable sslv3. Poodle is still there.
I have also seen fixes that update server.xml with something similar.
property name=sslProtocol value=TLS/
property name=sslEnabledProtocols value=TLSv1/
Has anyone else had luck fixing the poodle issue on Apache ofbiz?
Or in any of biz products… where is the best place to fix this in of biz??
Thanks!
The Poodle fixer :)

--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (OFBIZ-5854) Order On Hold Auto Approves When Edited

Vikas Mayur created OFBIZ-5854:
--

 Summary: Order On Hold Auto Approves When Edited
 Key: OFBIZ-5854
 URL: https://issues.apache.org/jira/browse/OFBIZ-5854
 Project: OFBiz
  Issue Type: Bug
  Components: order
Affects Versions: Trunk
Reporter: Vikas Mayur
Priority: Minor
 Fix For: Upcoming Branch, 12.04.06, 13.07.02


If you put an approved order on hold and then later cancel an item on the 
order, the order is auto approved. Order must have two line items to test the 
behavior. The expected result is that order should stay on hold.

In this chain of events, following eca is triggered. The service 
'checkOrderItemStatus' should be fixed such that it also check the current 
order header status before cancel/approve/complete the order.


{code}
eca service=changeOrderItemStatus event=commit
condition field-name=statusId operator=equals 
value=ITEM_CANCELLED/
action service=cancelOrderInventoryReservation mode=sync/
action service=recalcTaxTotal mode=sync/
action service=resetGrandTotal mode=sync/
action service=checkOrderItemStatus mode=sync/
/eca
{code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (OFBIZ-5855) There is no way to add Party Type (legal, informal etc.) in party manager application

2014-11-05 Thread Ejaz Ahmed (JIRA)

Ejaz Ahmed created OFBIZ-5855:
-

 Summary: There is no way to add Party Type (legal, informal etc.) 
in party manager application
 Key: OFBIZ-5855
 URL: https://issues.apache.org/jira/browse/OFBIZ-5855
 Project: OFBiz
  Issue Type: Bug
  Components: party
Affects Versions: Trunk, Release Branch 13.07
Reporter: Ejaz Ahmed


When find party screen is selected, it shows a drop down list for Type which 
can be legal organization, informal group, party group, person, team etc. The 
person and party group types can be selected when we create a party (create new 
party group, create new person options). However, there is no way to assign the 
types such as legal organization, informal groups etc which appear in this list 
to the parties created.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (OFBIZ-5854) Order On Hold Auto Approves When Edited


 [ 
https://issues.apache.org/jira/browse/OFBIZ-5854?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Vikas Mayur updated OFBIZ-5854:
---
Attachment: order.patch

 Order On Hold Auto Approves When Edited
 ---

 Key: OFBIZ-5854
 URL: https://issues.apache.org/jira/browse/OFBIZ-5854
 Project: OFBiz
  Issue Type: Bug
  Components: order
Affects Versions: Trunk
Reporter: Vikas Mayur
Priority: Minor
 Fix For: Upcoming Branch, 12.04.06, 13.07.02

 Attachments: order.patch


 If you put an approved order on hold and then later cancel an item on the 
 order, the order is auto approved. Order must have two line items to test the 
 behavior. The expected result is that order should stay on hold.
 In this chain of events, following eca is triggered. The service 
 'checkOrderItemStatus' should be fixed such that it also check the current 
 order header status before cancel/approve/complete the order.
 {code}
 eca service=changeOrderItemStatus event=commit
 condition field-name=statusId operator=equals 
 value=ITEM_CANCELLED/
 action service=cancelOrderInventoryReservation mode=sync/
 action service=recalcTaxTotal mode=sync/
 action service=resetGrandTotal mode=sync/
 action service=checkOrderItemStatus mode=sync/
 /eca
 {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (OFBIZ-5854) Order On Hold Auto Approves When Edited


 [ 
https://issues.apache.org/jira/browse/OFBIZ-5854?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Vikas Mayur updated OFBIZ-5854:
---
Description: 
If you put an approved order on hold and then later cancel an item on the 
order, the order is auto approved. Order must have two line items to test the 
behavior. The expected result is that order should stay on hold.

