You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by ha...@apache.org on 2011/07/05 09:18:55 UTC
svn commit: r1142908 - in /ofbiz/trunk:
applications/party/src/org/ofbiz/party/party/PartyServices.java
framework/common/src/org/ofbiz/common/login/LoginServices.java
Author: hansbak
Date: Tue Jul 5 07:18:54 2011
New Revision: 1142908
URL: http://svn.apache.org/viewvc?rev=1142908&view=rev
Log:
currently it is pretty difficult to disable a userlogin by setting the deleted date to a date in the future and enable=N, further when disable a party tries to disable related userlogins but does not set that future date. This change will allow to nullify the deleted date so it is now clear the userlogin will never be enabled. The deleted date is still available in the last modified date.
Modified:
ofbiz/trunk/applications/party/src/org/ofbiz/party/party/PartyServices.java
ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java
Modified: ofbiz/trunk/applications/party/src/org/ofbiz/party/party/PartyServices.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/src/org/ofbiz/party/party/PartyServices.java?rev=1142908&r1=1142907&r2=1142908&view=diff
==============================================================================
--- ofbiz/trunk/applications/party/src/org/ofbiz/party/party/PartyServices.java (original)
+++ ofbiz/trunk/applications/party/src/org/ofbiz/party/party/PartyServices.java Tue Jul 5 07:18:54 2011
@@ -249,7 +249,6 @@ public class PartyServices {
for(GenericValue userLogin : userLogins) {
if (!"N".equals(userLogin.getString("enabled"))) {
userLogin.set("enabled", "N");
- userLogin.set("disabledDateTime", UtilDateTime.nowTimestamp());
userLogin.store();
}
}
Modified: ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java?rev=1142908&r1=1142907&r2=1142908&view=diff
==============================================================================
--- ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java (original)
+++ ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java Tue Jul 5 07:18:54 2011
@@ -888,11 +888,6 @@ public class LoginServices {
userLoginToUpdate.set("disabledDateTime", null);
}
- // if was enabled and we are disabling it, and no disabledDateTime was passed, set it to now
- if (wasEnabled && "N".equals(context.get("enabled")) && context.get("disabledDateTime") == null) {
- userLoginToUpdate.set("disabledDateTime", UtilDateTime.nowTimestamp());
- }
-
try {
userLoginToUpdate.store();
} catch (GenericEntityException e) {
Re: svn commit: r1142908 - in /ofbiz/trunk: applications/party/src/org/ofbiz/party/party/PartyServices.java
framework/common/src/org/ofbiz/common/login/LoginServices.java
Posted by Hans Bakker <ma...@antwebsystems.com>.
This one is pretty old, i advise you to take this change and apply it to
you current version?
Regards,
Hans
On 05/19/2012 03:13 PM, Suprit Udawat wrote:
> Hi Hans,
>
> We are also facing same issue that when we disabled user login from
> partymgr and try to login with that disabled user login, it gets re-enable
> because of disabledDateTime field. We are using ofbiz 10.04 and 11.04, so
> can you push this bug over these two branches as well?
>
> Thanks,
> Suprit Udawat
>
> On Sat, Sep 3, 2011 at 7:56 PM, Jacques Le Roux<
> jacques.le.roux@les7arts.com> wrote:
>
>> Hi Hans,
>>
>>
>> This change will allow to nullify the deleted date so it is now clear the
>>> userlogin will never be enabled.
>>>
>> I dont get it, you can still enable an UserLogin again after setting to N
>> with a null date. Could you please explain how it works at the UI level in
>> 2 words or maybe I missing the whole idea?
>> I mean
>>
>> it is now clear the userlogin will never be enabled.
>> does maybe not mean that it can't be enabled again, but is only an
>> indication it should not be enabled again?
>>
>> My need: disable forever an admin login used so far in a prod env (with
>> another pwd though ;o), to be replaced by another login with another pwd,
>> ie left as less as possible chances to have the admin party hacked... (new
>> credential with long login and pwd strings...)
