Re: public rest API

Hi Girish, i did a quit check using flutter test this morning and it looks like it is working fine. for people interested in using flutter(http://flutter.dev) with ofbiz:     the test: https://github.com/growerp/growerp/blob/master/test/services/ofbiz_testManual.dart     if you want to run

Re: OFBiz as OMS

Hello, We just finished our first discussion on OFBiz as Open Source OMS. Thank you to all the participants joining in. The video is now published on the OFBiz Youtube Channel. Here is the link: https://youtu.be/37E777O7050 This will be a series of videos where we will be discussing this topic.

Re: Welcome Swapnil Shah as new PMC member!!

Congratulations Swapnil! Best regards, Pranay Pandey On Sat, Sep 26, 2020 at 7:10 PM Swapnil Shah wrote: > Thank you everyone for your continuous support and kind wishes. > > Thanks, > Swapnil > > > -Original Message- > > From: Ashish Vijaywargiya > > Sent: 18 September 2020 12:56 > >

Re: [PROPOSAL] Separate login service for API calls

+1 Jacques Le 26/09/2020 à 13:56, Deepak Dixit a écrit : Hi Girish, I think it's a good idea to use a separate login method for REST to avoid sessions. We have *userLogin* service that do the login related work, so we can have separate wrapper method for REST like LoginWorker.login() Kind

RE: Welcome Swapnil Shah as new PMC member!!

Thank you everyone for your continuous support and kind wishes. Thanks, Swapnil > -Original Message- > From: Ashish Vijaywargiya > Sent: 18 September 2020 12:56 > To: dev@ofbiz.apache.org > Subject: Welcome Swapnil Shah as new PMC member!! > > The OFBiz PMC has invited Swapnil Shah to

Re: [PROPOSAL] Separate login service for API calls

You're right Jacques. SameState=None exposes CSRF. Thanks for pointing that out. On Sat, Sep 26, 2020 at 10:34 AM Jacques Le Roux < jacques.le.r...@les7arts.com> wrote: > Thanks Gavin, > > I'd just note that in this case your are not protected from CSRF. > Fortunately the REST effort is only in

Re: Welcome Mridul Pathak as new PMC member!!

Many many congrats Mridul Thanks & Regards — Deepak Dixit On Sat, 26 Sep 2020 at 6:09 PM, Pranay Pandey < pranay.pan...@hotwaxsystems.com> wrote: > Many congratulations Mridul! > > > > Best regards, > > Pranay Pandey > > > > > > On Fri, Sep 18, 2020 at 12:55 PM Ashish Vijaywargiya > >

Re: Welcome Mridul Pathak as new PMC member!!

Many congratulations Mridul! Best regards, Pranay Pandey On Fri, Sep 18, 2020 at 12:55 PM Ashish Vijaywargiya wrote: > The OFBiz PMC has invited Mridul Pathak to become a member of the committee > and we are glad to announce that he has accepted the nomination. > > On behalf of the OFBiz PMC,

RE: Welcome Mridul Pathak as new PMC member!!

Many congratulations Mridul !! Thanks, Swapnil > -Original Message- > From: Ashish Vijaywargiya > Sent: 18 September 2020 12:55 > To: dev@ofbiz.apache.org > Subject: Welcome Mridul Pathak as new PMC member!! > > The OFBiz PMC has invited Mridul Pathak to become a member of the >

Re: OFBiz as Open Source Order Management System

Hello Pranay, Thanks for bringing this up. I totally agree with the point that you have mentioned in the mail and Wiki. The arena indeed has changed and specialization is the key. In most cases, established brands already have legacy software and if we want them to consider OFBiz as their OMS

Re: [PROPOSAL] Separate login service for API calls

Hi Girish, I think it's a good idea to use a separate login method for REST to avoid sessions. We have *userLogin* service that do the login related work, so we can have separate wrapper method for REST like LoginWorker.login() Kind Regards, Deepak Dixit On Sat, Sep 26, 2020 at 2:54 PM

Re: public rest API

Hi Girish, I have gone through the implementation and tested it on API client with HTTP bearer token authentication and worked for me for both auth= true/false (bypass authorization). Kind Regards, Chandan Khandelwal On Sat, Sep 26, 2020 at 2:35 PM Girish Vasmatkar <

UPDATE: OFBiz code linting issues

Hello team, Sometimes back, we introduced sonar and checkstyle linting tools integrated with OFBiz. We as a community are serious not only about features being introduced in OFBiz but also code quality being added in the repo. So we started correcting issues identified by the linting tool

Re: [PROPOSAL] Separate login service for API calls

Hello I am not sure if we can talk about sessions when we're talking about REST. The REST implementation is mapping Resources with OFBiz services and the services are executing in a context using "userLogin" and that is all the REST implementation is doing. Extracting userLogin from token and

Re: public rest API

Hello Hans With the latest commi1361c3c on trunk, the system now honours the "auth" attribute defined on service and accordingly bypasses authorization for such services. Best, Girish On Thu, Sep 10, 2020

Encoding issues with product names

Hello All, Recently working for a client I encountered a weird issue related to special characters encodings. We have product names containing special characters like ' (apostrophes). When we create orders for it, an encoded value for it is stored in OrderItem.itemDescription. The same encoded

Re: [PROPOSAL] Separate login service for API calls

Thanks Gavin, I'd just note that in this case your are not protected from CSRF. Fortunately the REST effort is only in trunk. And, as explained in security.properties, in trunk we can use org.apache.ofbiz.security.CsrfDefenseStrategy in such case. Jacques Le 26/09/2020 à 07:38, Gavin Mabie a

Re: varchar(255) in fieldtypepostgres.xml

Hi All, d...@dlsemc.com has suggested a good solution at OFBIZ-12021. I'll apply it in a week if nobody is against. Thanks Jacques Le 10/08/2020 à 20:30, Development a écrit : In /framework/entity/fieldtype/fieldtypepostgres.xml I saw some lines like: In postgres, using