Fixed issue 24858: Added 'Is Web Service Enabled' field to 'Role' window
authorDavid Baz Fayos <david.baz@openbravo.com>
Mon, 20 Jan 2014 14:50:37 +0100
changeset 21833 267df0f85b0e
parent 21832 ee5155af0f63
child 21834 a84eafaf0e1e
Fixed issue 24858: Added 'Is Web Service Enabled' field to 'Role' window
modules/org.openbravo.service.json/src/org/openbravo/service/json/JsonRestServlet.java
referencedata/sampledata/F_B_International_Group/AD_ROLE.xml
referencedata/sampledata/QA_Testing/AD_ROLE.xml
src-db/database/model/tables/AD_ROLE.xml
src-db/database/sourcedata/AD_COLUMN.xml
src-db/database/sourcedata/AD_ELEMENT.xml
src-db/database/sourcedata/AD_FIELD.xml
src/org/openbravo/service/web/BaseWebServiceServlet.java
--- a/modules/org.openbravo.service.json/src/org/openbravo/service/json/JsonRestServlet.java	Mon Jan 20 11:36:17 2014 +0100
+++ b/modules/org.openbravo.service.json/src/org/openbravo/service/json/JsonRestServlet.java	Mon Jan 20 14:50:37 2014 +0100
@@ -76,12 +76,20 @@
   protected void doService(HttpServletRequest request, HttpServletResponse response)
       throws ServletException, IOException {
     try {
-      if (OBContext.getOBContext() != null && OBContext.getOBContext().isPortalRole()) {
-        // Portal users are not granted to direct web services
-        log.error("Portal user " + OBContext.getOBContext().getUser() + " with role "
-            + OBContext.getOBContext().getRole()
-            + " is trying to access to non granted web service " + request.getRequestURL());
-        throw new OBSecurityException();
+      if (OBContext.getOBContext() != null) {
+        if (OBContext.getOBContext().isPortalRole()) {
+          // Portal users are not granted to direct web services
+          log.error("Portal user " + OBContext.getOBContext().getUser() + " with role "
+              + OBContext.getOBContext().getRole()
+              + " is trying to access to non granted web service " + request.getRequestURL());
+          throw new OBSecurityException("Web Services are not granted to Portal roles");
+        } else if (!OBContext.getOBContext().getRole().isWebServiceEnabled()) {
+          log.error("User " + OBContext.getOBContext().getUser() + " with role "
+              + OBContext.getOBContext().getRole()
+              + " is trying to access to non granted web service " + request.getRequestURL());
+          throw new OBSecurityException("Web Services are not granted to "
+              + OBContext.getOBContext().getRole().getName() + " role");
+        }
       }
       callServiceInSuper(request, response);
       response.setStatus(200);
--- a/referencedata/sampledata/F_B_International_Group/AD_ROLE.xml	Mon Jan 20 11:36:17 2014 +0100
+++ b/referencedata/sampledata/F_B_International_Group/AD_ROLE.xml	Mon Jan 20 14:50:37 2014 +0100
@@ -22,6 +22,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -46,6 +47,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -70,6 +72,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -94,6 +97,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -118,6 +122,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -142,6 +147,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -166,6 +172,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -190,6 +197,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -214,6 +222,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -238,6 +247,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -262,6 +272,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -286,6 +297,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -310,6 +322,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -334,6 +347,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -358,6 +372,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -382,6 +397,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -406,6 +422,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -430,6 +447,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -454,6 +472,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -478,6 +497,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -502,6 +522,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -526,6 +547,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -550,6 +572,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -574,6 +597,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 </data>
--- a/referencedata/sampledata/QA_Testing/AD_ROLE.xml	Mon Jan 20 11:36:17 2014 +0100
+++ b/referencedata/sampledata/QA_Testing/AD_ROLE.xml	Mon Jan 20 14:50:37 2014 +0100
@@ -21,6 +21,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -45,6 +46,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -68,6 +70,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 <AD_ROLE>
@@ -91,6 +94,7 @@
   <ISRESTRICTBACKEND><![CDATA[N]]></ISRESTRICTBACKEND>
   <ISPORTAL><![CDATA[N]]></ISPORTAL>
   <ISPORTALADMIN><![CDATA[N]]></ISPORTALADMIN>
+  <ISWEBSERVICEENABLED><![CDATA[Y]]></ISWEBSERVICEENABLED>
 </AD_ROLE>
 
 </data>
--- a/src-db/database/model/tables/AD_ROLE.xml	Mon Jan 20 11:36:17 2014 +0100
+++ b/src-db/database/model/tables/AD_ROLE.xml	Mon Jan 20 14:50:37 2014 +0100
@@ -93,6 +93,10 @@
         <default><![CDATA[N]]></default>
         <onCreateDefault><![CDATA['N']]></onCreateDefault>
       </column>
+      <column name="ISWEBSERVICEENABLED" primaryKey="false" required="true" type="CHAR" size="1" autoIncrement="false">
+        <default><![CDATA[N]]></default>
+        <onCreateDefault><![CDATA['Y']]></onCreateDefault>
+      </column>
       <foreign-key foreignTable="AD_TREE" name="AD_ROLE_AD_TREE_MENU">
         <reference local="AD_TREE_MENU_ID" foreign="AD_TREE_ID"/>
       </foreign-key>
@@ -114,6 +118,7 @@
       <check name="AD_ROLE_ISCLIENTADMIN_CHECK"><![CDATA[IS_CLIENT_ADMIN IN ('Y', 'N')]]></check>
       <check name="AD_ROLE_ISPORTAL_CHECK"><![CDATA[ISPORTAL IN ('Y', 'N')]]></check>
       <check name="AD_ROLE_ISPORTALADMIN_CHECK"><![CDATA[ISPORTALADMIN IN ('Y', 'N')]]></check>
+      <check name="AD_ROLE_ISWEBSERVICEENABLED"><![CDATA[ISWEBSERVICEENABLED IN ('Y', 'N')]]></check>
       <check name="AD_ROLE_RESTRICTBACKEND"><![CDATA[ISRESTRICTBACKEND IN ('Y', 'N')]]></check>
     </table>
   </database>
--- a/src-db/database/sourcedata/AD_COLUMN.xml	Mon Jan 20 11:36:17 2014 +0100
+++ b/src-db/database/sourcedata/AD_COLUMN.xml	Mon Jan 20 14:50:37 2014 +0100
@@ -237260,6 +237260,42 @@
 <!--54ABAC909CAA4222B53CC04D22FD4F83-->  <ISUSEDSEQUENCE><![CDATA[N]]></ISUSEDSEQUENCE>
 <!--54ABAC909CAA4222B53CC04D22FD4F83--></AD_COLUMN>
 
+<!--54C42E22809F46969BC384584EA4C692--><AD_COLUMN>
+<!--54C42E22809F46969BC384584EA4C692-->  <AD_COLUMN_ID><![CDATA[54C42E22809F46969BC384584EA4C692]]></AD_COLUMN_ID>
+<!--54C42E22809F46969BC384584EA4C692-->  <AD_CLIENT_ID><![CDATA[0]]></AD_CLIENT_ID>
+<!--54C42E22809F46969BC384584EA4C692-->  <AD_ORG_ID><![CDATA[0]]></AD_ORG_ID>
+<!--54C42E22809F46969BC384584EA4C692-->  <ISACTIVE><![CDATA[Y]]></ISACTIVE>
