diff --git a/org.adempiere.base/src/org/compiere/model/PO.java b/org.adempiere.base/src/org/compiere/model/PO.java index 10c3848113..4a491b7764 100644 --- a/org.adempiere.base/src/org/compiere/model/PO.java +++ b/org.adempiere.base/src/org/compiere/model/PO.java @@ -112,7 +112,7 @@ public abstract class PO /** * */ - private static final long serialVersionUID = -1330388218446118451L; + private static final long serialVersionUID = -2086165095004944867L; public static final String LOCAL_TRX_PREFIX = "POSave"; @@ -208,6 +208,8 @@ public abstract class PO load(rs); // will not have virtual columns else load(ID, trxName); + + checkValidClient(false); } // PO /** @@ -2078,6 +2080,7 @@ public abstract class PO checkImmutable(); checkValidContext(); + checkValidClient(true); CLogger.resetLast(); boolean newRecord = is_new(); // save locally as load resets if (!newRecord && !is_Changed()) @@ -3265,6 +3268,7 @@ public abstract class PO checkImmutable(); checkValidContext(); + checkValidClient(true); CLogger.resetLast(); if (is_new()) return true; @@ -4975,4 +4979,20 @@ public abstract class PO throw new AdempiereException("Context lost"); } + private void checkValidClient(boolean writing) { + int envClientID = Env.getAD_Client_ID(getCtx()); + // processes running from system client can read/write always + if (envClientID > 0) { + int poClientID = getAD_Client_ID(); + if (poClientID != envClientID && + (poClientID != 0 || writing)) { + log.severe("Table="+get_TableName()+" Record_ID="+get_ID()+" Env.AD_Client_ID="+envClientID+" PO.AD_Client_ID="+poClientID); + String message = "Cross tenant PO request detected from session " + + Env.getContext(getCtx(), "#AD_Session_ID") + " for table " + get_TableName() + + " Record_ID=" + get_ID(); + throw new AdempiereException(message); + } + } + } + } // PO diff --git a/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/panel/RolePanel.java b/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/panel/RolePanel.java index 0f3f5083f3..180b365b57 100644 --- a/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/panel/RolePanel.java +++ b/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/panel/RolePanel.java @@ -85,7 +85,7 @@ public class RolePanel extends Window implements EventListener, Deferrabl /** * */ - private static final long serialVersionUID = 4486118071892173802L; + private static final long serialVersionUID = -4763398859555693370L; protected LoginWindow wndLogin; protected Login login; @@ -411,7 +411,8 @@ public class RolePanel extends Window implements EventListener, Deferrabl { initDefault=m_userpreference.getProperty( UserPreference.P_ROLE ); } - KeyNamePair clientKNPair = new KeyNamePair(Integer.valueOf((String)lstItemClient.getValue()), lstItemClient.getLabel()); + int clientId = Integer.valueOf((String)lstItemClient.getValue()); + KeyNamePair clientKNPair = new KeyNamePair(clientId, lstItemClient.getLabel()); KeyNamePair roleKNPairs[] = login.getRoles(m_userName, clientKNPair, LoginPanel.ROLE_TYPES_WEBUI); if (roleKNPairs != null && roleKNPairs.length > 0) { @@ -433,7 +434,16 @@ public class RolePanel extends Window implements EventListener, Deferrabl // //force reload of default role - MRole.getDefault(m_ctx, true); + int cid = Env.getAD_Client_ID(m_ctx); + try + { + Env.setContext(m_ctx, Env.AD_CLIENT_ID, clientId); + MRole.getDefault(m_ctx, true); + } + finally + { + Env.setContext(m_ctx, Env.AD_CLIENT_ID, cid); + } // If we have only one role, we can make readonly the combobox if (lstRole.getItemCount() == 1) diff --git a/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/util/UserPreference.java b/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/util/UserPreference.java index bf5f67edea..47b2acb238 100644 --- a/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/util/UserPreference.java +++ b/org.adempiere.ui.zk/WEB-INF/src/org/adempiere/webui/util/UserPreference.java @@ -119,8 +119,19 @@ public final class UserPreference implements Serializable { preference = new MUserPreference(Env.getCtx(), preference.getAD_Preference_ID(), null); } } - preference.setValue(value); - preference.saveEx(); + + int cid = Env.getAD_Client_ID(Env.getCtx()); + try { + if (preference.getAD_Client_ID() == 0 && cid > 0) { + Env.setContext(Env.getCtx(), Env.AD_CLIENT_ID, 0); + } + preference.setValue(value); + preference.saveEx(); + } finally { + if (preference.getAD_Client_ID() == 0 && cid > 0) { + Env.setContext(Env.getCtx(), Env.AD_CLIENT_ID, cid); + } + } } } }