In this chain of events, following eca is triggered. The service 
'checkOrderItemStatus' should be fixed such that it also check the current 
order header status before it approve the order.


{code}
eca service=changeOrderItemStatus event=commit
condition field-name=statusId operator=equals 
value=ITEM_CANCELLED/
action service=cancelOrderInventoryReservation mode=sync/
action service=recalcTaxTotal mode=sync/
action service=resetGrandTotal mode=sync/
action service=checkOrderItemStatus mode=sync/
/eca
{code}

  was:
If you put an approved order on hold and then later cancel an item on the 
order, the order is auto approved. Order must have two line items to test the 
behavior. The expected result is that order should stay on hold.

In this chain of events, following eca is triggered. The service 
'checkOrderItemStatus' should be fixed such that it also check the current 
order header status before cancel/approve/complete the order.


{code}
eca service=changeOrderItemStatus event=commit
condition field-name=statusId operator=equals 
value=ITEM_CANCELLED/
action service=cancelOrderInventoryReservation mode=sync/
action service=recalcTaxTotal mode=sync/
action service=resetGrandTotal mode=sync/
action service=checkOrderItemStatus mode=sync/
/eca
{code}


 Order On Hold Auto Approves When Edited
 ---

 Key: OFBIZ-5854
 URL: https://issues.apache.org/jira/browse/OFBIZ-5854
 Project: OFBiz
  Issue Type: Bug
  Components: order
Affects Versions: Trunk
Reporter: Vikas Mayur
Priority: Minor
 Fix For: Upcoming Branch, 12.04.06, 13.07.02

 Attachments: order.patch


 If you put an approved order on hold and then later cancel an item on the 
 order, the order is auto approved. Order must have two line items to test the 
 behavior. The expected result is that order should stay on hold.
 In this chain of events, following eca is triggered. The service 
 'checkOrderItemStatus' should be fixed such that it also check the current 
 order header status before it approve the order.
 {code}
 eca service=changeOrderItemStatus event=commit
 condition field-name=statusId operator=equals 
 value=ITEM_CANCELLED/
 action service=cancelOrderInventoryReservation mode=sync/
 action service=recalcTaxTotal mode=sync/
 action service=resetGrandTotal mode=sync/
 action service=checkOrderItemStatus mode=sync/
 /eca
 {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (OFBIZ-5856) js form.null.focus() error if no focusFieldName set

2014-11-05 Thread Leon (JIRA)

Leon created OFBIZ-5856:
---

 Summary: js form.null.focus() error if no focusFieldName set
 Key: OFBIZ-5856
 URL: https://issues.apache.org/jira/browse/OFBIZ-5856
 Project: OFBiz
  Issue Type: Bug
  Components: framework
Affects Versions: Trunk
Reporter: Leon
 Fix For: Trunk


In current revision, the modelForm.getfocusFieldName() returns null instead of 
empty string  if there's no focus-field-name set to form element. Then  
string null is written out when call StringWriter.append(focusFieldName) 
method.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (OFBIZ-5856) js form.null.focus() error if no focusFieldName set

2014-11-05 Thread Leon (JIRA)


 [ 
https://issues.apache.org/jira/browse/OFBIZ-5856?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Leon updated OFBIZ-5856:

Attachment: OFBIZ-5856.patch

use empty string for focusFieldName if it's null.