+<!--54C42E22809F46969BC384584EA4C692-->  <NAME><![CDATA[IsWebServiceEnabled]]></NAME>
+<!--54C42E22809F46969BC384584EA4C692-->  <DESCRIPTION><![CDATA[If checked, web services will be able to obtain data for users with this role]]></DESCRIPTION>
+<!--54C42E22809F46969BC384584EA4C692-->  <HELP><![CDATA[If checked, web services will be able to obtain data for users with this role. It applies to both JSON REST and XML REST web services]]></HELP>
+<!--54C42E22809F46969BC384584EA4C692-->  <COLUMNNAME><![CDATA[IsWebServiceEnabled]]></COLUMNNAME>
+<!--54C42E22809F46969BC384584EA4C692-->  <AD_TABLE_ID><![CDATA[156]]></AD_TABLE_ID>
+<!--54C42E22809F46969BC384584EA4C692-->  <AD_REFERENCE_ID><![CDATA[20]]></AD_REFERENCE_ID>
+<!--54C42E22809F46969BC384584EA4C692-->  <FIELDLENGTH><![CDATA[1]]></FIELDLENGTH>
+<!--54C42E22809F46969BC384584EA4C692-->  <DEFAULTVALUE><![CDATA[N]]></DEFAULTVALUE>
+<!--54C42E22809F46969BC384584EA4C692-->  <ISKEY><![CDATA[N]]></ISKEY>
+<!--54C42E22809F46969BC384584EA4C692-->  <ISPARENT><![CDATA[N]]></ISPARENT>
+<!--54C42E22809F46969BC384584EA4C692-->  <ISMANDATORY><![CDATA[Y]]></ISMANDATORY>
+<!--54C42E22809F46969BC384584EA4C692-->  <ISUPDATEABLE><![CDATA[Y]]></ISUPDATEABLE>
+<!--54C42E22809F46969BC384584EA4C692-->  <ISIDENTIFIER><![CDATA[N]]></ISIDENTIFIER>
+<!--54C42E22809F46969BC384584EA4C692-->  <SEQNO><![CDATA[81]]></SEQNO>
+<!--54C42E22809F46969BC384584EA4C692-->  <ISTRANSLATED><![CDATA[N]]></ISTRANSLATED>
+<!--54C42E22809F46969BC384584EA4C692-->  <ISENCRYPTED><![CDATA[N]]></ISENCRYPTED>
+<!--54C42E22809F46969BC384584EA4C692-->  <ISSELECTIONCOLUMN><![CDATA[N]]></ISSELECTIONCOLUMN>
+<!--54C42E22809F46969BC384584EA4C692-->  <AD_ELEMENT_ID><![CDATA[8976BF563A8848EE9A25AB42C1B995D3]]></AD_ELEMENT_ID>
+<!--54C42E22809F46969BC384584EA4C692-->  <ISSESSIONATTR><![CDATA[N]]></ISSESSIONATTR>
+<!--54C42E22809F46969BC384584EA4C692-->  <ISSECONDARYKEY><![CDATA[N]]></ISSECONDARYKEY>
+<!--54C42E22809F46969BC384584EA4C692-->  <ISDESENCRYPTABLE><![CDATA[N]]></ISDESENCRYPTABLE>
+<!--54C42E22809F46969BC384584EA4C692-->  <DEVELOPMENTSTATUS><![CDATA[RE]]></DEVELOPMENTSTATUS>
+<!--54C42E22809F46969BC384584EA4C692-->  <AD_MODULE_ID><![CDATA[0]]></AD_MODULE_ID>
+<!--54C42E22809F46969BC384584EA4C692-->  <POSITION><![CDATA[24]]></POSITION>
+<!--54C42E22809F46969BC384584EA4C692-->  <ISTRANSIENT><![CDATA[N]]></ISTRANSIENT>
+<!--54C42E22809F46969BC384584EA4C692-->  <ISAUTOSAVE><![CDATA[Y]]></ISAUTOSAVE>
+<!--54C42E22809F46969BC384584EA4C692-->  <VALIDATEONNEW><![CDATA[Y]]></VALIDATEONNEW>
+<!--54C42E22809F46969BC384584EA4C692-->  <IMAGESIZEVALUESACTION><![CDATA[N]]></IMAGESIZEVALUESACTION>
+<!--54C42E22809F46969BC384584EA4C692-->  <ISUSEDSEQUENCE><![CDATA[N]]></ISUSEDSEQUENCE>
+<!--54C42E22809F46969BC384584EA4C692--></AD_COLUMN>
+
 <!--5502AEFEFC29441197D3C4473C1C6C68--><AD_COLUMN>
 <!--5502AEFEFC29441197D3C4473C1C6C68-->  <AD_COLUMN_ID><![CDATA[5502AEFEFC29441197D3C4473C1C6C68]]></AD_COLUMN_ID>
 <!--5502AEFEFC29441197D3C4473C1C6C68-->  <AD_CLIENT_ID><![CDATA[0]]></AD_CLIENT_ID>
--- a/src-db/database/sourcedata/AD_ELEMENT.xml	Mon Jan 20 11:36:17 2014 +0100
+++ b/src-db/database/sourcedata/AD_ELEMENT.xml	Mon Jan 20 14:50:37 2014 +0100
@@ -27589,6 +27589,20 @@
 <!--8971717F183347B0834A2AEB218C5AFB-->  <ISGLOSSARY><![CDATA[N]]></ISGLOSSARY>
 <!--8971717F183347B0834A2AEB218C5AFB--></AD_ELEMENT>
 
+<!--8976BF563A8848EE9A25AB42C1B995D3--><AD_ELEMENT>
+<!--8976BF563A8848EE9A25AB42C1B995D3-->  <AD_ELEMENT_ID><![CDATA[8976BF563A8848EE9A25AB42C1B995D3]]></AD_ELEMENT_ID>
