src/index.jsp
author Carlos Aristu <carlos.aristu@openbravo.com>
Mon, 14 Jan 2019 10:37:29 +0100
changeset 35310 0c885bc2fcec
parent 34507 4ace8ed532f5
child 35503 2d10c9fb9cd4
permissions -rw-r--r--
fixes bug 39885: link to a document isn't followed properly after login

Before[1] the URL query string used to specify the link to a concrete document was being stored in session. After that changeset the code to save that value in session was no longer being executed, so it was not possible to recover the document link information.

To solve this problem now we keep the query string with the link information in the URL, and we retrieve it from there when needed.


[1] https://code.openbravo.com/erp/devel/pi/rev/6d6a3a710fd21bbc60de46c5778b212c64ec300c
antonio@19359
     1
martin@13180
     2
<%@ page import="org.openbravo.dal.core.OBContext"%>
carlos@31936
     3
<%@ page import="org.openbravo.base.weld.WeldUtils"%>
ivan@10243
     4
<%@ page import="org.openbravo.authentication.AuthenticationManager" %>
david@16035
     5
<%@ page import="org.openbravo.client.kernel.KernelUtils" %>
ivan@16848
     6
<%@ page import="org.openbravo.client.kernel.KernelConstants" %>
carlos@32043
     7
<%@ page import="org.openbravo.client.kernel.StaticResourceProvider" %>
stefan@12524
     8
<%@ page import="org.apache.log4j.Logger" %>
antonio@19359
     9
<%@ page import="org.openbravo.model.ad.access.Role" %>
antonio@19368
    10
<%@ page import="org.openbravo.model.ad.access.User" %>
antonio@19359
    11
<%@ page import="org.openbravo.dal.service.OBDal" %>
antonio@19359
    12
<%@ page import="org.openbravo.base.secureApp.VariablesSecureApp" %>
asier@29377
    13
<%@ page import="org.openbravo.erpCommon.obps.ActivationKey" %>
asier@29378
    14
<%@ page import="org.openbravo.base.secureApp.LoginHandler" %>
asier@29379
    15
<%@ page import="org.openbravo.erpCommon.utility.OBMessageUtils" %>
asier@29379
    16
<%@ page import="org.openbravo.erpCommon.utility.OBError" %>
asier@29379
    17
<%@ page import="org.openbravo.erpCommon.obps.ActivationKey.LicenseRestriction" %>
carlos@31936
    18
<%@ page import="org.openbravo.client.application.window.ApplicationDictionaryCachedStructures"%>
ivan@10243
    19
<%@ page contentType="text/html; charset=UTF-8" %>
asier@32234
    20
<%@ page session="false" %>
ivan@10243
    21
<%
ivan@13687
    22
  /*
ivan@10243
    23
 *************************************************************************
ivan@10243
    24
 * The contents of this file are subject to the Openbravo  Public  License
ivan@10243
    25
 * Version  1.1  (the  "License"),  being   the  Mozilla   Public  License
ivan@10243
    26
 * Version 1.1  with a permitted attribution clause; you may not  use this
ivan@10243
    27
 * file except in compliance with the License. You  may  obtain  a copy of
ivan@10243
    28
 * the License at http://www.openbravo.com/legal/license.html 
ivan@10243
    29
 * Software distributed under the License  is  distributed  on  an "AS IS"
ivan@10243
    30
 * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
ivan@10243
    31
 * License for the specific  language  governing  rights  and  limitations
ivan@10243
    32
 * under the License. 
ivan@10243
    33
 * The Original Code is Openbravo ERP. 
ivan@10243
    34
 * The Initial Developer of the Original Code is Openbravo SLU 
carlos@35310
    35
 * All portions are Copyright (C) 2011-2019 Openbravo SLU
ivan@10243
    36
 * All Rights Reserved. 
martin@15614
    37
 * Contributor(s):  ______________________________________.
