Description of problem: When you upload Graphic resources like Envelope, you will get an error message "The zip file contains potentially insecure jsp's. Please use jsp's with only HTML and tags, or log in as root." even if you are logged in as an admin user (e.g. bpmsAdmin). Steps to Reproduce: 1. log in to business-central as admin (e.g. bpmsAdmin) 2. Go to [Dashboards]->[Business Dashboards] 3. Go to configration [Graphic resources] -> [Envelope] 4. Download Default_Envelope.zip 5. Upload the Default_Envelope.zip with a different name Actual results: Get an error message "The zip file contains potentially insecure jsp's. Please use jsp's with only HTML and tags, or log in as root." Expected results: The Envelope is successfully added Additional info: If you create a user with username 'root' and role 'admin', you can work around the error.
Indeed, this a known product limitation that should be removed. Anyone with the right privileges should be able to upload graphic resources.
Work around: A) Create a user with username 'root' and role 'admin'. Then login as the 'root' user. or B) Set your admin username to 2 system properties. "org.jboss.dashboard.users.UserStatus.rootLogin" and "org.jboss.dashboard.users.UserStatus.rootUserName" for example) standalone.xml <system-properties> ... <property name="org.jboss.dashboard.users.UserStatus.rootLogin" value="bpmsAdmin"/> <property name="org.jboss.dashboard.users.UserStatus.rootUserName" value="bpmsAdmin"/> </system-properties>
Fixed. This constraint has been removed so that anyone with admnin privileges is able to upload graphic resources. Github commit (master): https://github.com/droolsjbpm/dashboard-builder/commit/19b6aeeca3e5eebdcace8415dc971e06a9529005 Github commit (6.2.x): https://github.com/droolsjbpm/dashboard-builder/commit/e2170df4a9b96d6d92a1ed264b43302498cfd1ca
Ok, verified with BPM Suite 6.1.0 ER3.