+<!--8976BF563A8848EE9A25AB42C1B995D3-->  <AD_CLIENT_ID><![CDATA[0]]></AD_CLIENT_ID>
+<!--8976BF563A8848EE9A25AB42C1B995D3-->  <AD_ORG_ID><![CDATA[0]]></AD_ORG_ID>
+<!--8976BF563A8848EE9A25AB42C1B995D3-->  <ISACTIVE><![CDATA[Y]]></ISACTIVE>
+<!--8976BF563A8848EE9A25AB42C1B995D3-->  <COLUMNNAME><![CDATA[IsWebServiceEnabled]]></COLUMNNAME>
+<!--8976BF563A8848EE9A25AB42C1B995D3-->  <NAME><![CDATA[Is Web Service Enabled]]></NAME>
+<!--8976BF563A8848EE9A25AB42C1B995D3-->  <PRINTNAME><![CDATA[Is Web Service Enabled]]></PRINTNAME>
+<!--8976BF563A8848EE9A25AB42C1B995D3-->  <DESCRIPTION><![CDATA[If checked, web services will be able to obtain data for users with this role]]></DESCRIPTION>
+<!--8976BF563A8848EE9A25AB42C1B995D3-->  <HELP><![CDATA[If checked, web services will be able to obtain data for users with this role. It applies to both JSON REST and XML REST web services]]></HELP>
+<!--8976BF563A8848EE9A25AB42C1B995D3-->  <AD_MODULE_ID><![CDATA[0]]></AD_MODULE_ID>
+<!--8976BF563A8848EE9A25AB42C1B995D3-->  <ISGLOSSARY><![CDATA[N]]></ISGLOSSARY>
+<!--8976BF563A8848EE9A25AB42C1B995D3--></AD_ELEMENT>
+
 <!--8A19431CC0E020DBE040007F01013CCA--><AD_ELEMENT>
 <!--8A19431CC0E020DBE040007F01013CCA-->  <AD_ELEMENT_ID><![CDATA[8A19431CC0E020DBE040007F01013CCA]]></AD_ELEMENT_ID>
 <!--8A19431CC0E020DBE040007F01013CCA-->  <AD_CLIENT_ID><![CDATA[0]]></AD_CLIENT_ID>
--- a/src-db/database/sourcedata/AD_FIELD.xml	Mon Jan 20 11:36:17 2014 +0100
+++ b/src-db/database/sourcedata/AD_FIELD.xml	Mon Jan 20 14:50:37 2014 +0100
@@ -179827,6 +179827,34 @@
 <!--1379570E3FF6422FA0B34BF587F189D7-->  <EM_OBUIAPP_SHOWSUMMARY><![CDATA[N]]></EM_OBUIAPP_SHOWSUMMARY>
 <!--1379570E3FF6422FA0B34BF587F189D7--></AD_FIELD>
 
+<!--13924E8A97BC408EBEF5C5E009A56CEA--><AD_FIELD>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <AD_FIELD_ID><![CDATA[13924E8A97BC408EBEF5C5E009A56CEA]]></AD_FIELD_ID>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <AD_CLIENT_ID><![CDATA[0]]></AD_CLIENT_ID>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <AD_ORG_ID><![CDATA[0]]></AD_ORG_ID>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <ISACTIVE><![CDATA[Y]]></ISACTIVE>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <NAME><![CDATA[Is Web Service Enabled]]></NAME>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <DESCRIPTION><![CDATA[If checked, web services will be able to obtain data for users with this role]]></DESCRIPTION>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <HELP><![CDATA[If checked, web services will be able to obtain data for users with this role. It applies to both JSON REST and XML REST web services]]></HELP>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <ISCENTRALLYMAINTAINED><![CDATA[Y]]></ISCENTRALLYMAINTAINED>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <AD_TAB_ID><![CDATA[119]]></AD_TAB_ID>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <AD_COLUMN_ID><![CDATA[54C42E22809F46969BC384584EA4C692]]></AD_COLUMN_ID>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <IGNOREINWAD><![CDATA[N]]></IGNOREINWAD>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <ISDISPLAYED><![CDATA[Y]]></ISDISPLAYED>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <DISPLAYLENGTH><![CDATA[1]]></DISPLAYLENGTH>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <ISREADONLY><![CDATA[N]]></ISREADONLY>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <SEQNO><![CDATA[140]]></SEQNO>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <ISSAMELINE><![CDATA[N]]></ISSAMELINE>