IDempiere/FullMeeting20150701

From WikiQSS
Revision as of 21:09, 1 July 2015 by CarlosRuiz (talk | contribs) (drop JIRA notifications from log)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Table of Contents | Full Meeting Minutes | Full Meeting 2015-07-01

CarlosRuiz: Good Morning
nmicoud: Bonjour
aguerra: Buenos dias CarlosRuiz & nmicoud
nmicoud: hi aguerra
nmicoud: CarlosRuiz, could you have a look at https://idempiere.atlassian.net/browse/IDEMPIERE-2679 ; there is patch (draft stage). The idea is to say if it's ok or if the way i manage it is really bad
CarlosRuiz: ok
nmicoud: thanks
ocurielesIngeint: Hi, Good Morning
CarlosRuiz: is that patch for r3 or 2.1?
CarlosRuiz: Hi ocurielesIngeint
nmicoud: 2.1 i think
CarlosRuiz: ok
ocurielesIngeint: Hi @CarlosRuiz, I wanna use idempeire r3 for Production enviroment
ocurielesIngeint: is Possible ? :-)
ocurielesIngeint: all is possible :-), Is Recommended ?
pkirwa: Hi Everyone
nmicoud: ocurielesIngeint : FWYW, we started in production with version 2 (which was still in development stage). As it was heasily tested, there was no issue
CarlosRuiz: ocurielesIngeint, AFAIK norbertbede and tbayen are using r3 in production
CarlosRuiz: they're having issues and they have reported
CarlosRuiz: some are critical issues with some workarounds that implies extra work - like that plugins disappear on reboot
ocurielesIngeint: Ok Thanks guys
norbertbede: yes we are running 3.0
norbertbede: aprox 50 users
norbertbede: for now
CarlosRuiz: also, I try to take care quickly about bugs on r2.1 - and do extra quality check on 2.1 commits
aguerra: Hi ocurielesIngeint
CarlosRuiz: but on r3 I'm not necessarily that careful
ocurielesIngeint: yes i know that
ocurielesIngeint: Hi @aguerra
CarlosRuiz: so, my recommendation is that if you plan to use r3 for production better use a fork and be prepared to solve urgent issues by yourself and share with community
ocurielesIngeint: Thanks @CarlosRuiz for your recommendation :-)
CarlosRuiz: although such recommendation is applicable for any project in any version ;)
norbertbede: i like any other experimental implementor
norbertbede: because we fix most issues well :)
CarlosRuiz: nmicoud,
CarlosRuiz: about IDEMPIERE-2679.patch
nmicoud: yes Carlos, listening
CarlosRuiz: haven't tested but approach looks ok
CarlosRuiz: about code peer review
CarlosRuiz: you can use MAccount instead of X_C_ValidCombination
CarlosRuiz: you better use a translatable message for the FDialog (I guess you have that in your todo list for this)
CarlosRuiz: and I think the comparison is incomplete
nmicoud: ok pour MAccount instead of X_C_ValidCombination
nmicoud: right for the msg
nmicoud: and for comparison ?
CarlosRuiz: you must check the null vs not null changes too
CarlosRuiz: when a value is null in DB and not null on windows / and viceversa
nmicoud: ah yes
nmicoud: the comparision will be looooong :) but complete !
CarlosRuiz: all comparable objects are IDs
CarlosRuiz: so, maybe you just create a isChanged method passing the two values to compare
nmicoud: yeah, would be more readable
CarlosRuiz: hieplq, AYT?
hieplq: good evening CarlosRuiz, i'm here
CarlosRuiz: good hieplq
CarlosRuiz: I'm reviewing your comment on IDEMPIERE-2672
CarlosRuiz: didn't notice that - thanks for your report
CarlosRuiz: but now I'm wondering how the fix must be
CarlosRuiz: showing GardenWorld records when logged as System seems like a security issue
hieplq: not sure but name of query is direct query. i think it's for bypass security barie
CarlosRuiz: ah, I see the issue
CarlosRuiz: some seed "corrupted" data maybe
CarlosRuiz: I remember those AD_*_Access records are wrong
CarlosRuiz: the records for garden roles are on system client
CarlosRuiz: running role access update fixes that - let me check
CarlosRuiz: yep - "role access update" fixed the corrupted records
hieplq: "showing GardenWorld records when logged as System seems like a security issue" is true?
CarlosRuiz: yep - showing info from a different tenant must be a security issue - in any case - the only window we workarounded that (with tricks) is on "Active Session"
nmicoud: AFAIR, you can display data from others tenant with table direct + dynamic validation
nmicoud: you must write AD_Client_ID = @#AD_Client_ID@ in the validation rule
CarlosRuiz: it must not
CarlosRuiz: with same ticket I also solved another security issue
CarlosRuiz: if a user changes a preference with an ID pertaining to a different tenant - it can see data from other tenants
CarlosRuiz: because of that "direct unfiltered query"
nmicoud: need to test again then
hafiz4saqib: hi everyone
hafiz4saqib: i have electronics shop
hafiz4saqib: in my shop available LED, Digital Camera, Multimedia Speakers, Headphone and Laptop etc
hafiz4saqib: is this software is suitable for me or no ?
CarlosRuiz: hg status