You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by jl...@apache.org on 2016/03/17 11:11:03 UTC
svn commit: r1735390 - in /ofbiz/branches/release12.04: ./
applications/accounting/script/org/ofbiz/accounting/payment/PaymentMapProcs.xml
applications/accounting/script/org/ofbiz/accounting/payment/PaymentMethodEvents.xml
Author: jleroux
Date: Thu Mar 17 10:11:03 2016
New Revision: 1735390
URL: http://svn.apache.org/viewvc?rev=1735390&view=rev
Log:
"Applied fix from trunk for revision: 1735385 "
------------------------------------------------------------------------
r1735385 | jleroux | 2016-03-17 11:09:53 +0100 (jeu. 17 mars 2016) | 10 lignes
Fixes "Credit card details cannot be updated" - https://issues.apache.org/jira/browse/OFBIZ-6920
It seems after OFBIZ-3956, credit card details can no longer be updated, for example, if one wishes to update the expiry date of a credit card
results in following "The Following Errors Occurred: Card Number is erroneous".
This issue can be replicated here - https://demo-trunk-ofbiz.apache.org/partymgr/control/editcreditcard?paymentMethodId=9015&partyId=DemoCustomer
jleroux: The problem was because we are calling createCreditCard map proc from updateCreditCard service after calling updateCreditCard map proc. And when we update the data we don't see the real card number but something like "************1111"
I simply copied the needed check from createCreditCard map proc into updateCreditCard map proc but not the isAnyCard call of course. Then it will work, but if the user changes also the card number. If she does it will need to be right, because it will not be checked! I can't see any other ways because we can't use a hidden field with the real card number in, it would be insecure. We could introduce a specific encryption/decryption but it seems a bit too much. Notably because the only reason of changing a card number while this card is still valid would be because the number have been wrongly entered. Then better to delete and create a new one, those data are a bit sensible...
------------------------------------------------------------------------
�
Modified:
ofbiz/branches/release12.04/ (props changed)
ofbiz/branches/release12.04/applications/accounting/script/org/ofbiz/accounting/payment/PaymentMapProcs.xml
ofbiz/branches/release12.04/applications/accounting/script/org/ofbiz/accounting/payment/PaymentMethodEvents.xml
Propchange: ofbiz/branches/release12.04/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Thu Mar 17 10:11:03 2016
@@ -4,4 +4,4 @@
/ofbiz/branches/jquery:952958-1044489
/ofbiz/branches/multitenant20100310:921280-927264
/ofbiz/branches/release13.07:1668198,1668272,1668283
-/ofbiz/trunk:1332097,1333439,1333885,1334201,1334336,1334483,1335047,1335343,1335347,1335351,1335946,1336921,1337046,1337057-1337059,1337202,1337502,1337524,1337644,1337789,1337800,1338065,1338101,1338224,1338570,1338591,1338700,1338831,1338845,1338974,1339081,1339122,1340273,1340352,1340357,1340400,1340405,1340415,1340657,1340661,1340774,1340821,1340826,1340943,1341314,1341399,1342852,1342875,1342893,1342980,1343088,1345473,1345484,1345532,1345547,1345553,1347559,1347762,1351778,1351999,1353135,1353681,1355660,1355801,1355859,1355975,1358735,1359500,1359599-1359600,1360689,1361056,1361073,1361476,1361662,1361931,1361944,1361958,1364046,1364052,1364216,1364218,1366660,1366960,1369555,1369561,1377253,1377382,1377386,1377388,1379334,1379340,1379345,1381146,1384251,1384894,1387878,1387884,1388832,1389802,1392773,1393948,1394995,1395104,1395460,1395953,1396105,1399539,1399761,1400388,1400393,1400421,1402766,1403370,1406727,1407634,1408408,1413307,1421662,1422207,1423117,1425155,1425662,
