c2c-oerpscenario team mailing list archive
-
c2c-oerpscenario team
-
Mailing list archive
-
Message #16903
[Bug 719289] Re: [trunk] web crash - serverrestart necessary
Obviously here the logged in user does not have the "Employee" group,
which is a situation where the user access rights need to be manually
assigned and verified.
I suppose everyone understands that when a security issue happens at
very low-level (e.g. accessing actions or views definitions) a client
can only show you an error page. The only thing you should be able to do
at that point is to logout and relogin as admin to fix the settings.
This brings us to the 2 separate issues I can see here:
1. the web client should never leave you in a state where you can't logout
2. audit_trail security settings should be relaxed to allow everyone to read the the audit rules, because it should apply even to user that do not belong to "Employee" (e.g. external users)
For 1., as a workaround, you can logout via at least 2 other ways
without restarting the web server: delete the cookies corresponding to
the OpenERP Web you are connecting to (in your browser menus), or
manually open the "/logout" URL by replacing the URL in the address bar
with "http://SERVER:PORT/logout";.
Let's reassign the current bug to the web team so they fix item 1.
above, and open a new bug for the audit_trail one.
** Project changed: openobject-addons => openobject-web
** Changed in: openobject-web
Importance: Medium => Low
** Changed in: openobject-web
Status: New => Confirmed
** Changed in: openobject-web
Assignee: OpenERP R&D Addons Team 1 (openerp-dev-addons1) => OpenERP's Framework R&D (openerp-dev-framework)
--
You received this bug notification because you are a member of C2C
OERPScenario, which is subscribed to the OpenERP Project Group.
https://bugs.launchpad.net/bugs/719289
Title:
[trunk] web crash - serverrestart necessary
Status in OpenERP Web (project parking):
Confirmed
Bug description:
need to restart server
see also bug
https://bugs.launchpad.net/openobject-addons/+bug/719063
Unrecoverable error in the server.
Traceback (most recent call last):
File "/usr/lib/python2.6/site-packages/CherryPy-3.1.2-py2.6.egg/cherrypy/_cprequest.py", line 541, in run
self.respond(pi)
File "/usr/lib/python2.6/site-packages/CherryPy-3.1.2-py2.6.egg/cherrypy/_cprequest.py", line 624, in respond
self.handle_error()
File "/usr/lib/python2.6/site-packages/CherryPy-3.1.2-py2.6.egg/cherrypy/_cprequest.py", line 746, in handle_error
self.error_response()
File "/home2/gass/OpenERP/trunk/openobject-client-web/6.0/addons/openerp/controllers/root.py", line 35, in _cp_on_error
message = errorpage.render()
File "/home2/gass/OpenERP/trunk/openobject-client-web/6.0/addons/openerp/controllers/error_page.py", line 48, in render
return self.__render(value)
File "/home2/gass/OpenERP/trunk/openobject-client-web/6.0/openobject/tools/_expose.py", line 182, in func_wrapper
res = func(*args, **kw)
File "/home2/gass/OpenERP/trunk/openobject-client-web/6.0/addons/openerp/controllers/error_page.py", line 68, in __render
maintenance = proxy.status()
File "/home2/gass/OpenERP/trunk/openobject-client-web/6.0/addons/openerp/utils/rpc.py", line 396, in <lambda>
return lambda *args: self(name, *args)
File "/home2/gass/OpenERP/trunk/openobject-client-web/6.0/addons/openerp/utils/rpc.py", line 405, in __call__
self._resource, *args)
File "/home2/gass/OpenERP/trunk/openobject-client-web/6.0/addons/openerp/utils/rpc.py", line 357, in execute
return self.gateway.execute(obj, method, *args)
File "/home2/gass/OpenERP/trunk/openobject-client-web/6.0/addons/openerp/utils/rpc.py", line 147, in execute
return self.__execute(obj, method, args)
File "/home2/gass/OpenERP/trunk/openobject-client-web/6.0/addons/openerp/utils/rpc.py", line 133, in __execute
common.error(_('Application Error'), err.backtrace)
File "/home2/gass/OpenERP/trunk/openobject-client-web/6.0/addons/openerp/utils/common.py", line 24, in error
raise openobject.errors.TinyError(message=msg, title=title or _("Error"))
TinyError: Traceback (most recent call last):
File "/home2/gass/OpenERP/trunk/openobject-server/6.0/bin/netsvc.py", line 489, in dispatch
result = ExportService.getService(service_name).dispatch(method, auth, params)
File "/home2/gass/OpenERP/trunk/openobject-server/6.0/bin/service/web_services.py", line 599, in dispatch
res = fn(db, uid, *params)
File "/home2/gass/OpenERP/trunk/openobject-server/6.0/bin/addons/audittrail/audittrail.py", line 511, in execute
res = my_fct(db, uid, model, method, *args)
File "/home2/gass/OpenERP/trunk/openobject-server/6.0/bin/addons/audittrail/audittrail.py", line 493, in my_fct
rule_ids = rule_pool.search(cr, uid, [('object_id', '=', model_id), ('state', '=', 'subscribed')])
File "/home2/gass/OpenERP/trunk/openobject-server/6.0/bin/osv/orm.py", line 1736, in search
return self._search(cr, user, args, offset=offset, limit=limit, order=order, context=context, count=count)
File "/home2/gass/OpenERP/trunk/openobject-server/6.0/bin/osv/orm.py", line 3983, in _search
self.pool.get('ir.model.access').check(cr, access_rights_uid or user, self._name, 'read', context=context)
File "/home2/gass/OpenERP/trunk/openobject-server/6.0/bin/tools/misc.py", line 823, in cached_result
result2 = fn(self2, cr, *args[:self.skiparg-2], **kwargs2)
File "/home2/gass/OpenERP/trunk/openobject-server/6.0/bin/addons/base/ir/ir_model.py", line 514, in check
raise except_orm(_('AccessError'), msgs[mode] % (model_name, groups) )
except_orm: ('AccessError', u'You can not read this document (audittrail.rule) ! Be sure your user belongs to one of these groups: Employee.')
References