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <ISFIELDONLY><![CDATA[N]]></ISFIELDONLY>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <ISENCRYPTED><![CDATA[N]]></ISENCRYPTED>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <SHOWINRELATION><![CDATA[Y]]></SHOWINRELATION>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <ISFIRSTFOCUSEDFIELD><![CDATA[N]]></ISFIRSTFOCUSEDFIELD>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <AD_MODULE_ID><![CDATA[0]]></AD_MODULE_ID>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <STARTINODDCOLUMN><![CDATA[N]]></STARTINODDCOLUMN>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <STARTNEWLINE><![CDATA[N]]></STARTNEWLINE>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <ISSHOWNINSTATUSBAR><![CDATA[N]]></ISSHOWNINSTATUSBAR>
+<!--13924E8A97BC408EBEF5C5E009A56CEA-->  <EM_OBUIAPP_SHOWSUMMARY><![CDATA[N]]></EM_OBUIAPP_SHOWSUMMARY>
+<!--13924E8A97BC408EBEF5C5E009A56CEA--></AD_FIELD>
+
 <!--13930E392FB84F9FB7F3241CB4C3B4FB--><AD_FIELD>
 <!--13930E392FB84F9FB7F3241CB4C3B4FB-->  <AD_FIELD_ID><![CDATA[13930E392FB84F9FB7F3241CB4C3B4FB]]></AD_FIELD_ID>
 <!--13930E392FB84F9FB7F3241CB4C3B4FB-->  <AD_CLIENT_ID><![CDATA[0]]></AD_CLIENT_ID>
--- a/src/org/openbravo/service/web/BaseWebServiceServlet.java	Mon Jan 20 11:36:17 2014 +0100
+++ b/src/org/openbravo/service/web/BaseWebServiceServlet.java	Mon Jan 20 14:50:37 2014 +0100
@@ -11,7 +11,7 @@
  * under the License. 
  * The Original Code is Openbravo ERP. 
  * The Initial Developer of the Original Code is Openbravo SLU 
- * All portions are Copyright (C) 2008-2010 Openbravo SLU 
+ * All portions are Copyright (C) 2008-2014 Openbravo SLU 
  * All Rights Reserved. 
  * Contributor(s):  ______________________________________.
  ************************************************************************
@@ -93,12 +93,20 @@
   protected void doService(HttpServletRequest request, HttpServletResponse response)
       throws ServletException, IOException {
     try {
-      if (OBContext.getOBContext() != null && OBContext.getOBContext().isPortalRole()) {
-        // Portal users are not granted to direct web services
-        log.error("Portal user " + OBContext.getOBContext().getUser() + " with role "
-            + OBContext.getOBContext().getRole()
-            + " is trying to access to non granted web service " + request.getRequestURL());
-        throw new OBSecurityException("Web Services are not granted to Portal roles");
+      if (OBContext.getOBContext() != null) {
+        if (OBContext.getOBContext().isPortalRole()) {
+          // Portal users are not granted to direct web services
+          log.error("Portal user " + OBContext.getOBContext().getUser() + " with role "
+              + OBContext.getOBContext().getRole()
+              + " is trying to access to non granted web service " + request.getRequestURL());
+          throw new OBSecurityException("Web Services are not granted to Portal roles");
+        } else if (!OBContext.getOBContext().getRole().isWebServiceEnabled()) {
+          log.error("User " + OBContext.getOBContext().getUser() + " with role "
+              + OBContext.getOBContext().getRole()
+              + " is trying to access to non granted web service " + request.getRequestURL());
+          throw new OBSecurityException("Web Services are not granted to "
+              + OBContext.getOBContext().getRole().getName() + " role");
+        }
       }
       super.service(request, response);
       response.setStatus(200);