1426231,1426734,1426787,1430332,1430336,1431191,1432392,1432833,1435528,1435701,1438498,1444356,1446575,1446876,1447107,1451183,1451879,1452382,1458429,1459220,1459222,1460116,1460276,1461551,1462948,1463989,1465351,1470151,1470483,1471283-1471284,1471687,1471739,1476296,1480407,1481287,1484279,1485432,1487130,1487854,1488000,1488127,1488188,1489461,1492112,1492673,1493352,1493393,1493658,1493683,1494202,1494682,1497376,1497822,1497839,1499732,1500760,1500772,1502121,1502944,1502946,1504864,1506269,1506499,1506504,1506828,1509164,1510042,1512376,1512573,1517629,1517702,1517780,1517947,1518336,1518950,1519245,1524361,1524676,1524704,1524769,1524950,1525523,1526387,1526463,1527254,1528144,1528146,1528149,1528298,1529412,1529418,1531848,1532342,1532366,1534062,1535961,1536656,1537023,1537179,1537996,1538096,1539147,1539156,1543744,1543766,1543781,1544444,1547548,1548143,1550255,1550515,1551744,1552290,1552500,1552901,1552908,1554290,1554536,1554681,1554685,1554706,1554764,1554787,15551
42,1557409-1557410,1557440,1557447,1557457,1557462,1557593,1558373,1559814,1560048,1560056,1560176,1560203,1560205,1560699,1561286,1561290,1561305,1561311,1561327,1561467,1562767,1563238,1563683,1563958,1564111,1564113,1564463,1564473,1564493,1566096,1566273,1569078,1569743,1571219,1573161,1573498,1573639,1574019,1575508,1576259,1576331,1576378,1576506,1576511,1576757,1576839,1577268,1579155,1579161,1579309,1580455,1581386,1581997,1582762,1583040,1583427-1583428,1583551,1583674,1583681,1583689,1583696,1584873,1585033,1585574,1585958-1585959,1586987,1587841,1587843,1588733,1589602,1589606,1589612,1589625,1589669,1592530,1592588,1592745,1592977,1593902,1593908,1593952,1597464,1598544,1598913,1603732,1603739,1604357,1604363,1604522,1604554,1605348,1605354,1605707,1607457,1608355,1608491,1608495,1608698,1609047,1609065,1609076,1609087,1609167,1609184,1609389,1609394,1609406,1609418,1609885,1610355,1610385,1610425,1610685,1610918,1610925,1611321,1612190,1612205,1613121,1614019,1614025,16
14355,1614366,1614556,1615296-1615297,1616684,1616940,1617229,1618354,1618411,1618570,1619098,1622050,1622672,1623370,1627230,1627776,1628096,1629391,1631203,1632733,1632745,1632764,1632797,1632801,1632803,1633100,1636493,1639835,1639840-1639841,1639846,1639863,1639867,1639873,1639884,1639887,1639892,1640288,1640515,1640717,1641066,1641131,1641165,1641548,1641804,1642409,1642423,1643341,1644904,1646204,1646977,1646984,1647266,1647338,1647559,1648668,1649393,1650583,1650642,1650678,1650882,1650887,1650938,1651593,1652361,1652604,1652611,1652617,1652627,1652725,1652731,1652739,1653456,1654175,1654273,1655795,1656983,1660444,1661287,1661358,1661612,1661778,1661853,1661864,1661873,1661940,1661951,1661977,1662361,1662500,1663912,1666633,1666836,1667253,1668214,1668246,1668258,1668265,1668314,1669317,1673764,1674447,1674491,1674496,1674908,1678294,1678882,1679689,1679697,1680155,1680840,1682415,1683998,1686545,1686566,1686583,1686651,1690086,1690581,1692458,1692600,1692604,1693579,1696018
,1696234,1697993,1701441,1701936,1702704,1703586,1703981,1703988,1704043,1704052,1704082,1704140,1704230,1705004,1706316,1706561,1706591,1707837,1708742,1710348,1711513,1714244,1714410,1714415,1714571,1714657,1717058,1717180,1717682,1718023,1718109,1720883,1721067,1721625,1722712,1724402,1724978,1725257,1726828,1729609,1729809,1730735,1730882,1731359,1733951,1734246,1734269,1735244
+/ofbiz/trunk:1332097,1333439,1333885,1334201,1334336,1334483,1335047,1335343,1335347,1335351,1335946,1336921,1337046,1337057-1337059,1337202,1337502,1337524,1337644,1337789,1337800,1338065,1338101,1338224,1338570,1338591,1338700,1338831,1338845,1338974,1339081,1339122,1340273,1340352,1340357,1340400,1340405,1340415,1340657,1340661,1340774,1340821,1340826,1340943,1341314,1341399,1342852,1342875,1342893,1342980,1343088,1345473,1345484,1345532,1345547,1345553,1347559,1347762,1351778,1351999,1353135,1353681,1355660,1355801,1355859,1355975,1358735,1359500,1359599-1359600,1360689,1361056,1361073,1361476,1361662,1361931,1361944,1361958,1364046,1364052,1364216,1364218,1366660,1366960,1369555,1369561,1377253,1377382,1377386,1377388,1379334,1379340,1379345,1381146,1384251,1384894,1387878,1387884,1388832,1389802,1392773,1393948,1394995,1395104,1395460,1395953,1396105,1399539,1399761,1400388,1400393,1400421,1402766,1403370,1406727,1407634,1408408,1413307,1421662,1422207,1423117,1425155,1425662,
