hg merge release-6.2 (merge release6.2 into default)
This commit is contained in:
Carlos Ruiz
commit
f318aaf854
|
|
@ -0,0 +1,11 @@
|
|||
SET SQLBLANKLINES ON
|
||||
SET DEFINE OFF
|
||||
|
||||
-- sjeffen:
|
||||
-- 22. mar. 2019 16.00.03 CET
|
||||
INSERT INTO AD_Message (MsgType,MsgText,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Message_ID,Value,EntityType,AD_Message_UU) VALUES ('E','Failed when processing document',0,0,'Y',TO_DATE('2019-03-22 16:00:03','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2019-03-22 16:00:03','YYYY-MM-DD HH24:MI:SS'),100,200489,'FailedProcessingDocument','D','21281020-8057-4315-b0c0-144c874a5f46')
|
||||
;
|
||||
|
||||
SELECT register_migration_script('201903241211_IDEMPIERE-3929.sql') FROM dual
|
||||
;
|
||||
|
||||
|
|
@ -0,0 +1,15 @@
|
|||
SET SQLBLANKLINES ON
|
||||
SET DEFINE OFF
|
||||
|
||||
-- IDEMPIERE-3930 Allow permission control for idempiereMonitor and OSGI console
|
||||
-- Mar 25, 2019, 12:20:18 PM BRT
|
||||
INSERT INTO AD_Form (AD_Form_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,Name,Description,Classname,AccessLevel,EntityType,IsBetaFunctionality,AD_Form_UU) VALUES (200011,0,0,'Y',TO_DATE('2019-03-25 12:20:17','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2019-03-25 12:20:17','YYYY-MM-DD HH24:MI:SS'),100,'idempiereMonitor','Form to configure access to /idempiereMonitor - do not add to menu','/idempiereMonitor','4','D','N','3406efc3-aa1d-4212-bb5d-6d64ee39cc61')
|
||||
;
|
||||
|
||||
-- Mar 25, 2019, 12:21:15 PM BRT
|
||||
INSERT INTO AD_Form (AD_Form_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,Name,Description,Classname,AccessLevel,EntityType,IsBetaFunctionality,AD_Form_UU) VALUES (200012,0,0,'Y',TO_DATE('2019-03-25 12:21:15','YYYY-MM-DD HH24:MI:SS'),100,TO_DATE('2019-03-25 12:21:15','YYYY-MM-DD HH24:MI:SS'),100,'Apache Felix Web Console','Form to configure access to /osgi/system/console - do not add to menu','/osgi/system/console','4','D','N','bb212a96-e71d-4deb-98eb-799c74247c96')
|
||||
;
|
||||
|
||||
SELECT register_migration_script('201903251409_IDEMPIERE-3930.sql') FROM dual
|
||||
;
|
||||
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
-- sjeffen:
|
||||
-- 22. mar. 2019 16.00.03 CET
|
||||
INSERT INTO AD_Message (MsgType,MsgText,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Message_ID,Value,EntityType,AD_Message_UU) VALUES ('E','Failed when processing document',0,0,'Y',TO_TIMESTAMP('2019-03-22 16:00:03','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2019-03-22 16:00:03','YYYY-MM-DD HH24:MI:SS'),100,200489,'FailedProcessingDocument','D','21281020-8057-4315-b0c0-144c874a5f46')
|
||||
;
|
||||
|
||||
SELECT register_migration_script('201903241211_IDEMPIERE-3929.sql') FROM dual
|
||||
;
|
||||
|
||||
|
|
@ -0,0 +1,12 @@
|
|||
-- IDEMPIERE-3930 Allow permission control for idempiereMonitor and OSGI console
|
||||
-- Mar 25, 2019, 12:20:18 PM BRT
|
||||
INSERT INTO AD_Form (AD_Form_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,Name,Description,Classname,AccessLevel,EntityType,IsBetaFunctionality,AD_Form_UU) VALUES (200011,0,0,'Y',TO_TIMESTAMP('2019-03-25 12:20:17','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2019-03-25 12:20:17','YYYY-MM-DD HH24:MI:SS'),100,'idempiereMonitor','Form to configure access to /idempiereMonitor - do not add to menu','/idempiereMonitor','4','D','N','3406efc3-aa1d-4212-bb5d-6d64ee39cc61')
|
||||
;
|
||||
|
||||
-- Mar 25, 2019, 12:21:15 PM BRT
|
||||
INSERT INTO AD_Form (AD_Form_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,Name,Description,Classname,AccessLevel,EntityType,IsBetaFunctionality,AD_Form_UU) VALUES (200012,0,0,'Y',TO_TIMESTAMP('2019-03-25 12:21:15','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2019-03-25 12:21:15','YYYY-MM-DD HH24:MI:SS'),100,'Apache Felix Web Console','Form to configure access to /osgi/system/console - do not add to menu','/osgi/system/console','4','D','N','bb212a96-e71d-4deb-98eb-799c74247c96')
|
||||
;
|
||||
|
||||
SELECT register_migration_script('201903251409_IDEMPIERE-3930.sql') FROM dual
|
||||
;
|
||||
|
||||
|
|
@ -186,7 +186,7 @@ public class InvoiceCreateCreditMemo extends SvrProcess {
|
|||
//
|
||||
if (p_DocAction != null) {
|
||||
if (!creditMemo.processIt(p_DocAction)) {
|
||||
throw new AdempiereException("ERROR processing credit memo " + p_DocAction + " -> " + creditMemo.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + creditMemo.getProcessMsg());
|
||||
}
|
||||
if (p_IsCreateAllocation && DocAction.ACTION_Complete.equals(p_DocAction)) {
|
||||
// Create Allocation
|
||||
|
|
@ -210,7 +210,7 @@ public class InvoiceCreateCreditMemo extends SvrProcess {
|
|||
cLine.setC_Invoice_ID(creditMemo.getC_Invoice_ID());
|
||||
cLine.saveEx();
|
||||
if (!alloc.processIt(DocAction.ACTION_Complete))
|
||||
throw new AdempiereException("Failed when processing document - " + alloc.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + alloc.getProcessMsg());
