[OpenbravoERP-commits] devel/pi: related to issue 29683: check client/org in web servic...

Fri, 27 Nov 2015 01:51:07 -0800 

details:   https://code.openbravo.com/erp/devel/pi/rev/90a660b52e07
changeset: 28061:90a660b52e07
user:      Carlos Aristu <carlos.aristu <at> openbravo.com>
date:      Fri Nov 27 10:48:02 2015 +0100
summary:   related to issue 29683: check client/org in web services when 
requesting by id

diffstat:

 
modules/org.openbravo.service.json/src/org/openbravo/service/json/DefaultJsonDataService.java
 |  6 +++++-
 src/org/openbravo/service/rest/DalWebService.java                              
               |  6 +++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diffs (46 lines):

diff -r 3ed255ed467c -r 90a660b52e07 
modules/org.openbravo.service.json/src/org/openbravo/service/json/DefaultJsonDataService.java
--- 
a/modules/org.openbravo.service.json/src/org/openbravo/service/json/DefaultJsonDataService.java
     Fri Nov 27 09:42:38 2015 +0100
+++ 
b/modules/org.openbravo.service.json/src/org/openbravo/service/json/DefaultJsonDataService.java
     Fri Nov 27 10:48:02 2015 +0100
@@ -45,6 +45,7 @@
 import org.openbravo.dal.core.DalUtil;
 import org.openbravo.dal.core.OBContext;
 import org.openbravo.dal.service.OBDal;
+import org.openbravo.dal.service.OBQuery;
 import org.openbravo.database.SessionInfo;
 import org.openbravo.erpCommon.utility.OBMessageUtils;
 import org.openbravo.service.db.DbUtility;
@@ -131,7 +132,10 @@
       // if the id is set that's a special case of one object being requested
       if (id != null) {
         bobs = new ArrayList<BaseOBObject>();
-        final BaseOBObject bob = OBDal.getInstance().get(entityName, id);
+        final OBQuery<BaseOBObject> obq = 
OBDal.getInstance().createQuery(entityName,
+            JsonConstants.ID + " = '" + id + "'");
+        obq.setMaxResult(1);
+        final BaseOBObject bob = obq.uniqueResult();
         if (bob != null) {
           bobs.add(bob);
         }
diff -r 3ed255ed467c -r 90a660b52e07 
src/org/openbravo/service/rest/DalWebService.java
--- a/src/org/openbravo/service/rest/DalWebService.java Fri Nov 27 09:42:38 
2015 +0100
+++ b/src/org/openbravo/service/rest/DalWebService.java Fri Nov 27 10:48:02 
2015 +0100
@@ -80,6 +80,7 @@
   // Parameter to specify the list of properties to be returned
   public static final String PARAMETER_PROPERTIES = "_selectedProperties";
   public static final String PARAMETER_NO_ACTIVE_FILTER = "_noActiveFilter";
+  private static final String ID = "id";
 
   /**
    * Performs the GET REST operation. This service handles multiple types of 
request: the request
@@ -229,7 +230,10 @@
           }
         }
       } else {
-        final BaseOBObject result = OBDal.getInstance().get(entityName, id);
+        final OBQuery<BaseOBObject> obq = 
OBDal.getInstance().createQuery(entityName,
+            ID + " = '" + id + "'");
+        obq.setMaxResult(1);
+        final BaseOBObject result = obq.uniqueResult();
 
         if (result == null) {
           throw new ResourceNotFoundException("No resource found for entity " 
+ entityName

------------------------------------------------------------------------------
_______________________________________________
Openbravo-commits mailing list
Openbravo-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openbravo-commits

Reply via email to