Skip to content

erp5
erp5
Commit cccdfcb0 authored by Sebastien Robin's avatar Sebastien Robin
Browse files
Options

- there was some security problems because of some logs into checkbook_reception_workflow. 

- in check payment, reject must go back to draft instead of planned

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@14613 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 3c7dc789
Hide whitespace changes
Inline Side-by-side
Showing with 29 additions and 23 deletions
bt5/erp5_banking_check/SkinTemplateItem/portal_skins/erp5_banking_check_operation/CheckbookDelivery_checkAggregateStockList.xml
View file @ cccdfcb0
...@@ -76,8 +76,11 @@ for line in context.getMovementList():\n ...@@ -76,8 +76,11 @@ for line in context.getMovementList():\n
for aggregate_uid in line.getAggregateUidList():\n for aggregate_uid in line.getAggregateUidList():\n
if aggregate_uid not in aggregate_uid_list:\n if aggregate_uid not in aggregate_uid_list:\n
aggregate_value = context.portal_catalog(uid=aggregate_uid)[0].getObject()\n aggregate_value = context.portal_catalog(uid=aggregate_uid)[0].getObject()\n
reference = aggregate_value.getReference()\n
if reference is None:\n
reference = \'%s - %s\' % (aggregate_value.getReferenceRangeMin() or \'\', aggregate_value.getReferenceRangeMax() or \'\')\n
msg = Message(domain="ui", message="Sorry, the item with reference $reference is not available any more",\n msg = Message(domain="ui", message="Sorry, the item with reference $reference is not available any more",\n
mapping={\'reference\':aggregate_value.getReference()})\n mapping={\'reference\':reference})\n
raise ValidationFailed, (msg,)\n raise ValidationFailed, (msg,)\n
</string> </value> </string> </value>
</item> </item>
...@@ -145,6 +148,8 @@ for line in context.getMovementList():\n ...@@ -145,6 +148,8 @@ for line in context.getMovementList():\n
<string>aggregate_uid</string> <string>aggregate_uid</string>
<string>_getitem_</string> <string>_getitem_</string>
<string>aggregate_value</string> <string>aggregate_value</string>
<string>reference</string>
<string>None</string>
<string>msg</string> <string>msg</string>
</tuple> </tuple>
</value> </value>
......
bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/states/cancelled.xml
View file @ cccdfcb0
...@@ -45,6 +45,12 @@ ...@@ -45,6 +45,12 @@
<tuple/> <tuple/>
</value> </value>
</item> </item>
<item>
<key> <string>type_list</string> </key>
<value>
<tuple/>
</value>
</item>
</dictionary> </dictionary>
</pickle> </pickle>
</record> </record>
......
bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/states/delivered.xml
View file @ cccdfcb0
...@@ -48,6 +48,12 @@ ...@@ -48,6 +48,12 @@
</tuple> </tuple>
</value> </value>
</item> </item>
<item>
<key> <string>type_list</string> </key>
<value>
<tuple/>
</value>
</item>
</dictionary> </dictionary>
</pickle> </pickle>
</record> </record>
......
bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/transitions/agree_action.xml
View file @ cccdfcb0
...@@ -73,11 +73,8 @@ ...@@ -73,11 +73,8 @@
<record id="2" aka="AAAAAAAAAAI="> <record id="2" aka="AAAAAAAAAAI=">
<pickle> <pickle>
<tuple> <tuple>
<tuple> <global name="Guard" module="Products.DCWorkflow.Guard"/>
<string>Products.DCWorkflow.Guard</string> <tuple/>
<string>Guard</string>
</tuple>
<none/>
</tuple> </tuple>
</pickle> </pickle>
<pickle> <pickle>
...@@ -86,7 +83,7 @@ ...@@ -86,7 +83,7 @@
<key> <string>roles</string> </key> <key> <string>roles</string> </key>
<value> <value>
<tuple> <tuple>
<string>Assignor</string> <string>Assignee</string>
<string>Manager</string> <string>Manager</string>
</tuple> </tuple>
</value> </value>
......
bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/transitions/reject.xml
View file @ cccdfcb0
...@@ -53,7 +53,7 @@ ...@@ -53,7 +53,7 @@
</item> </item>
<item> <item>