|
||||
// end added
|
||||
alloc.saveEx();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ import javax.naming.directory.Attribute;
|
|||
import javax.naming.directory.Attributes;
|
||||
import javax.naming.ldap.InitialLdapContext;
|
||||
|
||||
import org.compiere.model.MSysConfig;
|
||||
import org.compiere.util.CLogger;
|
||||
|
||||
|
||||
|
|
@ -52,10 +53,12 @@ public class LDAP
|
|||
// ldap://dc.compiere.org
|
||||
env.put(Context.PROVIDER_URL, ldapURL);
|
||||
env.put(Context.SECURITY_AUTHENTICATION, "simple");
|
||||
// jjanke@compiere.org
|
||||
// For OpenLDAP uncomment the next line
|
||||
// StringBuffer principal = new StringBuffer("uid=").append(userName).append(",").append(domain);
|
||||
StringBuffer principal = new StringBuffer(userName).append("@").append(domain);
|
||||
StringBuffer principal;
|
||||
if ("openldap".equals(MSysConfig.getValue(MSysConfig.LDAP_TYPE))) {
|
||||
principal = new StringBuffer("uid=").append(userName).append(",").append(domain);
|
||||
} else {
|
||||
principal = new StringBuffer(userName).append("@").append(domain);
|
||||
}
|
||||
env.put(Context.SECURITY_PRINCIPAL, principal.toString());
|
||||
env.put(Context.SECURITY_CREDENTIALS, password);
|
||||
//
|
||||
|
|
|
|||
|
|
@ -157,7 +157,7 @@ public class MCashLine extends X_C_CashLine
|
|||
order.setC_CashLine_ID(getC_CashLine_ID());
|
||||
// added AdempiereException by Zuhri
|
||||
if (!order.processIt(MOrder.ACTION_WaitComplete))
|
||||
throw new AdempiereException("Failed when processing document - " + order.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + order.getProcessMsg());
|
||||
// end added
|
||||
order.saveEx(trxName);
|
||||
// Set Invoice
|
||||
|
|
|
|||
|
|
@ -1772,7 +1772,7 @@ public class MInOut extends X_M_InOut implements DocAction
|
|||
dropShipment.setDocAction(DocAction.ACTION_Complete);
|
||||
// added AdempiereException by Zuhri
|
||||
if (!dropShipment.processIt(DocAction.ACTION_Complete))
|
||||
throw new AdempiereException("Failed when processing document - " + dropShipment.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + dropShipment.getProcessMsg());
|
||||
// end added
|
||||
dropShipment.saveEx();
|
||||
|
||||
|
|
@ -2042,7 +2042,7 @@ public class MInOut extends X_M_InOut implements DocAction
|
|||
counter.setDocAction(counterDT.getDocAction());
|
||||
// added AdempiereException by zuhri
|
||||
if (!counter.processIt(counterDT.getDocAction()))
|
||||
throw new AdempiereException("Failed when processing document - " + counter.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + counter.getProcessMsg());
|
||||
// end added
|
||||
counter.saveEx(get_TrxName());
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2256,7 +2256,7 @@ public class MInvoice extends X_C_Invoice implements DocAction
|
|||
counter.setDocAction(counterDT.getDocAction());
|
||||
// added AdempiereException by zuhri
|
||||
if (!counter.processIt(counterDT.getDocAction()))
|
||||
throw new AdempiereException("Failed when processing document - " + counter.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + counter.getProcessMsg());
|
||||
// end added
|
||||
counter.saveEx(get_TrxName());
|
||||
}
|
||||
|
|
@ -2569,7 +2569,7 @@ public class MInvoice extends X_C_Invoice implements DocAction
|
|||
rLine.saveEx();
|
||||
// added AdempiereException by zuhri
|
||||
if (!alloc.processIt(DocAction.ACTION_Complete))
|
||||
throw new AdempiereException("Failed when processing document - " + alloc.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + alloc.getProcessMsg());
|
||||
// end added
|
||||
alloc.saveEx();
|
||||
|
||||
|
|
|
|||
|
|
@ -475,7 +475,7 @@ public class MJournalBatch extends X_GL_JournalBatch implements DocAction
|
|||
{
|
||||
// added AdempiereException by zuhri
|
||||
if (!journal.processIt(DocAction.ACTION_Complete))
|
||||
throw new AdempiereException("Failed when processing document - " + journal.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + journal.getProcessMsg());
|
||||
// end added
|
||||
journal.saveEx();
|
||||
if (!DocAction.STATUS_Completed.equals(journal.getDocStatus()))
|
||||
|
|
|
|||
|
|
@ -2193,7 +2193,7 @@ public class MOrder extends X_C_Order implements DocAction
|
|||
}
|
||||
// added AdempiereException by zuhri
|
||||
if (!shipment.processIt(DocAction.ACTION_Complete))
|
||||
throw new AdempiereException("Failed when processing document - " + shipment.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + shipment.getProcessMsg());
|
||||
// end added
|
||||
shipment.saveEx(get_TrxName());
|
||||
if (!DOCSTATUS_Completed.equals(shipment.getDocStatus()))
|
||||
|
|
@ -2296,7 +2296,7 @@ public class MOrder extends X_C_Order implements DocAction
|
|||
|
||||
// added AdempiereException by zuhri
|
||||
if (!invoice.processIt(DocAction.ACTION_Complete))
|
||||