ivan@10243
    38
 ************************************************************************
ivan@10243
    39
 */
stefan@12524
    40
stefan@12524
    41
Logger log = Logger.getLogger(org.openbravo.authentication.AuthenticationManager.class); 
ivan@10243
    42
asier@32234
    43
HttpSession currentSession = request.getSession(false);
asier@33656
    44
boolean adSessionPresent = currentSession != null && currentSession.getAttribute("#AD_SESSION_ID") != null;
asier@32234
    45
ivan@16780
    46
AuthenticationManager authManager = AuthenticationManager.getAuthenticationManager(this);
carlos@34281
    47
if (!adSessionPresent && !authManager.useExternalLoginPage()) {
carlos@35310
    48
  if (request.getQueryString() != null) {
carlos@35310
    49
    response.sendRedirect(authManager.getLoginURL(request) + "?" + request.getQueryString());
carlos@35310
    50
  } else {
carlos@35310
    51
    response.sendRedirect(authManager.getLoginURL(request));
carlos@35310
    52
  }
asier@32234
    53
  return;
asier@32234
    54
}
ivan@10243
    55
ivan@10243
    56
String userId = authManager.authenticate(request, response);
ivan@16780
    57
asier@32234
    58
if (userId == null) {
ivan@10243
    59
  return;
ivan@10243
    60
}
david@11337
    61
asier@29377
    62
OBContext.setAdminMode(false);
asier@29377
    63
String sessionId = null;
asier@29377
    64
try {
carlos@34281
    65
  sessionId = currentSession != null ? (String) currentSession.getAttribute("#AD_SESSION_ID") : null;
asier@32234
    66
  if (sessionId != null && !"".equals(sessionId) && !"Y".equals(currentSession.getAttribute("forceLogin"))) {
asier@29377
    67
    org.openbravo.model.ad.access.Session dbSession = OBDal.getInstance().get(org.openbravo.model.ad.access.Session.class, sessionId);
asier@29377
    68
    String currentSessionType = dbSession.getLoginStatus();
asier@29377
    69
asier@33771
    70
    if (!ActivationKey.consumesConcurrentUser(currentSessionType) && !"CUR".equals(currentSessionType)) {
asier@29379
    71
      // session was created not counting concurrent users, now switching to backend so they
asier@29379
    72
      // should be counted
asier@29378
    73
      dbSession.setLoginStatus(LoginHandler.SUCCESS_SESSION_STANDARD);
asier@29377
    74
      OBDal.getInstance().flush();
asier@29379
    75
asier@29379
    76
      if (ActivationKey.getInstance().checkOPSLimitations(sessionId) == LicenseRestriction.NUMBER_OF_CONCURRENT_USERS_REACHED) {
asier@29379
    77
        dbSession.setSessionActive(false);
asier@29379
    78
        OBDal.getInstance().flush();
asier@29379
    79
asier@29379
    80
        OBError errMsg = new OBError();
asier@29379
    81
        errMsg.setTitle(OBMessageUtils.messageBD("NUMBER_OF_CONCURRENT_USERS_REACHED_TITLE", false, true));
asier@29379
    82
        errMsg.setMessage(OBMessageUtils.messageBD("NUMBER_OF_CONCURRENT_USERS_REACHED", false, true));
asier@32234
    83
        currentSession.setAttribute("LOGINERRORMSG", errMsg);
asier@29379
    84
asier@29389
    85
        response.sendRedirect(authManager.getLoginURL(request));
asier@29379
    86
        return;
asier@29379
    87
      }
asier@29377
    88
    }
asier@29377
    89
  }
asier@29377
    90
} catch (Exception e) {
asier@29377
    91
  log.error("Error resetting login status for session "  + sessionId,e);
asier@29377
    92
} finally {
asier@29377
    93
  OBContext.restorePreviousMode();
asier@29377
    94
}
asier@29377
    95
asier@29377
    96
david@16035
    97
boolean uncompSC = false;
david@16039
    98
String scDevModulePackage = "org.openbravo.userinterface.smartclient.dev";
david@16035
    99
OBContext.setAdminMode();
david@16035
   100
try {
david@16035
   101
  if (KernelUtils.getInstance().isModulePresent(scDevModulePackage)) {
david@16035
   102
    uncompSC = KernelUtils.getInstance().getModule(scDevModulePackage).isInDevelopment();
