Hi
As per this documentation:
"When an assisted service agent who is a member of the asagentsalesgroup user group clicks the Place Order button, the URL is evaluated and prohibits the assisted service agent from placing the order and displays a warning at the top of the page: You do not have access rights to perform this action".
This is not working in v1905 with the default asagent
Looking at the bean:
<alias name="defaultAsmSalesGroupRestrictedPathsList" alias="asmSalesGroupRestrictedPathsList" />
<util:list id="defaultAsmSalesGroupRestrictedPathsList" value-type="java.lang.String">
<value>/checkout/multi/summary/placeOrder</value>
</util:list>
Looks incorrect as place order is a POST call. But even if I change this to POST:/checkout/multi/summary/placeOrder, does not work.
Mainly because the evaluator class checks asagentsalesmanagergroup and not asagentsalesgroup as mentioned in the documentation
@Override
public boolean evaluate(final HttpServletRequest httpservletrequest, final HttpServletResponse httpservletresponse)
{
if (pathMatches(httpservletrequest) && getAssistedServiceFacade().isAssistedServiceAgentLoggedIn())
{
final UserGroupModel managerGroup = getUserService().getUserGroupForUID(
AssistedserviceservicesConstants.AS_MANAGER_AGENT_GROUP_UID);
final UserModel agent = getAssistedServiceFacade().getAsmSession().getAgent();
// restrict access in case agent is not in manager group
if (!getUserService().isMemberOfGroup(agent, managerGroup))
{
sendRedirectToPreviousPage(httpservletrequest, httpservletresponse);
return false;
}
}
return true;
}
Possibly a bug. Could anyone please help.
Bluesky
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.