You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by da...@apache.org on 2023/01/10 10:15:36 UTC
[ofbiz-framework] branch release22.01 updated: Fixed: Permission check when creating a Product Facility (OFBIZ-12739)
This is an automated email from the ASF dual-hosted git repository.
danwatford pushed a commit to branch release22.01
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
The following commit(s) were added to refs/heads/release22.01 by this push:
new 372d9fca2c Fixed: Permission check when creating a Product Facility (OFBIZ-12739)
372d9fca2c is described below
commit 372d9fca2ce14ddbd93d8642cada96959f334d92
Author: Daniel Watford <da...@watfordconsulting.com>
AuthorDate: Tue Jan 10 10:13:48 2023 +0000
Fixed: Permission check when creating a Product Facility (OFBIZ-12739)
Typo in the action being checked when creating a product facility
prevented users with the FACILITY_CREATE permission, but not the
CATALOG_CREATE permission, from creating Product Facilities.
---
.../product/groovyScripts/product/product/ProductServices.groovy | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/applications/product/groovyScripts/product/product/ProductServices.groovy b/applications/product/groovyScripts/product/product/ProductServices.groovy
index afbeb18096..eef0cd8a8a 100644
--- a/applications/product/groovyScripts/product/product/ProductServices.groovy
+++ b/applications/product/groovyScripts/product/product/ProductServices.groovy
@@ -552,7 +552,7 @@ def checkProductRelatedPermission(String callingMethodName, String checkAction)
if (!(security.hasEntityPermission("CATALOG", "_${checkAction}", parameters.userLogin)
|| (roleCategories && security.hasEntityPermission("CATALOG_ROLE", "_${checkAction}", parameters.userLogin))
|| (parameters.alternatePermissionRoot &&
- security.hasEntityPermission(parameters.alternatePermissionRoot, checkAction, parameters.userLogin)))) {
+ security.hasEntityPermission(parameters.alternatePermissionRoot, "_${checkAction}", parameters.userLogin)))) {
String checkActionLabel = "ProductCatalog${checkAction.charAt(0)}${checkAction.substring(1).toLowerCase()}PermissionError"
return error(UtilProperties.getMessage("ProductUiLabels", checkActionLabel,
[resourceDescription: callingMethodName, mainAction: checkAction], parameters.locale))