david@16035
   103
  }
david@16035
   104
} catch (Exception e) {
david@16039
   105
  log.error("Error trying to acquire module \"" + scDevModulePackage + "\": " + e.getMessage(), e);
david@16035
   106
} finally {
david@16035
   107
  OBContext.restorePreviousMode();
david@16035
   108
}
david@16035
   109
david@11337
   110
String ua = request.getHeader( "User-Agent" );
david@11337
   111
boolean isMSIE = ( ua != null && ua.indexOf( "MSIE" ) != -1 );
david@11337
   112
int verMSIE = 0;
david@11337
   113
String verMSIEtmp = "";
david@11337
   114
if (isMSIE) {
david@11337
   115
  verMSIEtmp = ua.substring(ua.indexOf("MSIE") + 5);
david@11337
   116
  verMSIEtmp = verMSIEtmp.substring(0, verMSIEtmp.indexOf("."));
david@11337
   117
  if (ua.indexOf("MSIE 7.0") != -1 && ua.indexOf("Trident/4") != -1) {
david@11337
   118
    //In case IE8 runs in "IE8 Compatibility mode, look for Trident/4.0 to know that is IE8 although MSIE string is MSIE 7.0
david@11337
   119
    verMSIEtmp = "8";
david@11337
   120
  } else if (ua.indexOf("MSIE 7.0") != -1 && ua.indexOf("Trident/5") != -1) {
david@11337
   121
    // In case IE9 runs in "IE8 Compatibility mode, look for Trident/5.0 to know that is IE9 although MSIE string is MSIE 7.0
david@11337
   122
    verMSIEtmp = "9";
david@11337
   123
  } else if (ua.indexOf("MSIE 7.0") != -1 && ua.indexOf("Trident/") != -1) {
david@11337
   124
    // For hypothetic future IE versions in case IEX runs in "IEX Compatibility mode, look for Trident/ to know that is IEX although MSIE string is MSIE 7.0
david@11337
   125
    verMSIEtmp = "10"; //If this 'if' statement is not updated, could be 10 or 11 or anything... but set 10 just to ensure it is not in IE7
david@11337
   126
  }
david@11337
   127
  verMSIE = Integer.parseInt(verMSIEtmp);
david@11337
   128
}
martin@15526
   129
response.addHeader("Cache-Control", "no-cache, no-store, must-revalidate");
martin@15526
   130
response.addHeader("Pragma", "no-cache");
martin@15526
   131
response.addHeader("Expires", "0");
ivan@10243
   132
%>
david@16296
   133
<!DOCTYPE html>
ivan@10243
   134
david@16346
   135
<html dir="<%=(OBContext.isRightToLeft() ? "RTL" : "LTR")%>">
david@10937
   136
<head>
ivan@10243
   137
<meta http-equiv="Expires" content="Tue, 24 Apr 1979 00:00:01 GMT"/>
ivan@10243
   138
<meta http-equiv="Content-type" content="text/html;charset=utf-8"/>
martin@15525
   139
<meta http-equiv="Cache-Control" content="no-cache no-store must-revalidate" >
ivan@10243
   140
<meta http-equiv="Pragma" content="no-cache" >
david@26257
   141
<meta http-equiv="X-UA-Compatible" content="IE=edge">
ivan@10243
   142
<meta name="author" content="Openbravo S.L.U.">
ivan@10243
   143
<meta name="keywords" content="openbravo">
ivan@10243
   144
<meta name="description" content="Openbravo S.L.U.">
ivan@10256
   145
<link rel="shortcut icon" href="./web/images/favicon.ico" />
ivan@16848
   146
<link rel="stylesheet" type="text/css" href="./org.openbravo.client.kernel/OBCLKER_Kernel/StyleSheetResources?_appName=OB3&_skinVersion=Default&_cssDataUri=<%=(!isMSIE || (isMSIE && verMSIE >=8))%>"/>
david@11337
   147
ivan@10243
   148
<title>Openbravo</title>
carlos@31936
   149
<%
carlos@31936
   150
  ApplicationDictionaryCachedStructures adcs = WeldUtils.getInstanceFromStaticBeanManager(ApplicationDictionaryCachedStructures.class);
carlos@31936
   151
  if (!adcs.useCache()) {
carlos@31936
   152
%>
ivan@16441
   153
<script src="./web/org.openbravo.client.kernel/js/scopeleaks.min.js"></script>
carlos@31936
   154
<%
carlos@31936
   155
  }
carlos@31936
   156
%>
ivan@16441
   157
<script src="./web/org.openbravo.client.kernel/js/LAB.min.js"></script>
ivan@16441
   158
<script src="./web/org.openbravo.client.kernel/js/BigDecimal-all-1.0.1.min.js"></script>
david@11337
   159
david@23074
   160
<script>