1426231,1426734,1426787,1430332,1430336,1431191,1432392,1432833,1435528,1435701,1438498,1444356,1446575,1446876,1447107,1451183,1451879,1452382,1458429,1459220,1459222,1460116,1460276,1461551,1462948,1463989,1465351,1470151,1470483,1471283-1471284,1471687,1471739,1476296,1480407,1481287,1484279,1485432,1487130,1487854,1488000,1488127,1488188,1489461,1492112,1492673,1493352,1493393,1493658,1493683,1494202,1494682,1497376,1497822,1497839,1499732,1500760,1500772,1502121,1502944,1502946,1504864,1506269,1506499,1506504,1506828,1509164,1510042,1512376,1512573,1517629,1517702,1517780,1517947,1518336,1518950,1519245,1524361,1524676,1524704,1524769,1524950,1525523,1526387,1526463,1527254,1528144,1528146,1528149,1528298,1529412,1529418,1531848,1532342,1532366,1534062,1535961,1536656,1537023,1537179,1537996,1538096,1539147,1539156,1543744,1543766,1543781,1544444,1547548,1548143,1550255,1550515,1551744,1552290,1552500,1552901,1552908,1554290,1554536,1554681,1554685,1554706,1554764,1554787,15551
42,1557409-1557410,1557440,1557447,1557457,1557462,1557593,1558373,1559814,1560048,1560056,1560176,1560203,1560205,1560699,1561286,1561290,1561305,1561311,1561327,1561467,1562767,1563238,1563683,1563958,1564111,1564113,1564463,1564473,1564493,1566096,1566273,1569078,1569743,1571219,1573161,1573498,1573639,1574019,1575508,1576259,1576331,1576378,1576506,1576511,1576757,1576839,1577268,1579155,1579161,1579309,1580455,1581386,1581997,1582762,1583040,1583427-1583428,1583551,1583674,1583681,1583689,1583696,1584873,1585033,1585574,1585958-1585959,1586987,1587841,1587843,1588733,1589602,1589606,1589612,1589625,1589669,1592530,1592588,1592745,1592977,1593902,1593908,1593952,1597464,1598544,1598913,1603732,1603739,1604357,1604363,1604522,1604554,1605348,1605354,1605707,1607457,1608355,1608491,1608495,1608698,1609047,1609065,1609076,1609087,1609167,1609184,1609389,1609394,1609406,1609418,1609885,1610355,1610385,1610425,1610685,1610918,1610925,1611321,1612190,1612205,1613121,1614019,1614025,16
14355,1614366,1614556,1615296-1615297,1616684,1616940,1617229,1618354,1618411,1618570,1619098,1622050,1622672,1623370,1627230,1627776,1628096,1629391,1631203,1632733,1632745,1632764,1632797,1632801,1632803,1633100,1636493,1639835,1639840-1639841,1639846,1639863,1639867,1639873,1639884,1639887,1639892,1640288,1640515,1640717,1641066,1641131,1641165,1641548,1641804,1642409,1642423,1643341,1644904,1646204,1646977,1646984,1647266,1647338,1647559,1648668,1649393,1650583,1650642,1650678,1650882,1650887,1650938,1651593,1652361,1652604,1652611,1652617,1652627,1652725,1652731,1652739,1653456,1654175,1654273,1655795,1656983,1660444,1661287,1661358,1661612,1661778,1661853,1661864,1661873,1661940,1661951,1661977,1662361,1662500,1663912,1666633,1666836,1667253,1668214,1668246,1668258,1668265,1668314,1669317,1673764,1674447,1674491,1674496,1674908,1678294,1678882,1679689,1679697,1680155,1680840,1682415,1683998,1686545,1686566,1686583,1686651,1690086,1690581,1692458,1692600,1692604,1693579,1696018
,1696234,1697993,1701441,1701936,1702704,1703586,1703981,1703988,1704043,1704052,1704082,1704140,1704230,1705004,1706316,1706561,1706591,1707837,1708742,1710348,1711513,1714244,1714410,1714415,1714571,1714657,1717058,1717180,1717682,1718023,1718109,1720883,1721067,1721625,1722712,1724402,1724978,1725257,1726828,1729609,1729809,1730735,1730882,1731359,1733951,1734246,1734269,1735244,1735385
Modified: ofbiz/branches/release12.04/applications/accounting/script/org/ofbiz/accounting/payment/PaymentMapProcs.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release12.04/applications/accounting/script/org/ofbiz/accounting/payment/PaymentMapProcs.xml?rev=1735390&r1=1735389&r2=1735390&view=diff
==============================================================================
--- ofbiz/branches/release12.04/applications/accounting/script/org/ofbiz/accounting/payment/PaymentMapProcs.xml (original)
+++ ofbiz/branches/release12.04/applications/accounting/script/org/ofbiz/accounting/payment/PaymentMapProcs.xml Thu Mar 17 10:11:03 2016
@@ -54,12 +54,45 @@ under the License.