>>
>> Thanks
>>
>> Jacques
>>
>> From:<ha...@apache.org>
>>
>> Author: hansbak
>>> Date: Tue Jul 5 07:18:54 2011
>>> New Revision: 1142908
>>>
>>> URL: http://svn.apache.org/viewvc?**rev=1142908&view=rev<http://svn.apache.org/viewvc?rev=1142908&view=rev>
>>> Log:
>>> currently it is pretty difficult to disable a userlogin by setting the
>>> deleted date to a date in the future and enable=N, further when disable a
>>> party tries to disable related userlogins but does not set that future
>>> date. This change will allow to nullify the deleted date so it is now clear
>>> the userlogin will never be enabled. The deleted date is still available in
>>> the last modified date.
>>>
>>> Modified:
>>> ofbiz/trunk/applications/**party/src/org/ofbiz/party/**
>>> party/PartyServices.java
>>> ofbiz/trunk/framework/common/**src/org/ofbiz/common/login/**
>>> LoginServices.java
>>>
>>> Modified: ofbiz/trunk/applications/**party/src/org/ofbiz/party/**
>>> party/PartyServices.java
>>> URL: http://svn.apache.org/viewvc/**ofbiz/trunk/applications/**
>>> party/src/org/ofbiz/party/**party/PartyServices.java?rev=**
>>> 1142908&r1=1142907&r2=1142908&**view=diff<http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/src/org/ofbiz/party/party/PartyServices.java?rev=1142908&r1=1142907&r2=1142908&view=diff>
>>> ==============================**==============================**
>>> ==================
>>> --- ofbiz/trunk/applications/**party/src/org/ofbiz/party/**party/PartyServices.java
>>> (original)
>>> +++ ofbiz/trunk/applications/**party/src/org/ofbiz/party/**party/PartyServices.java
>>> Tue Jul 5 07:18:54 2011
>>> @@ -249,7 +249,6 @@ public class PartyServices {
>>> for(GenericValue userLogin : userLogins) {
>>> if (!"N".equals(userLogin.**getString("enabled")))
>>> {
>>> userLogin.set("enabled", "N");
>>> - userLogin.set("**disabledDateTime",
>>> UtilDateTime.nowTimestamp());
>>> userLogin.store();
>>> }
>>> }
>>>
>>> Modified: ofbiz/trunk/framework/common/**src/org/ofbiz/common/login/**
>>> LoginServices.java
>>> URL: http://svn.apache.org/viewvc/**ofbiz/trunk/framework/common/**
>>> src/org/ofbiz/common/login/**LoginServices.java?rev=**
>>> 1142908&r1=1142907&r2=1142908&**view=diff<http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java?rev=1142908&r1=1142907&r2=1142908&view=diff>
>>> ==============================**==============================**
>>> ==================
>>> --- ofbiz/trunk/framework/common/**src/org/ofbiz/common/login/**LoginServices.java
>>> (original)
>>> +++ ofbiz/trunk/framework/common/**src/org/ofbiz/common/login/**LoginServices.java
>>> Tue Jul 5 07:18:54 2011
>>> @@ -888,11 +888,6 @@ public class LoginServices {
>>> userLoginToUpdate.set("**disabledDateTime", null);
>>> }
>>>
>>> - // if was enabled and we are disabling it, and no
>>> disabledDateTime was passed, set it to now
>>> - if (wasEnabled&& "N".equals(context.get("**enabled"))&&
>>> context.get("disabledDateTime"**) == null) {
>>> - userLoginToUpdate.set("**disabledDateTime",
>>> UtilDateTime.nowTimestamp());
>>> - }
>>> -
>>> try {
>>> userLoginToUpdate.store();
>>> } catch (GenericEntityException e) {
>>>
>>>
>>>
>>
>
Re: svn commit: r1142908 - in /ofbiz/trunk: applications/party/src/org/ofbiz/party/party/PartyServices.java
framework/common/src/org/ofbiz/common/login/LoginServices.java
Posted by Suprit Udawat <su...@gmail.com>.
