Openbravo.com
Wiki
Planet
Log in / create account
View source | Discuss page | Page history | Printable version   
Community Hurdle Assessment
ADVERTISEMENT
Accounting eLearning Courses
PDF Tools
Add page
Print collection (0 pages)
Collections help
Partnerships
SourceForge.net Logo
Openbravo ERP at SourceForge

SourceForge.net Logo
Openbravo POS at SourceForge

Open Solution Alliance Logo
Openbravo at Open Solutions Alliance

How to migrate code 2.4x

Introduction

Openbravo 2.4x introduces changes in:

Security

Up to r2.3x access control was managed by the following org.openbravo.erpCommon.utility.Utility methods:

One of these methods should be invoked from every servlet to check whether the current role had access.

From r2.4x (current trunk version) these methods have been removed. The access check is now performed by org.openbravo.base.secureApp.HttpSecureAppServlet class, which is the common superclass for all the servlets.

As result of this it is necessary to remove this check from all the manual code. Pieces of code like this must be removed: 

if (!Utility.hasProcessAccess(this, vars, "", "MyProcess")) {
     bdError(response, "AccessTableNoView", vars.getLanguage());
     return;
   }

Access Level

Up to 2.3x there was a bug and access level was not used in manual windows, so if the role had access to the object it could be shown whatever the access level was. The current security model performs this check.

This might cause that manual windows that had access, now are not accessible. In this case level access should be reviewed.

Retrieved from "http://wiki.openbravo.com/wiki/How_to_migrate_code_2.4x"

This page has been accessed 1,741 times. This page was last modified 12:44, 29 October 2008. Content is available under Creative Commons Attribution-ShareAlike 2.5 Spain License.


Category: Development