david@23074
   161
  (function () {
david@23074
   162
    var b = document.documentElement;
david@23074
   163
    b.setAttribute('data-useragent',  navigator.userAgent);
david@23074
   164
    b.setAttribute('data-platform', navigator.platform );
david@23074
   165
    b.className += ((!!('ontouchstart' in window) || !!('onmsgesturechange' in window))?' touch':'');
david@23074
   166
  }());
david@23074
   167
</script>
david@23074
   168
ivan@10243
   169
<!-- styles used during loading -->
ivan@16441
   170
<style>
ivan@10243
   171
  html, body {
ivan@10243
   172
      height: 100%;
ivan@10243
   173
      width: 100%;
ivan@10243
   174
  }
ivan@10243
   175
ivan@10243
   176
  .OBCenteredBox {
ivan@10243
   177
      position: fixed;
ivan@10243
   178
      z-index: 1000000;
ivan@10243
   179
      top: 50%;
ivan@10243
   180
      left: 50%;
ivan@10243
   181
      margin: -25px 0 0 -150px;
ivan@10243
   182
      width: 300px;
ivan@10243
   183
      height: 50px;
ivan@10243
   184
  }
ivan@10243
   185
ivan@10243
   186
  .OBLoadingPromptLabel {
ivan@10243
   187
      font-family: 'Arial';
ivan@10243
   188
      font-size: 12px;
ivan@10243
   189
      color: #ccd0d4;
ivan@10243
   190
  }
ivan@10243
   191
ivan@10243
   192
  .OBLoadingPromptModalMask {
ivan@10243
   193
      left: 0;
ivan@10243
   194
      top: 0;
ivan@10243
   195
      width: 100%;
ivan@10243
   196
      height: 100%;
ivan@10243
   197
      background-color: #7f7f7f;
ivan@10243
   198
  }
ivan@10243
   199
</style>
ivan@10243
   200
ivan@10243
   201
</head>
david@16346
   202
<body>
ivan@10243
   203
ivan@10243
   204
<!-- shows the loading div -->
ivan@10243
   205
<div class="OBLoadingPromptModalMask" id="OBLoadingDiv">
ivan@10243
   206
    <div class="OBCenteredBox">
ivan@10243
   207
        <table>
ivan@10243
   208
            <tr>
ivan@10243
   209
                <td>
ivan@10243
   210
                    <span class="OBLoadingPromptLabel">LOADING...</span>
ivan@10243
   211
                </td>
ivan@10243
   212
                <td>
martin@12927
   213
                    <img width="220" height="16" src="./web/org.openbravo.userinterface.smartclient/openbravo/skins/Default/org.openbravo.client.application/images/system/windowLoading.gif"/>
ivan@10243
   214
                </td>
ivan@10243
   215
            </tr>
ivan@10243
   216
        </table>
ivan@10243
   217
    </div>
ivan@10243
   218
</div>
ivan@10243
   219
<!-- load the rest -->
ivan@16441
   220
<script>
ivan@16848
   221
// Bootstrap error handling: Shows an alert to the user when an error occurs loading static resources
ivan@16848
   222
// This error handler gets removed at the end of static resources
ivan@16848
   223
window.onerror = function <%=KernelConstants.BOOTSTRAP_ERROR_HANDLER_NAME%> (errorMsg, url, lineNumber) {
ivan@16848
   224
  var msg = errorMsg + ' - ' + url + ':' + lineNumber;
ivan@16848
   225
  document.body.removeChild(document.getElementById('OBLoadingDiv'));
ivan@16848
   226
  alert(msg);
ivan@16848
   227
};
ivan@16848
   228
martin@15579
   229
$LAB.setGlobalDefaults({AppendTo: 'body'});
martin@15579
   230
ivan@10243
   231
var isomorphicDir='./web/org.openbravo.userinterface.smartclient/isomorphic/';
david@21907
   232
var isc = window.isc ? window.isc : {};
ivan@10243
   233
ivan@10243
   234
// starts the application is called as the last statement in the StaticResources part
ivan@15702
   235
function OBStartApplication() {
antonio@19359
   236
<%
antonio@19359
   237
//If the role has its access to the backend restricted, an error message will be shown
antonio@19359
   238
final VariablesSecureApp vars1 = new VariablesSecureApp(request, false);
antonio@19368
   239
OBContext.setAdminMode();
antonio@19368
   240
try{
antonio@19368
   241
  String roleId=vars1.getRole();
antonio@19368
   242
  Role role;