Note that is a temporary workaround. According w3c, better to set attribute to 
empty string if element does not have attribute and no default value either.

 js form.null.focus() error if no focusFieldName set
 -

 Key: OFBIZ-5856
 URL: https://issues.apache.org/jira/browse/OFBIZ-5856
 Project: OFBiz
  Issue Type: Bug
  Components: framework
Affects Versions: Trunk
Reporter: Leon
 Fix For: Trunk

 Attachments: OFBIZ-5856.patch


 In current revision, the modelForm.getfocusFieldName() returns null instead 
 of empty string  if there's no focus-field-name set to form element. Then 
  string null is written out when call StringWriter.append(focusFieldName) 
 method.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (OFBIZ-5848) Poodle-disable sslv3

[
https://issues.apache.org/jira/browse/OFBIZ-5848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14199962#comment-14199962
]

Jacques Le Roux commented on OFBIZ-5848:

Hi Vikas,

Thanks for your good questions.

# We have already https://ofbiz.apache.org/download.html#vulnerabilities but we
could indeed put a link to that from the news section on main page
# There is currently a discussion within the PMC about this subject. I don't
unveil any important secrets by saying that for this bug we tend rather to send
a notice on the user ML. Because fixing the bug in the releases branches is not
enough. People with not supported releases would not be aware of the issue. And
we don't want to create a new release right now because this bug is not really
part of the OFBiz code and only need a configuration change. I suggested to put
the notice sent to the user ML also on the Dowload page where it will stay as
a reminder. This last point as not been yet discussed.

Poodle-disable sslv3

Hi there--
This topic seemed relevant because it is a major security issue that recently
came up and will affect many ecommerce sites for ofbiz.
I am in process of trying to disable sslv3 on our version of of
ofbiz uses tomcat 6.
This is to eliminate the security vulnerability from poodle bleed.
http://www.symantec.com/connect/blogs/ssl-30-vulnerability-poodle-bug-aka-poodlebleed
We have tried updating the of ofbiz-containers.xml file like below, but it
did not disable sslv3. Poodle is still there.
I have also seen fixes that update server.xml with something similar.
property name=sslProtocol value=TLS/
property name=sslEnabledProtocols value=TLSv1/
Has anyone else had luck fixing the poodle issue on Apache ofbiz?
Or in any of biz products… where is the best place to fix this in of biz??
Thanks!
The Poodle fixer :)

--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Comment Edited] (OFBIZ-5848) Poodle-disable sslv3

[
https://issues.apache.org/jira/browse/OFBIZ-5848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14198344#comment-14198344
]

Jacques Le Roux edited comment on OFBIZ-5848 at 11/6/14 7:54 AM:
-

Hi The Poodle fixer,

It was not only a Tomcat 7 issue. We had the same un trunk HEAD.

Committed in
trunk r1636864
R13.07 1636866
R12.04 1636867
{panel:title= WARNING|bgColor=red}
*We will certainly have to evolve this in the future because this correction
forces the protocol to TLSv1.2*
{panel}
Thanks Poodle fixer :)

was (Author: jacques.le.roux):
Hi The Poodle fixer,

It was not only a Tomcat 7 issue. We had the same un trunk HEAD.

Committed in
trunk r1636864
R13.07 1636866
R12.04 1636867

We will certainly have to evolve this in the future because this correction
forces the protocol to TLSv1.2

Thanks Poodle fixer :)

Poodle-disable sslv3

Hi there--
This topic seemed relevant because it is a major security issue that recently
came up and will affect many ecommerce sites for ofbiz.
I am in process of trying to disable sslv3 on our version of of
ofbiz uses tomcat 6.
This is to eliminate the security vulnerability from poodle bleed.
http://www.symantec.com/connect/blogs/ssl-30-vulnerability-poodle-bug-aka-poodlebleed
We have tried updating the of ofbiz-containers.xml file like below, but it
did not disable sslv3. Poodle is still there.
I have also seen fixes that update server.xml with something similar.
property name=sslProtocol value=TLS/
property name=sslEnabledProtocols value=TLSv1/
Has anyone else had luck fixing the poodle issue on Apache ofbiz?
Or in any of biz products… where is the best place to fix this in of biz??
Thanks!
The Poodle fixer :)

--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (OFBIZ-5848) Poodle-disable sslv3