Fixed issue 40791: Roles require back-office access to log in to mobile apps
authorJorge Garcia <jorge.garcia@openbravo.com>
Mon, 06 May 2019 16:46:57 +0200
changeset 35628 0ec858b516d0
parent 35627 2a604c499abc
child 35629 aa8cc9d96cad
Fixed issue 40791: Roles require back-office access to log in to mobile apps

MobileLoginHandler does a back-office login to later select mobile default role,
it expects back-office to fail and keep session in case of restricted role login
attempt.

Back-office login handler was changed to fail and remove session in case there is
no back-office role in current user's list. This made not possible to log in to
mobile apps.

Now if logging in to a mobile application session is kept after failure as it was
before.
src/org/openbravo/base/secureApp/LoginHandler.java
--- a/src/org/openbravo/base/secureApp/LoginHandler.java	Mon May 06 11:49:42 2019 +0200
+++ b/src/org/openbravo/base/secureApp/LoginHandler.java	Mon May 06 16:46:57 2019 +0200
@@ -324,7 +324,6 @@
         goToRetry(res, vars, msg, title, "Error", action);
         return;
       }
-
       // Build checks
 
       if (sysInfo.getSystemStatus() == null || sysInfo.getSystemStatus().equals("RB70")
@@ -411,6 +410,11 @@
 
   }
 
+  /** Is current login for a back-office session */
+  protected boolean isBackOfficeLogin() {
+    return true;
+  }
+
   private String getUserStartPage(String userId, RoleDefaults rd, String target,
       String targetQueryString) {
     String startPage = null;
@@ -525,7 +529,8 @@
       jsonMsg.put("messageTitle", title);
       jsonMsg.put("messageText", msg);
 
-      if (loginHasError) {
+      if (loginHasError && isBackOfficeLogin()) {
+        // mobile apps expect session to be populated in case of backoffice restricted roles
         vars.clearSession(false);
       }