<process field="expYear"><not-empty><fail-property resource="AccountingUiLabels" property="AccountingExpirationYearMissing"/></not-empty></process>
<process field="expireDate">
<copy/>
- <validate-method method="isDateAfterToday"><fail-property resource="AccountingUiLabels" property="AccountingExpirationDateIsBeforeToday"/></validate-method></process>
+ <validate-method method="isDateAfterToday"><fail-property resource="AccountingUiLabels" property="AccountingExpirationDateIsBeforeToday"/></validate-method>
+ </process>
</simple-map-processor>
+
<simple-map-processor name="updateCreditCard">
+ <make-in-string field="expireDate">
+ <in-field field="expMonth"/>
+ <constant>/</constant>
+ <in-field field="expYear"/>
+ </make-in-string>
<process field="paymentMethodId"><copy/><not-empty><fail-property resource="AccountingUiLabels" property="AccountingCreditCardPaymentMethodIdMissing"/></not-empty></process>
+ <process field="partyId"><copy/></process>
+ <process field="companyNameOnCard"><copy/></process>
+ <process field="titleOnCard"><copy/></process>
+ <process field="firstNameOnCard"><copy/><not-empty><fail-property resource="AccountingUiLabels" property="AccountingFirstNameOnCardMissing"/></not-empty></process>
+ <process field="middleNameOnCard"><copy/></process>
+ <process field="lastNameOnCard"><copy/><not-empty><fail-property resource="AccountingUiLabels" property="AccountingLastNameOnCardMissing"/></not-empty></process>
+ <process field="suffixOnCard"><copy/></process>
+ <process field="cardType"><copy/><not-empty><fail-property resource="AccountingUiLabels" property="AccountingCardTypeMissing"/></not-empty></process>
+ <process field="cardNumber">
+ <copy/>
+ <not-empty>
+ <fail-property resource="AccountingUiLabels" property="AccountingCardNumberMissing"/>
+ </not-empty>
+ <!-- FIXME Commented out because of OFBIZ-6920, a better solution would be do encrypt the card number when showing screen and decrypt when validating data
+ Anyway the only reason of changing a card number while this card is still valid
+ is because the number have been wrongly entered. Then better to delete and create a new one -->
+ <!-- <validate-method method="isAnyCard" class="org.ofbiz.base.util.UtilValidate">
+ <fail-property resource="AccountingUiLabels" property="AccountingCardNumberIncorrect"/>
+ </validate-method> -->
+ </process>
+ <process field="contactMechId"><copy/></process>
<process field="description"><copy/></process>
- <!-- also call createCreditCard after calling updateCreditCard -->
+ <process field="expMonth"><not-empty><fail-property resource="AccountingUiLabels" property="AccountingExpirationMonthMissing"/></not-empty></process>
+ <process field="expYear"><not-empty><fail-property resource="AccountingUiLabels" property="AccountingExpirationYearMissing"/></not-empty></process>
+ <process field="expireDate">
+ <copy/>
+ <validate-method method="isDateAfterToday"><fail-property resource="AccountingUiLabels" property="AccountingExpirationDateIsBeforeToday"/></validate-method>
+ </process>
</simple-map-processor>
<!-- EftAccount map procs -->
Modified: ofbiz/branches/release12.04/applications/accounting/script/org/ofbiz/accounting/payment/PaymentMethodEvents.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release12.04/applications/accounting/script/org/ofbiz/accounting/payment/PaymentMethodEvents.xml?rev=1735390&r1=1735389&r2=1735390&view=diff
==============================================================================
--- ofbiz/branches/release12.04/applications/accounting/script/org/ofbiz/accounting/payment/PaymentMethodEvents.xml (original)
+++ ofbiz/branches/release12.04/applications/accounting/script/org/ofbiz/accounting/payment/PaymentMethodEvents.xml Thu Mar 17 10:11:03 2016
@@ -52,9 +52,10 @@ under the License.
<call-map-processor xml-resource="component://accounting/script/org/ofbiz/accounting/payment/PaymentMapProcs.xml"
processor-name="updateCreditCard" in-map-name="parameters" out-map-name="context"/>
<!-- before check-errors also call createCreditCard, which completes the checking, etc for updateCreditCard -->
- <call-map-processor xml-resource="component://accounting/script/org/ofbiz/accounting/payment/PaymentMapProcs.xml"
+ <!-- FIXME Commented out because of OFBIZ-6920, a better solution would be do encrypt the card number when showing screen and decrypt when validating data -->
+ <!-- <call-map-processor xml-resource="component://accounting/script/org/ofbiz/accounting/payment/PaymentMapProcs.xml"
processor-name="createCreditCard" in-map-name="parameters" out-map-name="context"/>
- <check-errors/>
+ <check-errors/> -->
<call-service service-name="updateCreditCard" in-map-name="context">
<default-message resource="AccountingUiLabels" property="AccountingCreditCardUpdatedSuccessfully"/>
<result-to-request result-name="paymentMethodId" request-name="paymentMethodId"/>