Hi Hans,
We are also facing same issue that when we disabled user login from
partymgr and try to login with that disabled user login, it gets re-enable
because of disabledDateTime field. We are using ofbiz 10.04 and 11.04, so
can you push this bug over these two branches as well?
Thanks,
Suprit Udawat
On Sat, Sep 3, 2011 at 7:56 PM, Jacques Le Roux <
jacques.le.roux@les7arts.com> wrote:
> Hi Hans,
>
>
> This change will allow to nullify the deleted date so it is now clear the
>> userlogin will never be enabled.
>>
> I dont get it, you can still enable an UserLogin again after setting to N
> with a null date. Could you please explain how it works at the UI level in
> 2 words or maybe I missing the whole idea?
> I mean
>
> it is now clear the userlogin will never be enabled.
>>
> does maybe not mean that it can't be enabled again, but is only an
> indication it should not be enabled again?
>
> My need: disable forever an admin login used so far in a prod env (with
> another pwd though ;o), to be replaced by another login with another pwd,
> ie left as less as possible chances to have the admin party hacked... (new
> credential with long login and pwd strings...)
>
> Thanks
>
> Jacques
>
> From: <ha...@apache.org>
>
> Author: hansbak
>> Date: Tue Jul 5 07:18:54 2011
>> New Revision: 1142908
>>
>> URL: http://svn.apache.org/viewvc?**rev=1142908&view=rev<http://svn.apache.org/viewvc?rev=1142908&view=rev>
>> Log:
>> currently it is pretty difficult to disable a userlogin by setting the
>> deleted date to a date in the future and enable=N, further when disable a
>> party tries to disable related userlogins but does not set that future
>> date. This change will allow to nullify the deleted date so it is now clear
>> the userlogin will never be enabled. The deleted date is still available in
>> the last modified date.
>>
>> Modified:
>> ofbiz/trunk/applications/**party/src/org/ofbiz/party/**
>> party/PartyServices.java
>> ofbiz/trunk/framework/common/**src/org/ofbiz/common/login/**
>> LoginServices.java
>>
>> Modified: ofbiz/trunk/applications/**party/src/org/ofbiz/party/**
>> party/PartyServices.java
>> URL: http://svn.apache.org/viewvc/**ofbiz/trunk/applications/**
>> party/src/org/ofbiz/party/**party/PartyServices.java?rev=**
>> 1142908&r1=1142907&r2=1142908&**view=diff<http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/src/org/ofbiz/party/party/PartyServices.java?rev=1142908&r1=1142907&r2=1142908&view=diff>
>> ==============================**==============================**
>> ==================
>> --- ofbiz/trunk/applications/**party/src/org/ofbiz/party/**party/PartyServices.java
>> (original)
>> +++ ofbiz/trunk/applications/**party/src/org/ofbiz/party/**party/PartyServices.java
>> Tue Jul 5 07:18:54 2011
>> @@ -249,7 +249,6 @@ public class PartyServices {
>> for(GenericValue userLogin : userLogins) {
>> if (!"N".equals(userLogin.**getString("enabled")))
>> {
>> userLogin.set("enabled", "N");
>> - userLogin.set("**disabledDateTime",
>> UtilDateTime.nowTimestamp());
>> userLogin.store();
>> }
>> }
>>
>> Modified: ofbiz/trunk/framework/common/**src/org/ofbiz/common/login/**
>> LoginServices.java
>> URL: http://svn.apache.org/viewvc/**ofbiz/trunk/framework/common/**
>> src/org/ofbiz/common/login/**LoginServices.java?rev=**
>> 1142908&r1=1142907&r2=1142908&**view=diff<http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java?rev=1142908&r1=1142907&r2=1142908&view=diff>
>> ==============================**==============================**
>> ==================
>> --- ofbiz/trunk/framework/common/**src/org/ofbiz/common/login/**LoginServices.java
>> (original)
>> +++ ofbiz/trunk/framework/common/**src/org/ofbiz/common/login/**LoginServices.java
>> Tue Jul 5 07:18:54 2011
>> @@ -888,11 +888,6 @@ public class LoginServices {
>> userLoginToUpdate.set("**disabledDateTime", null);
>> }
>>
>> - // if was enabled and we are disabling it, and no
>> disabledDateTime was passed, set it to now
>> - if (wasEnabled && "N".equals(context.get("**enabled")) &&
>> context.get("disabledDateTime"**) == null) {
>> - userLoginToUpdate.set("**disabledDateTime",
>> UtilDateTime.nowTimestamp());
>> - }
>> -
>> try {
>> userLoginToUpdate.store();
>> } catch (GenericEntityException e) {
>>
>>
>>
>
>
--
vcxz
Re: svn commit: r1142908 - in /ofbiz/trunk: applications/party/src/org/ofbiz/party/party/PartyServices.java framework/common/src/org/ofbiz/common/login/LoginServices.java
Posted by Jacques Le Roux <ja...@les7arts.com>.
