CommunicationEventScreens.xml

jleroux Sun, 19 Oct 2014 14:31:55 -0700

Author: jleroux
Date: Sun Oct 19 21:31:14 2014
New Revision: 1632998

URL: http://svn.apache.org/r1632998
Log:
"Applied fix from trunk for revision: 1632745 " 
------------------------------------------------------------------------
r1632745 | ashish | 2014-10-18 11:17:05 +0200 (sam. 18 oct. 2014) | 14 lignes


Applied patch from jira issue - OFBIZ-5824 - Error in communication screen 
while perfom sorting.
=========================================================================
In partymgr contrller.xml, we have view request named "ViewCommunicationEvent", 
and this request call an service event, due to this when we try to perform 
sorting on Child Communication Events, Customer Request List or any other 
screen over Communication screen then it will thorw following exception:

org.ofbiz.webapp.event.EventHandlerException: Found URL parameter 
[communicationEventId] passed to secure (https) request-map with uri 
[ViewCommunicationEvent] with an event that calls service 
[setCommEventRoleToRead]; this is not allowed for security reasons! The data 
should be encrypted by making it part of the request body (a form field) 
instead of the request URL. Moreover it would be kind if you could create a 
Jira sub-task of https://issues.apache.org/jira/browse/OFBIZ-2330 (check before 
if a sub-task for this error does not exist). If you are not sure how to create 
a Jira issue please have a look before at 
http://cwiki.apache.org/confluence/x/JIB2 Thank you in advance for your help.
 

Also due to this service event call on view request entry we can't open the 
communication events in new tab. Ideally this service should be call in screen 
context instead view request.

=====================================

Thanks Deepak for reporting the issue and providing the patch for the same. 


------------------------------------------------------------------------


Modified:
    ofbiz/branches/release12.04/   (props changed)
    
ofbiz/branches/release12.04/applications/party/webapp/partymgr/WEB-INF/controller.xml
    
ofbiz/branches/release12.04/applications/party/widget/partymgr/CommunicationEventScreens.xml

Propchange: ofbiz/branches/release12.04/
------------------------------------------------------------------------------
  Merged /ofbiz/trunk:r1632745

Modified: 
ofbiz/branches/release12.04/applications/party/webapp/partymgr/WEB-INF/controller.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/branches/release12.04/applications/party/webapp/partymgr/WEB-INF/controller.xml?rev=1632998&r1=1632997&r2=1632998&view=diff
==============================================================================
--- 
ofbiz/branches/release12.04/applications/party/webapp/partymgr/WEB-INF/controller.xml
 (original)
+++ 
ofbiz/branches/release12.04/applications/party/webapp/partymgr/WEB-INF/controller.xml
 Sun Oct 19 21:31:14 2014
@@ -637,11 +637,6 @@ under the License.
     </request-map>
     <request-map uri="ViewCommunicationEvent">
         <security https="true" auth="true"/>
-        <event type="service" invoke="setCommEventRoleToRead"/>
-        <response name="success" type="view" value="ViewCommunicationEvent"/>
-    </request-map>
-    <request-map uri="viewCommunicationEvent">
-        <security https="true" auth="true"/>
         <response name="success" type="view" value="ViewCommunicationEvent"/>
     </request-map>
     <request-map uri="uploadAttachFiletoEmail">

Modified: 
ofbiz/branches/release12.04/applications/party/widget/partymgr/CommunicationEventScreens.xml
URL: 
http://svn.apache.org/viewvc/ofbiz/branches/release12.04/applications/party/widget/partymgr/CommunicationEventScreens.xml?rev=1632998&r1=1632997&r2=1632998&view=diff
==============================================================================
--- 
ofbiz/branches/release12.04/applications/party/widget/partymgr/CommunicationEventScreens.xml
 (original)
+++ 
ofbiz/branches/release12.04/applications/party/widget/partymgr/CommunicationEventScreens.xml
 Sun Oct 19 21:31:14 2014
@@ -380,6 +380,7 @@ under the License.
                 <set field="titleProperty" value="PageTitleViewCommunication"/>
                 <set field="tabButtonItem" value="OverView"/>
                 <set field="parentCommEventId" 
from-field="parameters.parentCommEventId"/>
+                <service service-name="setCommEventRoleToRead"></service>
                 <entity-one entity-name="CommunicationEvent" 
value-field="communicationEvent"/>
                 <set field="partyIdFrom" from-field="parameters.partyId" 
default-value="${userLogin.partyId}"/>
             </actions>

svn commit: r1632998 - in /ofbiz/branches/release12.04: ./ applications/party/webapp/partymgr/WEB-INF/controller.xml applications/party/widget/partymgr/CommunicationEventScreens.xml

Reply via email to