[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17027650#comment-17027650 ] Jacques Le Roux commented on OFBIZ-11329: - Gna, I make a mistake in CsrfUtil.java, here is the real final patch :) [^OFBIZ-11329.patch] > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Sub-task > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Attachments: OFBIZ-11329.patch, OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17028038#comment-17028038 ] Jacques Le Roux commented on OFBIZ-11329: - Also I forgot the plugins, here is the patch [^OFBIZ-11329-plugins.patch] . Due to my tools config, there are a lot of EOL spaces removed. Should not be an issue, it's only 1 file > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Sub-task > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[
https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17028081#comment-17028081
]
James Yong commented on OFBIZ-11329:
Thanks for the patch.
*Review for OFBIZ-11329:
*
(1) Improvement to SetTimeZoneFromBrowser javascript function is good. i.e. it
will only set value in sessionStorage if response is success.
(2) Instead of hardcoding in java code the exemption of csrfToken check for
SetTimeZoneFromBrowser, should set security csrf-token to false in the
corresponding request map with some comments. But as SetTimeZoneFromBrowser can
change the data in the database, I think it should not be exempted from CSRF
token check.
(3) Note that the existing implementation of SetTimeZoneFromBrowser doesn't
check whether the submitted timezone is valid or different from the UserLogin's
lastTimeZone. Not sure if this should be in another JIRA issue.
*Review for OFBIZ-11306:*
(1) In line 304 of CsrfUtil.java:
{code:java}
request.setAttribute("_ERROR_MESSAGE_",
"Invalid or missing CSRF token to path '" +
request.getPathInfo() + "'. Click here to
continue.");
if (throwRequestHandlerExceptionOnMissingLocalRequest) {
throw new RequestHandlerExceptionAllowExternalRequests();
}
{code}
there should be no need to check for
throwRequestHandlerExceptionOnMissingLocalRequest. The property is for missing
request map but we are handling missing or invalid CSRF token.
(2) Found that additional info which should be returned from ajax request of
SetTimeZoneFromBrowser, due to the jsonResponseFromRequestAttribute service and
my implementation of OFBIZ-11306.
> setUserTimeZone should ran only once based on error
> ---
>
> Key: OFBIZ-11329
> URL: https://issues.apache.org/jira/browse/OFBIZ-11329
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework, webpos
>Affects Versions: Trunk
>Reporter: Jacques Le Roux
>Assignee: James Yong
>Priority: Minor
> Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch,
> OFBIZ-11329.patch
>
>
> This will be useful when committing CSRF solution as explained in OFBIZ-11306
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17028417#comment-17028417 ] Jacques Le Roux commented on OFBIZ-11329: - Hi James, Thanks for your review! bq. But as SetTimeZoneFromBrowser can change the data in the database, I think it should not be exempted from CSRF token check. Agreed, we should keep this in mind. Unfortuately I see no better solution than harcoding for now. ALso if ever somebody changes SetTimeZoneFromBrowser name the issue will appear in log again. So not much to fear IMO. bq. Note that the existing implementation of SetTimeZoneFromBrowser doesn't check whether the submitted timezone is valid or different from the UserLogin's lastTimeZone. Not sure if this should be in another JIRA issue. The feature depends on the browser used, so if the user changes of timezone there is a reason (travelling, etc.) and I see no reason to compare with previous one. I don't see how it could not be valid, the browser can't lie. OFBIZ-11306 bq. there should be no need to check for throwRequestHandlerExceptionOnMissingLocalRequest. The property is for missing request map but we are handling missing or invalid CSRF token. Then why not simply throw a RequestHandlerException? bq. Found that additional info which should be returned from ajax request of SetTimeZoneFromBrowser, due to the jsonResponseFromRequestAttribute service and my implementation o Could you please give more details? > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Sub-task > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[
https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17028472#comment-17028472
]
James Yong commented on OFBIZ-11329:
{quote}Then why not simply throw a RequestHandlerException?
{quote}
Original code was:
throw new RequestHandlerExceptionAllowExternalRequests();
{quote}Could you please give more details?
{quote}
Sorry i meant additional info which should NOT be returned from ajax request of
SetTimeZoneFromBrowser. You can print out the 'success' variable in
setUserTimeZone.js for more info.