<key> <string>new_state_id</string> </key> <key> <string>new_state_id</string> </key>
<value> <string>planned</string> </value> <value> <string>draft</string> </value>
</item> </item>
<item> <item>
<key> <string>script_name</string> </key> <key> <string>script_name</string> </key>
......
bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/worklists/rejected.xml
View file @ cccdfcb0
...@@ -63,11 +63,8 @@ Base_viewWorklist?simulation_state=planned&portal_type=Check Payment&simulation_ ...@@ -63,11 +63,8 @@ Base_viewWorklist?simulation_state=planned&portal_type=Check Payment&simulation_
<record id="2" aka="AAAAAAAAAAI="> <record id="2" aka="AAAAAAAAAAI=">
<pickle> <pickle>
<tuple> <tuple>
<tuple> <global name="Guard" module="Products.DCWorkflow.Guard"/>
<string>Products.DCWorkflow.Guard</string> <tuple/>
<string>Guard</string>
</tuple>
<none/>
</tuple> </tuple>
</pickle> </pickle>
<pickle> <pickle>
...@@ -88,17 +85,14 @@ Base_viewWorklist?simulation_state=planned&portal_type=Check Payment&simulation_ ...@@ -88,17 +85,14 @@ Base_viewWorklist?simulation_state=planned&portal_type=Check Payment&simulation_
<record id="3" aka="AAAAAAAAAAM="> <record id="3" aka="AAAAAAAAAAM=">
<pickle> <pickle>
<tuple> <tuple>
<tuple> <global name="PersistentMapping" module="Persistence.mapping"/>
<string>Persistence</string> <tuple/>
<string>PersistentMapping</string>
</tuple>
<none/>
</tuple> </tuple>
</pickle> </pickle>
<pickle> <pickle>
<dictionary> <dictionary>
<item> <item>
<key> <string>_container</string> </key> <key> <string>data</string> </key>
<value> <value>
<dictionary> <dictionary>
<item> <item>
...@@ -121,7 +115,7 @@ Base_viewWorklist?simulation_state=planned&portal_type=Check Payment&simulation_ ...@@ -121,7 +115,7 @@ Base_viewWorklist?simulation_state=planned&portal_type=Check Payment&simulation_
<key> <string>simulation_state</string> </key> <key> <string>simulation_state</string> </key>
<value> <value>
<tuple> <tuple>
<string>planned</string> <string>draft</string>
</tuple> </tuple>
</value> </value>
</item> </item>
......
bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/checkbook_reception_workflow/scripts/CheckbookReception_generateItemList.xml
View file @ cccdfcb0
...@@ -141,12 +141,10 @@ def checkReferenceListUniqueness(reference_list, model, destination_payment_uid) ...@@ -141,12 +141,10 @@ def checkReferenceListUniqueness(reference_list, model, destination_payment_uid)
"""\n """\n
Check each given reference not to already exist.\n Check each given reference not to already exist.\n
"""\n """\n
context.log(\'query\', portal.portal_catalog(portal_type=\'Check\', reference=reference_list, destination_payment_uid=destination_payment_uid, resource_relative_url=model, src__=1))\n
if destination_payment_uid is None:\n if destination_payment_uid is None:\n
match_list = portal.portal_catalog(portal_type=\'Check\', reference=reference_list, resource_relative_url=model)\n match_list = portal.portal_catalog(portal_type=\'Check\', reference=reference_list, resource_relative_url=model)\n
else:\n else:\n
match_list = portal.portal_catalog(portal_type=\'Check\', reference=reference_list, destination_payment_uid=destination_payment_uid, resource_relative_url=model)\n match_list = portal.portal_catalog(portal_type=\'Check\', reference=reference_list, destination_payment_uid=destination_payment_uid, resource_relative_url=model)\n
context.log(\'len\', len(match_list))\n
assertReferenceMatchListEmpty(match_list)\n assertReferenceMatchListEmpty(match_list)\n
for reference in reference_list:\n for reference in reference_list:\n
tag = \'check_%s_%s_%s\' % (model, destination_payment_uid, reference)\n tag = \'check_%s_%s_%s\' % (model, destination_payment_uid, reference)\n
......
bt5/erp5_banking_check/bt/revision
View file @ cccdfcb0
254 256
\ No newline at end of file \ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7