throw new AdempiereException("Failed when processing document - " + invoice.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + invoice.getProcessMsg());
|
||||
// end added
|
||||
invoice.saveEx(get_TrxName());
|
||||
setC_CashLine_ID(invoice.getC_CashLine_ID());
|
||||
|
|
@ -2383,7 +2383,7 @@ public class MOrder extends X_C_Order implements DocAction
|
|||
counter.setDocAction(counterDT.getDocAction());
|
||||
// added AdempiereException by zuhri
|
||||
if (!counter.processIt(counterDT.getDocAction()))
|
||||
throw new AdempiereException("Failed when processing document - " + counter.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + counter.getProcessMsg());
|
||||
// end added
|
||||
counter.saveEx(get_TrxName());
|
||||
}
|
||||
|
|
|
|||
|
|
@ -798,9 +798,9 @@ public class MOrderLine extends X_C_OrderLine
|
|||
setHeaderInfo(getParent());
|
||||
|
||||
|
||||
// R/O Check - Product/Warehouse Change/Attribute set instance
|
||||
// R/O Check - Product/Warehouse Change
|
||||
if (!newRecord
|
||||
&& (is_ValueChanged("M_Product_ID") || is_ValueChanged("M_Warehouse_ID") || is_ValueChanged("M_AttributeSetInstance_ID")))
|
||||
&& (is_ValueChanged("M_Product_ID") || is_ValueChanged("M_Warehouse_ID")))
|
||||
{
|
||||
if (!canChangeWarehouse())
|
||||
return false;
|
||||
|
|
|
|||
|
|
@ -359,7 +359,7 @@ public class MPaySelectionCheck extends X_C_PaySelectionCheck
|
|||
check.saveEx(); // Payment process needs it
|
||||
// added AdempiereException by zuhri
|
||||
if (!payment.processIt(DocAction.ACTION_Complete))
|
||||
throw new AdempiereException("Failed when processing document - " + payment.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(Env.getCtx(), "FailedProcessingDocument") + " - " + payment.getProcessMsg());
|
||||
// end added
|
||||
payment.saveEx();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1858,7 +1858,7 @@ public class MPayment extends X_C_Payment
|
|||
order.set_TrxName(get_TrxName());
|
||||
// added AdempiereException by zuhri
|
||||
if (!order.processIt (X_C_Order.DOCACTION_WaitComplete))
|
||||
throw new AdempiereException("Failed when processing document - " + order.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + order.getProcessMsg());
|
||||
// end added
|
||||
m_processMsg = order.getProcessMsg();
|
||||
order.saveEx(get_TrxName());
|
||||
|
|
@ -2288,7 +2288,7 @@ public class MPayment extends X_C_Payment
|
|||
}
|
||||
// added AdempiereException by zuhri
|
||||
if (!alloc.processIt(DocAction.ACTION_Complete))
|
||||
throw new AdempiereException("Failed when processing document - " + alloc.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + alloc.getProcessMsg());
|
||||
// end added
|
||||
m_processMsg = "@C_AllocationHdr_ID@: " + alloc.getDocumentNo();
|
||||
return alloc.save(get_TrxName());
|
||||
|
|
@ -2323,7 +2323,7 @@ public class MPayment extends X_C_Payment
|
|||
aLine.saveEx(get_TrxName());
|
||||
// added AdempiereException by zuhri
|
||||
if (!alloc.processIt(DocAction.ACTION_Complete))
|
||||
throw new AdempiereException("Failed when processing document - " + alloc.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + alloc.getProcessMsg());
|
||||
// end added
|
||||
alloc.saveEx(get_TrxName());
|
||||
m_justCreatedAllocInv = alloc;
|
||||
|
|
@ -2421,7 +2421,7 @@ public class MPayment extends X_C_Payment
|
|||
if(alloc.processIt(DocAction.ACTION_Complete))
|
||||
ok = alloc.save(get_TrxName());
|
||||
else
|
||||
throw new AdempiereException("Failed when processing document - " + alloc.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + alloc.getProcessMsg());
|
||||
// end added by zuhri
|
||||
m_processMsg = "@C_AllocationHdr_ID@: " + alloc.getDocumentNo();
|
||||
}
|
||||
|
|
@ -2708,7 +2708,7 @@ public class MPayment extends X_C_Payment
|
|||
|
||||
// added AdempiereException by zuhri
|
||||
if (!alloc.processIt(DocAction.ACTION_Complete))
|
||||
throw new AdempiereException("Failed when processing document - " + alloc.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + alloc.getProcessMsg());
|
||||
// end added
|
||||
alloc.saveEx(get_TrxName());
|
||||
//
|
||||
|
|
|
|||
|
|
@ -555,7 +555,7 @@ public class MRMA extends X_M_RMA implements DocAction
|
|||
counter.setDocAction(counterDT.getDocAction());
|
||||
// added AdempiereException by zuhri
|
||||
if (!counter.processIt(counterDT.getDocAction()))
|
||||
throw new AdempiereException("Failed when processing document - " + counter.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(getCtx(), "FailedProcessingDocument") + " - " + counter.getProcessMsg());
|
||||
// end added
|
||||
counter.saveEx(get_TrxName());
|
||||
}
|
||||
|
|
|
|||
|
|
@ -45,6 +45,7 @@ import org.compiere.util.KeyNamePair;
|
|||
import org.compiere.util.Msg;
|
||||
import org.compiere.util.Trace;
|
||||
import org.compiere.util.Util;
|
||||
import org.compiere.wf.MWorkflow;
|
||||
|
||||
/**
|
||||
* Role Model.