> setUserTimeZone should ran only once based on error
> ---
>
> Key: OFBIZ-11329
> URL: https://issues.apache.org/jira/browse/OFBIZ-11329
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework, webpos
>Affects Versions: Trunk
>Reporter: Jacques Le Roux
>Assignee: James Yong
>Priority: Minor
> Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch,
> OFBIZ-11329.patch
>
>
> This will be useful when committing CSRF solution as explained in OFBIZ-11306
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[
https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17029060#comment-17029060
]
Jacques Le Roux commented on OFBIZ-11329:
-
Hi James,
bq. Original code was: {{throw new
RequestHandlerExceptionAllowExternalRequests();}}
I know, I mean why using that instead of {{throw new
RequestHandlerException();}}? As its names shows
RequestHandlerExceptionAllowExternalRequests is specific to handling external
requests which are not allowed by default and can be allowed using
throwRequestHandlerExceptionOnMissingLocalRequest property: OFBIZ-5037. It's
minor and a moot point. But I see no reasons to use
RequestHandlerExceptionAllowExternalRequests there. IMO, it would be more clear
code with a simple RequestHandlerException. Do I miss something?
> setUserTimeZone should ran only once based on error
> ---
>
> Key: OFBIZ-11329
> URL: https://issues.apache.org/jira/browse/OFBIZ-11329
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework, webpos
>Affects Versions: Trunk
>Reporter: Jacques Le Roux
>Assignee: James Yong
>Priority: Minor
> Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch,
> OFBIZ-11329.patch
>
>
> This will be useful when committing CSRF solution as explained in OFBIZ-11306
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17029901#comment-17029901 ] ASF subversion and git services commented on OFBIZ-11329: - Commit d5f19e356007695e94f4470bc418a0cd77cf18ac in ofbiz-framework's branch refs/heads/trunk from Jacques Le Roux [ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=d5f19e3 ] Fixed: impersonateLogin (OFBIZ-5409) I reopended this old issue because, while working on OFBIZ-11329, I found that userLogin and impersonateLogin should be removed from jsonResponseFromRequestAttributes Thanks: James Yong for pointing that out > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Sub-task > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17029919#comment-17029919 ] Jacques Le Roux commented on OFBIZ-11329: - bq. Sorry i meant additional info which should NOT be returned from ajax request of SetTimeZoneFromBrowser. You can print out the 'success' variable in setUserTimeZone.js for more info. Well spotted James! I fixed the issue at OFBIZ-5409 which needed a bit of update. Though I wonder why userLogin was missed before or I guess has been added since for another reason and before work on CSRF. With this change the current patch does not need to updated. If you agree we can move it to OFBIZ-11306 and continue there. > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Sub-task > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17030240#comment-17030240 ] James Yong commented on OFBIZ-11329: Hi Jacques, There are changes specific to SetTimeZoneFromBrowser which I think can be committed under OFBIZ-11329 before continuing with OFBIZ-11306. > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Sub-task > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17030443#comment-17030443 ] ASF subversion and git services commented on OFBIZ-11329: - Commit 350c71f4df45cbe5671b54e61f74f9a352d78e05 in ofbiz-framework's branch refs/heads/trunk from Jacques Le Roux [ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=350c71f ] Fixed: setUserTimeZone should ran only once based on error (OFBIZ-11329) This will be notably useful when committing CSRF solution as explained in OFBIZ-11306: SetTimeZoneFromBrowser when starting gives a RequestHandlerException: Invalid or missing CSRF token for AJAX call to path '/SetTimeZoneFromBrowser'. Also not only when starting. Thanks: James Yong for review > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Sub-task > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17030455#comment-17030455 ] Jacques Le Roux commented on OFBIZ-11329: - Hi James, I agree. What about my point on RequestHandlerExceptionAllowExternalRequests? > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Sub-task > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17030533#comment-17030533 ] ASF subversion and git services commented on OFBIZ-11329: - Commit b2e3cc717dcea74110d4b152ae46a9a2b2c62a89 in ofbiz-framework's branch refs/heads/release17.12 from Jacques Le Roux [ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=b2e3cc7 ] Fixed: impersonateLogin (OFBIZ-5409) I reopended this old issue because, while working on OFBIZ-11329, I found that userLogin and impersonateLogin should be removed from jsonResponseFromRequestAttributes Thanks: James Yong for pointing that out # Conflicts: # framework/common/src/main/java/org/apache/ofbiz/common/CommonEvents.java > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Sub-task > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17030538#comment-17030538 ] ASF subversion and git services commented on OFBIZ-11329: - Commit 91cdc817e1c6b4d45b4b9fcbc4bb1ecc28f0de23 