Hi Hans,
>This change will allow to nullify the deleted date so it is now clear the userlogin will never be enabled.
I dont get it, you can still enable an UserLogin again after setting to N with a null date. Could you please explain how it works at
the UI level in 2 words or maybe I missing the whole idea?
I mean
> it is now clear the userlogin will never be enabled.
does maybe not mean that it can't be enabled again, but is only an indication it should not be enabled again?
My need: disable forever an admin login used so far in a prod env (with another pwd though ;o), to be replaced by another login with
another pwd, ie left as less as possible chances to have the admin party hacked... (new credential with long login and pwd
strings...)
Thanks
Jacques
From: <ha...@apache.org>
> Author: hansbak
> Date: Tue Jul 5 07:18:54 2011
> New Revision: 1142908
>
> URL: http://svn.apache.org/viewvc?rev=1142908&view=rev
> Log:
> currently it is pretty difficult to disable a userlogin by setting the deleted date to a date in the future and enable=N, further
> when disable a party tries to disable related userlogins but does not set that future date. This change will allow to nullify the
> deleted date so it is now clear the userlogin will never be enabled. The deleted date is still available in the last modified
> date.
>
> Modified:
> ofbiz/trunk/applications/party/src/org/ofbiz/party/party/PartyServices.java
> ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java
>
> Modified: ofbiz/trunk/applications/party/src/org/ofbiz/party/party/PartyServices.java
> URL:
> http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/src/org/ofbiz/party/party/PartyServices.java?rev=1142908&r1=1142907&r2=1142908&view=diff
> ==============================================================================
> --- ofbiz/trunk/applications/party/src/org/ofbiz/party/party/PartyServices.java (original)
> +++ ofbiz/trunk/applications/party/src/org/ofbiz/party/party/PartyServices.java Tue Jul 5 07:18:54 2011
> @@ -249,7 +249,6 @@ public class PartyServices {
> for(GenericValue userLogin : userLogins) {
> if (!"N".equals(userLogin.getString("enabled"))) {
> userLogin.set("enabled", "N");
> - userLogin.set("disabledDateTime", UtilDateTime.nowTimestamp());
> userLogin.store();
> }
> }
>
> Modified: ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java
> URL:
> http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java?rev=1142908&r1=1142907&r2=1142908&view=diff
> ==============================================================================
> --- ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java (original)
> +++ ofbiz/trunk/framework/common/src/org/ofbiz/common/login/LoginServices.java Tue Jul 5 07:18:54 2011
> @@ -888,11 +888,6 @@ public class LoginServices {
> userLoginToUpdate.set("disabledDateTime", null);
> }
>
> - // if was enabled and we are disabling it, and no disabledDateTime was passed, set it to now
> - if (wasEnabled && "N".equals(context.get("enabled")) && context.get("disabledDateTime") == null) {
> - userLoginToUpdate.set("disabledDateTime", UtilDateTime.nowTimestamp());
> - }
> -
> try {
> userLoginToUpdate.store();
> } catch (GenericEntityException e) {
>
>