|
||||
|
|
@ -1650,6 +1651,14 @@ public final class MRole extends X_AD_Role
|
|||
setAccessMap("m_processAccess", mergeAccess(getAccessMap("m_processAccess"), directAccess, true));
|
||||
} // reload
|
||||
Boolean retValue = m_processAccess.get(AD_Process_ID);
|
||||
if (retValue != null && retValue.booleanValue()) {
|
||||
MProcess process = MProcess.get(getCtx(), AD_Process_ID);
|
||||
if (! isAccessLevelCompatible(process.getAccessLevel())) {
|
||||
log.warning("Role " + getName() + " has assigned access incompatible process " + process.getName());
|
||||
m_processAccess.remove(AD_Process_ID);
|
||||
retValue = null;
|
||||
}
|
||||
}
|
||||
return retValue;
|
||||
} // getProcessAccess
|
||||
|
||||
|
|
@ -1730,6 +1739,14 @@ public final class MRole extends X_AD_Role
|
|||
setAccessMap("m_taskAccess", mergeAccess(getAccessMap("m_taskAccess"), directAccess, true));
|
||||
} // reload
|
||||
Boolean retValue = m_taskAccess.get(AD_Task_ID);
|
||||
if (retValue != null && retValue.booleanValue()) {
|
||||
MTask task = new MTask(getCtx(), AD_Task_ID, get_TrxName());
|
||||
if (! isAccessLevelCompatible(task.getAccessLevel())) {
|
||||
log.warning("Role " + getName() + " has assigned access incompatible task " + task.getName());
|
||||
m_taskAccess.remove(AD_Task_ID);
|
||||
retValue = null;
|
||||
}
|
||||
}
|
||||
return retValue;
|
||||
} // getTaskAccess
|
||||
|
||||
|
|
@ -1810,6 +1827,14 @@ public final class MRole extends X_AD_Role
|
|||
setAccessMap("m_formAccess", mergeAccess(getAccessMap("m_formAccess"), directAccess, true));
|
||||
} // reload
|
||||
Boolean retValue = m_formAccess.get(AD_Form_ID);
|
||||
if (retValue != null && retValue.booleanValue()) {
|
||||
MForm form = new MForm(getCtx(), AD_Form_ID, get_TrxName());
|
||||
if (! isAccessLevelCompatible(form.getAccessLevel())) {
|
||||
log.warning("Role " + getName() + " has assigned access incompatible form " + form.getName());
|
||||
m_formAccess.remove(AD_Form_ID);
|
||||
retValue = null;
|
||||
}
|
||||
}
|
||||
return retValue;
|
||||
} // getFormAccess
|
||||
|
||||
|
|
@ -1890,8 +1915,16 @@ public final class MRole extends X_AD_Role
|
|||
setAccessMap("m_workflowAccess", mergeAccess(getAccessMap("m_workflowAccess"), directAccess, true));
|
||||
} // reload
|
||||
Boolean retValue = m_workflowAccess.get(AD_Workflow_ID);
|
||||
if (retValue != null && retValue.booleanValue()) {
|
||||
MWorkflow workflow = MWorkflow.get(getCtx(), AD_Workflow_ID);
|
||||
if (! isAccessLevelCompatible(workflow.getAccessLevel())) {
|
||||
log.warning("Role " + getName() + " has assigned access incompatible workflow " + workflow.getName());
|
||||
m_workflowAccess.remove(AD_Workflow_ID);
|
||||
retValue = null;
|
||||
}
|
||||
}
|
||||
return retValue;
|
||||
} // getTaskAccess
|
||||
} // getWorkflowAccess
|
||||
|
||||
|
||||
/*************************************************************************
|
||||
|
|
@ -3160,6 +3193,16 @@ public final class MRole extends X_AD_Role
|
|||
setAccessMap("m_infoAccess", mergeAccess(getAccessMap("m_infoAccess"), directAccess, true));
|
||||
} // reload
|
||||
Boolean retValue = m_infoAccess.get(AD_InfoWindow_ID);
|
||||
/* Info Window doesn't have AccessLevel
|
||||
if (retValue != null && retValue.booleanValue()) {
|
||||
MInfoWindow infoWindow = new MInfoWindow(getCtx(), AD_InfoWindow_ID, get_TrxName());
|
||||
if (! isAccessLevelCompatible(infoWindow.getAccessLevel())) {
|
||||
log.warning("Role " + getName() + " has assigned access incompatible info window " + infoWindow.getName());
|
||||
m_infoAccess.remove(AD_InfoWindow_ID);
|
||||
retValue = null;
|
||||
}
|
||||
}
|
||||
*/
|
||||
return retValue;
|
||||
}
|
||||
|
||||
|
|
@ -3244,5 +3287,48 @@ public final class MRole extends X_AD_Role
|
|||
whereClause.append(")");
|
||||
return whereClause.toString();
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Verify compatibility of AD_Role.UserLevel vs Access Level
|
||||
* @param accessLevel the access level of the dictionary object
|
||||
* @return true if access and user level are compatible
|
||||
*/
|
||||