in ofbiz-framework's branch refs/heads/release18.12 from Jacques Le Roux [ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=91cdc81 ] Fixed: setUserTimeZone should ran only once based on error (OFBIZ-11329) This will be notably useful when committing CSRF solution as explained in OFBIZ-11306: SetTimeZoneFromBrowser when starting gives a RequestHandlerException: Invalid or missing CSRF token for AJAX call to path '/SetTimeZoneFromBrowser'. Also not only when starting. Thanks: James Yong for review > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Sub-task > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17030537#comment-17030537 ] ASF subversion and git services commented on OFBIZ-11329: - Commit 218d5a07a27492b155331bca8f95eedcc470cbfe in ofbiz-framework's branch refs/heads/release18.12 from Jacques Le Roux [ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=218d5a0 ] Fixed: impersonateLogin (OFBIZ-5409) I reopended this old issue because, while working on OFBIZ-11329, I found that userLogin and impersonateLogin should be removed from jsonResponseFromRequestAttributes Thanks: James Yong for pointing that out > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Sub-task > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17030534#comment-17030534 ] ASF subversion and git services commented on OFBIZ-11329: - Commit 6ce10278a391a5c588d7a97f6e779c4e4256f5d2 in ofbiz-framework's branch refs/heads/release17.12 from Jacques Le Roux [ https://gitbox.apache.org/repos/asf?p=ofbiz-framework.git;h=6ce1027 ] Fixed: setUserTimeZone should ran only once based on error (OFBIZ-11329) This will be notably useful when committing CSRF solution as explained in OFBIZ-11306: SetTimeZoneFromBrowser when starting gives a RequestHandlerException: Invalid or missing CSRF token for AJAX call to path '/SetTimeZoneFromBrowser'. Also not only when starting. Thanks: James Yong for review (cherry picked from commit 350c71f4df45cbe5671b54e61f74f9a352d78e05) # Conflicts: # framework/common/groovyScripts/SetLocaleFromBrowser.groovy # themes/common-theme/webapp/common/js/util/setUserTimeZone.js replaced by setUserLocale.js modified by hand I can compile locally but I can see a reason why and certainly not related to these changes > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Sub-task > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17030559#comment-17030559 ] Jacques Le Roux commented on OFBIZ-11329: - Thanks Git, The R17 backport was a complete disaster and I'm still recovering from it. I mean it completely screwed the trunk :/ I need to check all before closing here > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Sub-task > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17030644#comment-17030644 ] Michael Brohl commented on OFBIZ-11329: --- How can a backport to another branch screw the trunk? Can you say more about this issue? > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Sub-task > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17030769#comment-17030769 ] Jacques Le Roux commented on OFBIZ-11329: - It's about stashes. For a reason I did not understand I got changes from R17 in a trunk stash after cherry picking from trunk to R17. I had not this problem with R18. I think it's dues to a duplicate window I opened in Tortoise, but even that makes no sense. Anyway I guess it will not help any other so better forget it. I "just" have to clean the trunk stash :/ > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Sub-task > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[
https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17030832#comment-17030832
]
Jacques Le Roux commented on OFBIZ-11329:
-
Since you are interested in:
{noformat}
Jacques@LDLC MINGW64 /c/projectsASF/Git/ofbiz-framework (trunk|REBASE 1/130)
$ git rebase --skip
Applying: "Applied fix from trunk for revision: 1819805"
Using index info to reconstruct a base tree...
M themes/rainbowstone/ofbiz-component.xml
M themes/rainbowstone/template/includes/TopAppBar.ftl
Falling back to patching base and 3-way merge...
Auto-merging themes/rainbowstone/template/includes/TopAppBar.ftl
CONFLICT (add/add): Merge conflict in
themes/rainbowstone/config/rainbowstone.properties
Auto-merging themes/rainbowstone/config/rainbowstone.properties
Recorded preimage for 'themes/rainbowstone/config/rainbowstone.properties'
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch' to see the failed patch
Patch failed at 0002 "Applied fix from trunk for revision: 1819805"
Resolve all conflicts manually, mark them as resolved with
"git add/rm ", then run "git rebase --continue".
You can instead skip this commit: run "git rebase --skip".
To abort and get back to the state before "git rebase", run "git rebase
--abort".
Jacques@LDLC MINGW64 /c/projectsASF/Git/ofbiz-framework (trunk|REBASE 2/130)
$ git rebase --abort
Jacques@LDLC MINGW64 /c/projectsASF/Git/ofbiz-framework (trunk)
$ git pull
First, rewinding head to replay your work on top of it...
Applying: Improved: Updated plugins url in release17.12
Using index info to reconstruct a base tree...
M build.gradle
Falling back to patching base and 3-way merge...
Auto-merging build.gradle
CONFLICT (content): Merge conflict in build.gradle
Staged 'build.gradle' using previous resolution.
