details: https://code.openbravo.com/erp/devel/pi/rev/13211c4cc0a0
changeset: 27561:13211c4cc0a0
user: Víctor Martínez Romanos <victor.martinez <at> openbravo.com>
date: Thu Sep 10 11:39:20 2015 +0200
summary: Fixed bug 30735: SL_ProductPrice_PriceListVersion is back with
improvements
The SL_ProductPrice_PriceListVersion callout has been associated again to the
Price List Version column.
This callout sets the Product Price's Organization equal to the Price List
Version's Organization only in the case the current role has write access to
the PLV's Organization.
Besides, this callout has been improved:
+ Run in admin mode
+ The validation to know whether it was a valid organization was wrong, because
the indexOf() may also return 0 when a record is found. Besides using indexOf()
to run this validation could be wrong when the Price List version is defined
for * organization (since any of the organization's UUID in the role might
contain a 0).
So this validation has been completely rewritten using StringTokenizer.
+ Finally, in case the role is defined for Client or Client+Organization user
level, we force to include * in the list of valid organizations.
diffstat:
src-db/database/sourcedata/AD_COLUMN.xml
| 1 +
src/org/openbravo/erpCommon/ad_callouts/SL_ProductPrice_PriceListVersion.java
| 51 ++++++---
2 files changed, 36 insertions(+), 16 deletions(-)
diffs (93 lines):
diff -r 36616fa1a496 -r 13211c4cc0a0 src-db/database/sourcedata/AD_COLUMN.xml
--- a/src-db/database/sourcedata/AD_COLUMN.xml Wed Sep 09 21:09:32 2015 +0000
+++ b/src-db/database/sourcedata/AD_COLUMN.xml Thu Sep 10 11:39:20 2015 +0200
@@ -40713,6 +40713,7 @@
<!--2760--> <ISSESSIONATTR><![CDATA[N]]></ISSESSIONATTR>
<!--2760--> <ISSECONDARYKEY><![CDATA[N]]></ISSECONDARYKEY>
<!--2760--> <ISDESENCRYPTABLE><![CDATA[N]]></ISDESENCRYPTABLE>
+<!--2760-->
<AD_CALLOUT_ID><![CDATA[EC19112DD95B4BEABFF032BBD9F10821]]></AD_CALLOUT_ID>
<!--2760--> <DEVELOPMENTSTATUS><![CDATA[RE]]></DEVELOPMENTSTATUS>
<!--2760--> <AD_MODULE_ID><![CDATA[0]]></AD_MODULE_ID>
<!--2760--> <POSITION><![CDATA[2]]></POSITION>
diff -r 36616fa1a496 -r 13211c4cc0a0
src/org/openbravo/erpCommon/ad_callouts/SL_ProductPrice_PriceListVersion.java
---
a/src/org/openbravo/erpCommon/ad_callouts/SL_ProductPrice_PriceListVersion.java
Wed Sep 09 21:09:32 2015 +0000
+++
b/src/org/openbravo/erpCommon/ad_callouts/SL_ProductPrice_PriceListVersion.java
Thu Sep 10 11:39:20 2015 +0200
@@ -20,20 +20,22 @@
import java.io.IOException;
import java.io.PrintWriter;
+import java.util.StringTokenizer;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.lang.StringUtils;
import org.openbravo.base.secureApp.HttpSecureAppServlet;
import org.openbravo.base.secureApp.VariablesSecureApp;
+import org.openbravo.dal.core.OBContext;
import org.openbravo.dal.service.OBDal;
import org.openbravo.model.ad.access.Role;
import org.openbravo.model.pricing.pricelist.PriceListVersion;
import org.openbravo.xmlEngine.XmlDocument;
-@Deprecated
public class SL_ProductPrice_PriceListVersion extends HttpSecureAppServlet {
private static final long serialVersionUID = 1L;
@@ -59,22 +61,39 @@
XmlDocument xmlDocument = xmlEngine.readXmlTemplate(
"org/openbravo/erpCommon/ad_callouts/CallOut").createXmlDocument();
- StringBuilder resultado = new StringBuilder();
- boolean hasAccessTo = false;
+ try {
+ OBContext.setAdminMode();
+ StringBuilder resultado = new StringBuilder();
+ boolean hasAccessTo = false;
- PriceListVersion plv = OBDal.getInstance().get(PriceListVersion.class,
strPriceListV);
- Role role = OBDal.getInstance().get(Role.class, vars.getRole());
- hasAccessTo =
role.getOrganizationList().indexOf(plv.getOrganization().getId()) > 0;
+ // If the role has access to the Price List Version Organization, we set
this organization to
+ // the record.
+ PriceListVersion plv = OBDal.getInstance().get(PriceListVersion.class,
strPriceListV);
+ final String plvOrgId = plv.getOrganization().getId();
+ Role role = OBDal.getInstance().get(Role.class, vars.getRole());
+ String roleOrgListStr = role.getOrganizationList();
+ if (StringUtils.contains(role.getUserLevel(), "C")) {
+ // If the role is for Client or Client + Organization, we add *
organization to the list
+ roleOrgListStr = roleOrgListStr + ",0";
+ }
+ StringTokenizer roleOrgList = new StringTokenizer(
+ StringUtils.deleteWhitespace(roleOrgListStr), ",");
+ while (!hasAccessTo && roleOrgList.hasMoreTokens()) {
+ hasAccessTo = StringUtils.equals(roleOrgList.nextToken(), plvOrgId);
+ }
- resultado.append("var
calloutName='SL_ProductPrice_PriceListVersion';\n\n");
- resultado.append("var respuesta = new Array(");
- resultado.append("new Array(\"inpadOrgId\", \""
- + ((hasAccessTo) ? plv.getOrganization().getId() : strOrg) + "\"));");
- xmlDocument.setParameter("array", resultado.toString());
- xmlDocument.setParameter("frameName", "appFrame");
- response.setContentType("text/html; charset=UTF-8");
- PrintWriter out = response.getWriter();
- out.println(xmlDocument.print());
- out.close();
+ resultado.append("var
calloutName='SL_ProductPrice_PriceListVersion';\n\n");
+ resultado.append("var respuesta = new Array(");
+ resultado.append("new Array(\"inpadOrgId\", \"" + ((hasAccessTo) ?
plvOrgId : strOrg)
+ + "\"));");
+ xmlDocument.setParameter("array", resultado.toString());
+ xmlDocument.setParameter("frameName", "appFrame");
+ response.setContentType("text/html; charset=UTF-8");
+ PrintWriter out = response.getWriter();
+ out.println(xmlDocument.print());
+ out.close();
+ } finally {
+ OBContext.restorePreviousMode();
+ }
}
}
------------------------------------------------------------------------------
Monitor Your Dynamic Infrastructure at Any Scale With Datadog!
Get real-time metrics from all of your servers, apps and tools
in one place.
SourceForge users - Click here to start your Free Trial of Datadog now!
http://pubads.g.doubleclick.net/gampad/clk?id=241902991&iu=/4140
_______________________________________________
Openbravo-commits mailing list
Openbravo-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openbravo-commits