private boolean isAccessLevelCompatible(String accessLevel) {
|
||||
boolean access = false;
|
||||
switch (getUserLevel()) {
|
||||
case USERLEVEL_System:
|
||||
switch (accessLevel) {
|
||||
case MProcess.ACCESSLEVEL_SystemOnly:
|
||||
case MProcess.ACCESSLEVEL_SystemPlusClient:
|
||||
case MProcess.ACCESSLEVEL_All:
|
||||
access = true;
|
||||
}
|
||||
case USERLEVEL_Client:
|
||||
switch (accessLevel) {
|
||||
case MProcess.ACCESSLEVEL_ClientOnly:
|
||||
case MProcess.ACCESSLEVEL_ClientPlusOrganization:
|
||||
case MProcess.ACCESSLEVEL_SystemPlusClient:
|
||||
case MProcess.ACCESSLEVEL_All:
|
||||
access = true;
|
||||
}
|
||||
case USERLEVEL_Organization:
|
||||
switch (accessLevel) {
|
||||
case MProcess.ACCESSLEVEL_Organization:
|
||||
case MProcess.ACCESSLEVEL_ClientPlusOrganization:
|
||||
case MProcess.ACCESSLEVEL_All:
|
||||
access = true;
|
||||
}
|
||||
case USERLEVEL_ClientPlusOrganization:
|
||||
switch (accessLevel) {
|
||||
case MProcess.ACCESSLEVEL_Organization:
|
||||
case MProcess.ACCESSLEVEL_ClientOnly:
|
||||
case MProcess.ACCESSLEVEL_ClientPlusOrganization:
|
||||
case MProcess.ACCESSLEVEL_SystemPlusClient:
|
||||
case MProcess.ACCESSLEVEL_All:
|
||||
access = true;
|
||||
}
|
||||
}
|
||||
return access;
|
||||
}
|
||||
|
||||
} // MRole
|
||||
|
|
|
|||
|
|
@ -39,12 +39,12 @@ import org.compiere.util.DisplayType;
|
|||
*/
|
||||
public class MSysConfig extends X_AD_SysConfig
|
||||
{
|
||||
/**
|
||||
/**
|
||||
*
|
||||
*/
|
||||
private static final long serialVersionUID = 8922763368373540965L;
|
||||
private static final long serialVersionUID = -3144528502974306817L;
|
||||
|
||||
public static final String ADDRESS_VALIDATION = "ADDRESS_VALIDATION";
|
||||
public static final String ADDRESS_VALIDATION = "ADDRESS_VALIDATION";
|
||||
public static final String ALERT_SEND_ATTACHMENT_AS_XLS = "ALERT_SEND_ATTACHMENT_AS_XLS";
|
||||
public static final String ALLOCATION_DESCRIPTION = "ALLOCATION_DESCRIPTION";
|
||||
public static final String ALLOW_APPLY_PAYMENT_TO_CREDITMEMO = "ALLOW_APPLY_PAYMENT_TO_CREDITMEMO";
|
||||
|
|
@ -104,6 +104,7 @@ public class MSysConfig extends X_AD_SysConfig
|
|||
public static final String Invoice_ReverseUseNewNumber = "Invoice_ReverseUseNewNumber";
|
||||
public static final String JASPER_SWAP_MAX_PAGES = "JASPER_SWAP_MAX_PAGES";
|
||||
public static final String LASTRUN_RECORD_COUNT = "LASTRUN_RECORD_COUNT";
|
||||
public static final String LDAP_TYPE = "LDAP_TYPE";
|
||||
public static final String LOCATION_MAPS_DESTINATION_ADDRESS = "LOCATION_MAPS_DESTINATION_ADDRESS";
|
||||
public static final String LOCATION_MAPS_ROUTE_PREFIX = "LOCATION_MAPS_ROUTE_PREFIX";
|
||||
public static final String LOCATION_MAPS_SOURCE_ADDRESS = "LOCATION_MAPS_SOURCE_ADDRESS";
|
||||
|
|
|
|||
|
|
@ -33,6 +33,7 @@ import javax.mail.internet.AddressException;
|
|||
import javax.mail.internet.InternetAddress;
|
||||
|
||||
import org.adempiere.exceptions.DBException;
|
||||
import org.codehaus.groovy.classgen.GeneratorContext;
|
||||
import org.compiere.util.CCache;
|
||||
import org.compiere.util.CLogger;
|
||||
import org.compiere.util.DB;
|
||||
|
|
@ -58,7 +59,7 @@ public class MUser extends X_AD_User
|
|||
/**
|
||||
*
|
||||
*/
|
||||
private static final long serialVersionUID = 9027688865361175114L;
|
||||
private static final long serialVersionUID = 7996468236476384128L;
|
||||
|
||||
/**
|
||||
* Get active Users of BPartner
|
||||
|
|
@ -213,7 +214,14 @@ public class MUser extends X_AD_User
|
|||
|
||||
clientsValidated.add(user.getAD_Client_ID());
|
||||
boolean valid = false;
|
||||
if (hash_password) {
|
||||
MSystem system = MSystem.get(Env.getCtx());
|
||||
if (system == null)
|
||||
throw new IllegalStateException("No System Info");
|
||||
|
||||
|
||||
if (system.isLDAP() && ! Util.isEmpty(user.getLDAPUser())) {
|
||||
valid = system.isLDAP(name, password);
|
||||
} else if (hash_password) {
|
||||
valid = user.authenticateHash(password);
|
||||
} else {
|
||||
// password not hashed
|
||||
|
|
@ -768,7 +776,7 @@ public class MUser extends X_AD_User
|
|||
|
||||
/**
|
||||
* Is User an Administrator?