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch' to see the failed patch
Patch failed at 0001 Improved: Updated plugins url in release17.12
Resolve all conflicts manually, mark them as resolved with
"git add/rm ", then run "git rebase --continue".
You can instead skip this commit: run "git rebase --skip".
To abort and get back to the state before "git rebase", run "git rebase
--abort".
Jacques@LDLC MINGW64 /c/projectsASF/Git/ofbiz-framework (trunk|REBASE 1/130)
$ git am --show-current-patch
commit 4c65b791a0db7e2738dd6fd0c56cbd63f147d695
Author: Deepak Dixit
Date: Thu Dec 28 10:11:00 2017 +
Improved: Updated plugins url in release17.12
git-svn-id:
https://svn.apache.org/repos/asf/ofbiz/ofbiz-framework/branches/release17.12@1819413
13f79535-47bb-0310-9956-ffa450edef68
diff --git a/build.gradle b/build.gradle
index 05b8e4fca2..8bab70657d 100644
--- a/build.gradle
+++ b/build.gradle
@@ -754,7 +754,7 @@ task pullPluginSource(group: ofbizPlugin, description:
'Download and install a p
if (project.hasProperty('pluginId')) {
task pullPluginFromSvn(type: SvnCheckout) {
-svnUrl =
"https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk/${pluginId}";
+svnUrl =
"https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/branches/release17.12/${pluginId}";
workspaceDir = "${pluginsDir}/${pluginId}"
}
dependsOn pullPluginFromSvn
@@ -771,7 +771,7 @@ task pullAllPluginsSource(group: ofbizPlugin,
doLast { delete "${pluginsDir}" }
}
task pullPluginsFromSvn(type: SvnCheckout, dependsOn: deleteBeforePulling)
{
-svnUrl = "https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk";
+svnUrl =
"https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/branches/release17.12";
workspaceDir = "${pluginsDir}"
}
dependsOn pullPluginsFromSvn
Jacques@LDLC MINGW64 /c/projectsASF/Git/ofbiz-framework (trunk|REBASE 1/130)
{noformat}
At this stage better solution:
{noformat}
git fetch origin
git reset --hard origin/master
{noformat}
Then I got my stash, previous to backport, clean... pfew...
> setUserTimeZone should ran only once based on error
> ---
>
> Key: OFBIZ-11329
> URL: https://issues.apache.org/jira/browse/OFBIZ-11329
> Project: OFBiz
> Issue Type: Sub-task
> Components: framework, webpos
>Affects Versions: Trunk
>Reporter: Jacques Le Roux
>Assignee: James Yong
>Priority: Minor
> Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch,
> OFBIZ-11329.patch
>
>
> This will be useful when committing CSRF solution as explained in OFBIZ-11306
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17032458#comment-17032458 ] James Yong commented on OFBIZ-11329: Thanks Jacques. Verified that no additional info is sent to the SetTimeZoneFromBrowser javascript function. Reason why RequestHandlerExceptionAllowExternalRequests is used: # To allow clickable link within an error message. Also thanks for mentioning OFBIZ-5037. Although RequestHandlerExceptionAllowExternalRequests and throwRequestHandlerExceptionOnMissingLocalRequest are created from OFBIZ-5037, I found that the former can be used without the latter. > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Sub-task > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Fix For: 17.12.01, 18.12.01 > > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17032464#comment-17032464 ] Jacques Le Roux commented on OFBIZ-11329: - Hi James, Thanks for the explanation, one worry less. > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Bug > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Fix For: 17.12.01, 18.12.01 > > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17032481#comment-17032481 ] James Yong commented on OFBIZ-11329: bq. You mean that if you use RequestHandlerException the link does not work? Exactly :) > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Bug > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Fix For: 17.12.01, 18.12.01 > > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (OFBIZ-11329) setUserTimeZone should ran only once based on error
[ https://issues.apache.org/jira/browse/OFBIZ-11329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17032495#comment-17032495 ] Jacques Le Roux commented on OFBIZ-11329: - OK, all clear here then. > setUserTimeZone should ran only once based on error > --- > > Key: OFBIZ-11329 > URL: https://issues.apache.org/jira/browse/OFBIZ-11329 > Project: OFBiz > Issue Type: Bug > Components: framework, webpos >Affects Versions: Trunk >Reporter: Jacques Le Roux >Assignee: James Yong >Priority: Minor > Fix For: 17.12.01, 18.12.01 > > Attachments: OFBIZ-11329-plugins.patch, OFBIZ-11329.patch, > OFBIZ-11329.patch > > > This will be useful when committing CSRF solution as explained in OFBIZ-11306 -- This message was sent by Atlassian Jira (v8.3.4#803005)