antonio@19368
   243
  if(roleId==null || roleId.equals("")){
antonio@19368
   244
    role=OBDal.getInstance().get(User.class, userId).getDefaultRole();
antonio@19368
   245
  }else{
antonio@19368
   246
    role = OBDal.getInstance().get(Role.class, vars1.getRole());
antonio@19368
   247
  }
antonio@20499
   248
if(role !=null && role.isRestrictbackend()){
antonio@19359
   249
%>
antonio@19359
   250
  document.body.removeChild(document.getElementById('OBLoadingDiv'));
antonio@19359
   251
  isc.Dialog.create({message: OB.I18N.getLabel('OBUIAPP_RestrictedUser'), title: OB.I18N.getLabel('OBUIAPP_RestrictedUserTitle'), showCloseButton: false}).show();
antonio@19359
   252
  return;
antonio@19359
   253
<%
antonio@19359
   254
}
augusto@29260
   255
boolean onlySystemAdminAccess = "Y".equals(vars1.getSessionValue("onlySystemAdminRoleShouldBeAvailableInErp"));
augusto@29260
   256
if (onlySystemAdminAccess && role != null && !"0".equals(role.getId())) {
augusto@29260
   257
  %>
augusto@29260
   258
  document.body.removeChild(document.getElementById('OBLoadingDiv'));
augusto@29260
   259
  isc.Dialog.create({message: OB.I18N.getLabel('BACKEND_LOGIN_RESTRICTED'), title: OB.I18N.getLabel('BACKEND_LOGIN_RESTRICTED_TITLE'), showCloseButton: false}).show();
augusto@29260
   260
  return;
augusto@29260
   261
<%  
augusto@29260
   262
}
antonio@19368
   263
 }finally{
antonio@19368
   264
  OBContext.restorePreviousMode();
antonio@19368
   265
}
antonio@19359
   266
%>
martin@12947
   267
  OB.Layout.initialize();
ivan@10243
   268
  OB.Layout.draw();
ivan@10243
   269
  OB.Layout.ViewManager.createAddStartTab();
ivan@10243
   270
  // get rid of the loading stuff
ivan@10243
   271
  document.body.removeChild(document.getElementById('OBLoadingDiv'));
ivan@10243
   272
  OB.GlobalHiddenForm = document.forms.OBGlobalHiddenForm;
ivan@13342
   273
<%
carlos@34281
   274
  if (currentSession != null && currentSession.getAttribute("STARTUP-MESSAGE") != null) {
asier@32234
   275
    String text = (String) currentSession.getAttribute("STARTUP-MESSAGE");
asier@32234
   276
    String title = (String) currentSession.getAttribute("STARTUP-MESSAGE-TITLE");
asier@32234
   277
    currentSession.removeAttribute("STARTUP-MESSAGE");
asier@32234
   278
    currentSession.removeAttribute("STARTUP-MESSAGE-TITLE");
ivan@13342
   279
%>
ivan@13342
   280
  isc.say('<%=text%>', null, {title: '<%=title%>'});
ivan@13342
   281
<%
ivan@13342
   282
  }
ivan@13342
   283
%>
ivan@10243
   284
}
ivan@10243
   285
</script>
ivan@16441
   286
<script src="./web/org.openbravo.userinterface.smartclient/isomorphic/ISC_Combined<%=(uncompSC ? ".uncompressed" : "")%>.js"></script>
ivan@16441
   287
<script src="./web/org.openbravo.userinterface.smartclient/isomorphic/ISC_History<%=(uncompSC ? ".uncompressed" : "")%>.js"></script>
carlos@32038
   288
<%
carlos@32043
   289
  StaticResourceProvider resourceProvider = WeldUtils.getInstanceFromStaticBeanManager(StaticResourceProvider.class);
carlos@32053
   290
  final String staticResourceFileName = resourceProvider.getStaticResourceCachedFileName("OB3");
carlos@32046
   291
  if (staticResourceFileName != null) {
carlos@32038
   292
%>
carlos@32048
   293
<script src="./web/js/gen/<%=staticResourceFileName%>.js"></script>
carlos@32038
   294
<%
carlos@32038
   295
  } else {
carlos@32038
   296
%>
ivan@16848
   297
<script src="./org.openbravo.client.kernel/OBCLKER_Kernel/StaticResources?_appName=OB3&_skinVersion=Default"></script>
carlos@32038
   298
<%
carlos@32038
   299
  }
carlos@32038
   300
%>
naroa@27815
   301
<iframe name="background_target" id="background_target" height="0" width="0"></iframe>
antonio@11954
   302
<form name="OBGlobalHiddenForm" method="post" action="blank.html" target="background_target">
antonio@11343
   303
</form>
ivan@10243
   304
</body>
ivan@14578
   305
</html>