|
||||
* @return true id Admin
|
||||
* @return true if Admin
|
||||
*/
|
||||
public boolean isAdministrator()
|
||||
{
|
||||
|
|
@ -788,6 +796,33 @@ public class MUser extends X_AD_User
|
|||
return m_isAdministrator.booleanValue();
|
||||
} // isAdministrator
|
||||
|
||||
/**
|
||||
* User has access to URL form?
|
||||
* @return true if user has access
|
||||
*/
|
||||
public boolean hasURLFormAccess(String url)
|
||||
{
|
||||
if (Util.isEmpty(url, true)) {
|
||||
return false;
|
||||
}
|
||||
boolean hasAccess = false;
|
||||
int formId = new Query(getCtx(), MForm.Table_Name, "ClassName=?", get_TrxName())
|
||||
.setOnlyActiveRecords(true)
|
||||
.setParameters(url)
|
||||
.firstId();
|
||||
if (formId > 0) {
|
||||
for (MRole role : getRoles(0))
|
||||
{
|
||||
Boolean formAccess = role.getFormAccess(formId);
|
||||
if (formAccess != null && formAccess.booleanValue()) {
|
||||
hasAccess = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
return hasAccess;
|
||||
} // hasURLFormAccess
|
||||
|
||||
/**
|
||||
* Has the user Access to BP info and resources
|
||||
* @param BPAccessType access type
|
||||
|
|
|
|||
|
|
@ -200,6 +200,7 @@ public abstract class PO
|
|||
m_oldValues = new Object[size];
|
||||
m_newValues = new Object[size];
|
||||
m_setErrors = new ValueNamePair[size];
|
||||
m_setErrorsFilled = false;
|
||||
|
||||
if (rs != null)
|
||||
load(rs); // will not have virtual columns
|
||||
|
|
@ -241,6 +242,7 @@ public abstract class PO
|
|||
private Object[] m_newValues = null;
|
||||
/** Errors when setting */
|
||||
private ValueNamePair[] m_setErrors = null;
|
||||
private boolean m_setErrorsFilled = false; // to optimize not traveling the array if no errors
|
||||
|
||||
/** Record_IDs */
|
||||
private Object[] m_IDs = new Object[] {I_ZERO};
|
||||
|
|
@ -780,6 +782,7 @@ public abstract class PO
|
|||
log.log(Level.WARNING, "Virtual Column" + colInfo);
|
||||
log.saveError("VirtualColumn", "Virtual Column" + colInfo);
|
||||
m_setErrors[index] = new ValueNamePair("VirtualColumn", "Virtual Column" + colInfo);
|
||||
m_setErrorsFilled = true;
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
@ -792,6 +795,7 @@ public abstract class PO
|
|||
log.log(Level.WARNING, "Column not updateable" + colInfo);
|
||||
log.saveError("ColumnReadonly", "Column not updateable" + colInfo);
|
||||
m_setErrors[index] = new ValueNamePair("ColumnReadonly", "Column not updateable" + colInfo);
|
||||
m_setErrorsFilled = true;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
@ -800,8 +804,9 @@ public abstract class PO
|
|||
{
|
||||
if (checkWritable && p_info.isColumnMandatory(index))
|
||||
{
|
||||
log.saveError("FillMandatory", ColumnName + " is mandatory.");
|
||||
m_setErrors[index] = new ValueNamePair("FillMandatory", ColumnName + " is mandatory.");
|
||||
log.saveError("FillMandatory", ColumnName);
|
||||
m_setErrors[index] = new ValueNamePair("FillMandatory", ColumnName);
|
||||
m_setErrorsFilled = true;
|
||||
return false;
|
||||
}
|
||||
m_newValues[index] = Null.NULL; // correct
|
||||
|
|
@ -842,6 +847,7 @@ public abstract class PO
|
|||
log.log(Level.SEVERE, errmsg);
|
||||
log.saveError("WrongDataType", errmsg);
|
||||
m_setErrors[index] = new ValueNamePair("WrongDataType", errmsg);
|
||||
m_setErrorsFilled = true;
|
||||
return false;
|
||||
}
|
||||
else
|
||||
|
|
@ -852,6 +858,7 @@ public abstract class PO
|
|||
log.log(Level.SEVERE, errmsg);
|
||||
log.saveError("WrongDataType", errmsg);
|
||||
m_setErrors[index] = new ValueNamePair("WrongDataType", errmsg);
|
||||
m_setErrorsFilled = true;
|
||||
return false;
|
||||
}
|
||||
// Validate (Min/Max)
|
||||
|
|
@ -867,6 +874,7 @@ public abstract class PO
|
|||
log.saveError(error, ColumnName);
|
||||
m_setErrors[index] = new ValueNamePair(error, ColumnName);
|
||||
}
|
||||
m_setErrorsFilled = true;
|
||||
return false;
|
||||
}
|
||||
// Length for String
|
||||
|
|
@ -895,6 +903,7 @@ public abstract class PO
|
|||
+ value + " - Reference_ID=" + p_info.getColumn(index).AD_Reference_Value_ID + validValues.toString();
|
||||
log.saveError("Validate", errmsg);
|
||||
m_setErrors[index] = new ValueNamePair("Validate", errmsg);
|
||||
m_setErrorsFilled = true;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
@ -2024,12 +2033,14 @@ public abstract class PO
|
|||
if (log.isLoggable(Level.FINE)) log.fine("Nothing changed - " + p_info.getTableName());
|
||||
return true;
|
||||
}
|
||||
|
||||
for (int i = 0; i < m_setErrors.length; i++) {
|
||||
ValueNamePair setError = m_setErrors[i];
|
||||
if (setError != null) {
|
||||
log.saveError(setError.getValue(), Msg.getElement(getCtx(), p_info.getColumnName(i)) + " - " + setError.getName());
|
||||
return false;
|
||||
|
||||
if (m_setErrorsFilled) {
|
||||
for (int i = 0; i < m_setErrors.length; i++) {
|
||||
ValueNamePair setError = m_setErrors[i];
|
||||
if (setError != null) {
|
||||
log.saveError(setError.getValue(), Msg.getElement(getCtx(), p_info.getColumnName(i)) + " - " + setError.getName());
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -266,12 +266,10 @@ public class Login
|
|||
if (system.isLDAP())
|
||||
{
|
||||
authenticated = system.isLDAP(app_user, app_pwd);
|
||||
if (authenticated){
|
||||
if (authenticated) {
|
||||
app_pwd = null;
|
||||
authenticated=true;
|
||||
}
|
||||
|
||||
// if not authenticated, use AD_User as backup
|
||||
// if not authenticated, use AD_User as backup - just for non-LDAP users
|
||||
}
|
||||
|
||||
boolean hash_password=MSysConfig.getBooleanValue(MSysConfig.USER_PASSWORD_HASH, false);
|
||||
|
|
@ -304,9 +302,11 @@ public class Login
|
|||
// always do calculation to confuse timing based attacks
|
||||
if ( user == null )
|
||||
user = MUser.get(m_ctx, 0);
|
||||
if ( user.authenticateHash(app_pwd) )
|
||||
{
|
||||
authenticated = true;
|
||||
if (!system.isLDAP() || Util.isEmpty(user.getLDAPUser())) {
|
||||
if ( user.authenticateHash(app_pwd) )
|
||||
{
|
||||
authenticated = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
else{
|
||||
|
|
@ -324,10 +324,11 @@ public class Login
|
|||
|
||||
while(rs1.next()){
|
||||
MUser user = new MUser(m_ctx, rs1.getInt(1), null);
|
||||
if (user.getPassword() != null && user.getPassword().equals(app_pwd)) {
|
||||
authenticated=true;
|
||||
if (!system.isLDAP() || Util.isEmpty(user.getLDAPUser())) {
|
||||
if (user.getPassword() != null && user.getPassword().equals(app_pwd)) {
|
||||
authenticated=true;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}catch (Exception ex) {
|
||||
|
|
@ -1277,8 +1278,11 @@ public class Login
|
|||
|
||||
if (system.isLDAP())
|
||||
{
|
||||
authenticated = system.isLDAP(app_user, app_pwd);
|
||||
// if not authenticated, use AD_User as backup
|
||||
authenticated = system.isLDAP(app_user, app_pwd);
|
||||
if (authenticated) {
|
||||
app_pwd = null;
|
||||
}
|
||||
// if not authenticated, use AD_User as backup (just for non-LDAP users)
|
||||
}
|
||||
|
||||
boolean hash_password = MSysConfig.getBooleanValue(MSysConfig.USER_PASSWORD_HASH, false);
|
||||
|
|
@ -1369,16 +1373,20 @@ public class Login
|
|||
clientsValidated.add(user.getAD_Client_ID());
|
||||
boolean valid = false;
|
||||
// authenticated by ldap
|
||||
if (authenticated){
|
||||
if (authenticated) {
|
||||
valid = true;
|
||||
} else if (hash_password) {
|
||||
valid = user.authenticateHash(app_pwd);
|
||||
} else {
|
||||
// password not hashed
|
||||
valid = user.getPassword() != null && user.getPassword().equals(app_pwd);
|
||||
}
|
||||
if (!system.isLDAP() || Util.isEmpty(user.getLDAPUser())) {
|
||||
if (hash_password) {
|
||||
valid = user.authenticateHash(app_pwd);
|
||||
} else {
|
||||
// password not hashed
|
||||
valid = user.getPassword() != null && user.getPassword().equals(app_pwd);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (valid ) {
|
||||
if (valid ) {
|
||||
if (user.isLocked())
|
||||
{
|
||||
validButLocked = true;
|
||||
|
|
|
|||
|
|
@ -150,9 +150,9 @@ public class AdempiereMonitorFilter implements Filter
|
|||
log.warning ("User not found: '" + name);
|
||||
return false;
|
||||
}
|
||||
if (!user.isAdministrator())
|
||||
if (!user.isAdministrator() && !user.hasURLFormAccess("/idempiereMonitor"))
|
||||
{
|
||||
log.warning ("Not a Sys Admin = " + name);
|
||||
log.warning ("User doesn't have access to /idempiereMonitor = " + name);
|
||||
return false;
|
||||
}
|
||||
if (log.isLoggable(Level.INFO)) log.info ("Name=" + name);
|
||||
|
|
|
|||
|
|
@ -27,6 +27,7 @@ import org.adempiere.webui.component.Label;
|
|||
import org.adempiere.webui.component.ListHead;
|
||||
import org.adempiere.webui.component.ListHeader;
|
||||
import org.adempiere.webui.component.Listbox;
|
||||
import org.adempiere.webui.util.ZKUpdateUtil;
|
||||
import org.compiere.model.GridField;
|
||||
import org.compiere.model.GridTab;
|
||||
import org.compiere.model.GridTable;
|
||||
|
|
@ -37,10 +38,9 @@ import org.compiere.util.Msg;
|
|||
import org.zkoss.zk.ui.event.Event;
|
||||
import org.zkoss.zk.ui.event.EventListener;
|
||||
import org.zkoss.zk.ui.event.Events;
|
||||
import org.zkoss.zul.Borderlayout;
|
||||
import org.zkoss.zul.Center;
|
||||
import org.zkoss.zul.Box;
|
||||
import org.zkoss.zul.ListModel;
|
||||
import org.zkoss.zul.South;
|
||||
import org.zkoss.zul.Vlayout;
|
||||
import org.zkoss.zul.ext.Selectable;
|
||||
|
||||
/**
|
||||
|
|
@ -48,7 +48,7 @@ import org.zkoss.zul.ext.Selectable;
|
|||
* @author Low Heng Sin
|
||||
*
|
||||
*/
|
||||
public class GridTabSelectionListView extends Borderlayout
|
||||
public class GridTabSelectionListView extends Vlayout
|
||||
{
|
||||
/**
|
||||
*
|
||||
|
|
@ -78,7 +78,7 @@ public class GridTabSelectionListView extends Borderlayout
|
|||
|
||||
private GridTabSelectionListViewRenderer renderer;
|
||||
|
||||
private South south;
|
||||
private Box labelBox;
|
||||
|
||||
private Map<Integer, String> columnWidthMap;
|
||||
|
||||
|
|
@ -98,8 +98,8 @@ public class GridTabSelectionListView extends Borderlayout
|
|||
listbox = new Listbox();
|
||||
listbox.setCheckmark(true);
|
||||
listbox.setMultiple(multiple);
|
||||
south = new South();
|
||||
this.appendChild(south);
|
||||
labelBox = new Box();
|
||||
this.appendChild(labelBox);
|
||||
|
||||
//default paging size
|
||||
pageSize = MSysConfig.getIntValue(MSysConfig.ZK_PAGING_SIZE, 100);
|
||||
|
|
@ -269,18 +269,20 @@ public class GridTabSelectionListView extends Borderlayout
|
|||
private void render()
|
||||
{
|
||||
listbox.setStyle("min-height: 200px");
|
||||
listbox.setVflex(true);
|
||||
listbox.setHflex("1");
|
||||
ZKUpdateUtil.setVflex(listbox, "1");
|
||||
ZKUpdateUtil.setHflex(listbox, "1");
|
||||
listbox.setSizedByContent(true);
|
||||
|
||||
updateModel();
|
||||
|
||||
Center center = new Center();
|
||||
center.appendChild(listbox);
|
||||
this.appendChild(center);
|
||||
Box listboxbox = new Box();
|
||||
listboxbox.appendChild(listbox);
|
||||
ZKUpdateUtil.setVflex(listboxbox, "1");
|
||||
ZKUpdateUtil.setHflex(listboxbox, "1");
|
||||
this.appendChild(listboxbox);
|
||||
|
||||
selectedLabel = new Label(Msg.getMsg(Env.getCtx(), "Selected") + " : 0");
|
||||
south.appendChild(selectedLabel);
|
||||
labelBox.appendChild(selectedLabel);
|
||||
}
|
||||
|
||||
private void updateModel() {
|
||||
|
|
|
|||
|
|
@ -285,7 +285,7 @@ public class PaymentServlet extends HttpServlet
|
|||
//
|
||||
// Added adempiereException by zuhri
|
||||
if(!payment.processIt(DocAction.ACTION_Complete))
|
||||
throw new AdempiereException("Failed when processing document - " + payment.getProcessMsg());
|
||||
throw new AdempiereException(Msg.getMsg(ctx, "FailedProcessingDocument") + " - " + payment.getProcessMsg());
|
||||
// end added by zuhri
|
||||
payment.saveEx();
|
||||
sendThanksEMail (request, ctx, payment, wu, wo);
|
||||
|
|
|
|||
|
|
@ -30,9 +30,9 @@ public class SecurityProviderImpl implements WebConsoleSecurityProvider {
|
|||
log.warning ("User not found: '" + username);
|
||||
return null;
|
||||
}
|
||||
if (!user.isAdministrator())
|
||||
if (!user.isAdministrator() && !user.hasURLFormAccess("/osgi/system/console"))
|
||||
{
|
||||
log.warning ("Not a Sys Admin = " + username);
|
||||
log.warning ("User doesn't have access to /osgi/system/console = " + username);
|
||||
return null;
|
||||
}
|
||||
if (log.isLoggable(Level.INFO)) log.info ("Name=" + username);
|
||||
|
|
|
|||
Loading…
Reference in New Issue