Hi all,
after searching a lot I still haven't found an answer... I understood the differences between security groups and roles. My question is: Where can I change a role? For example: I want to give more permissions to a CUSTOMER or create my own Role? Thanks a lot for any help! Alexander |
Administrator
|
From: "Alexander1893" <[hidden email]>
> Hi all, > > after searching a lot I still haven't found an answer... > > I understood the differences between security groups and roles. My question > is: > Where can I change a role? Have a look at https://localhost:8443/partymgr/control/viewroles?partyId=admin Bottom for new own Role >For example: I want to give more permissions to a > CUSTOMER or create my own Role? and https://localhost:8443/partymgr/control/FindSecurityGroup to give permissions But I wonder if it really answer your questions since you understood the differences between them Jacques > Thanks a lot for any help! > > Alexander > -- > View this message in context: http://n4.nabble.com/Creating-a-new-Role-Changing-a-Role-tp977965p977965.html > Sent from the OFBiz - User mailing list archive at Nabble.com. > |
Hi Jacques,
thanks a lot for your reply! Perhaps I didn't understand the concept... I followed the links - and I added a role. But I don't know where I can associate permissions with my new role... Perhaps I try again to describe what I'd like to do: > When a person registers in the shop-frontend he gets the role "CUSTOMER". > I want to change the permissons of this role I haven't found any place where I can see the permissions that are related to the role "CUSTOMER" (I can see them in the database - but not in the backend) and I don't know where I can add or remove permissions to / from that role. Thanks for any further help! Alexander
|
Administrator
|
I think that at this point you should read
http://cwiki.apache.org/confluence/display/OFBTECH/OFBiz+security Jacques From: "Alexander1893" <[hidden email]> > Hi Jacques, > > thanks a lot for your reply! > Perhaps I didn't understand the concept... > > I followed the links - and I added a role. But I don't know where I can > associate permissions with my new role... > Perhaps I try again to describe what I'd like to do: >> When a person registers in the shop-frontend he gets the role "CUSTOMER". >> I want to change the permissons of this role > > I haven't found any place where I can see the permissions that are related > to the role "CUSTOMER" (I can see them in the database - but not in the > backend) and I don't know where I can add or remove permissions to / from > that role. > > Thanks for any further help! > Alexander > > > Jacques Le Roux wrote: >> >> From: "Alexander1893" <[hidden email]> >>> Hi all, >>> >>> after searching a lot I still haven't found an answer... >>> >>> I understood the differences between security groups and roles. My >>> question >>> is: >>> Where can I change a role? >> >> Have a look at >> https://localhost:8443/partymgr/control/viewroles?partyId=admin >> Bottom for new own Role >> >>>For example: I want to give more permissions to a >>> CUSTOMER or create my own Role? >> >> and https://localhost:8443/partymgr/control/FindSecurityGroup >> to give permissions >> >> But I wonder if it really answer your questions since you understood the >> differences between them >> >> Jacques >> >>> Thanks a lot for any help! >>> >>> Alexander >>> -- >>> View this message in context: >>> http://n4.nabble.com/Creating-a-new-Role-Changing-a-Role-tp977965p977965.html >>> Sent from the OFBiz - User mailing list archive at Nabble.com. >>> >> >> >> > > -- > View this message in context: http://n4.nabble.com/Creating-a-new-Role-Changing-a-Role-tp977965p978432.html > Sent from the OFBiz - User mailing list archive at Nabble.com. > |
Hi Jacques,
I think I still don't get it... During the registration the following service is called in the CustomerEvents.xml: <call-service service-name="createPartyRole" in-map-name="partyRoleContext" include-user-login="true"/> What I don't understand: As far as I can see the new customer has no roles at all at this point. According to the service-definitions the service can only be called if you have the permission PARTYMGR_CREATE - so I don't know why this service can be called successfully... When I try to call other services I get an security-error, because the customer does not have the necessary roles / permissons... In addition: is there any way to call a service not with the logged in user but with a different one (having more permissions) Thanx Alexander
|
Administrator
|
A service to be called needs an UserLogin. You can provide the system UserLogin which give you all rights during the service call
Look for examples in code (java and xml) Jacques From: "Alexander1893" <[hidden email]> > > Hi Jacques, > > I think I still don't get it... > > During the registration the following service is called in the > CustomerEvents.xml: > > <call-service service-name="createPartyRole" in-map-name="partyRoleContext" > include-user-login="true"/> > > What I don't understand: > As far as I can see the new customer has no roles at all at this point. > According to the service-definitions the service can only be called if you > have the permission PARTYMGR_CREATE - so I don't know why this service can > be called successfully... > When I try to call other services I get an security-error, because the > customer does not have the necessary roles / permissons... > > In addition: is there any way to call a service not with the logged in user > but with a different one (having more permissions) > > Thanx > Alexander > > > > Jacques Le Roux wrote: >> >> I think that at this point you should read >> http://cwiki.apache.org/confluence/display/OFBTECH/OFBiz+security >> >> Jacques >> >> From: "Alexander1893" <[hidden email]> >>> Hi Jacques, >>> >>> thanks a lot for your reply! >>> Perhaps I didn't understand the concept... >>> >>> I followed the links - and I added a role. But I don't know where I can >>> associate permissions with my new role... >>> Perhaps I try again to describe what I'd like to do: >>>> When a person registers in the shop-frontend he gets the role >>>> "CUSTOMER". >>>> I want to change the permissons of this role >>> >>> I haven't found any place where I can see the permissions that are >>> related >>> to the role "CUSTOMER" (I can see them in the database - but not in the >>> backend) and I don't know where I can add or remove permissions to / from >>> that role. >>> >>> Thanks for any further help! >>> Alexander >>> >>> >>> Jacques Le Roux wrote: >>>> >>>> From: "Alexander1893" <[hidden email]> >>>>> Hi all, >>>>> >>>>> after searching a lot I still haven't found an answer... >>>>> >>>>> I understood the differences between security groups and roles. My >>>>> question >>>>> is: >>>>> Where can I change a role? >>>> >>>> Have a look at >>>> https://localhost:8443/partymgr/control/viewroles?partyId=admin >>>> Bottom for new own Role >>>> >>>>>For example: I want to give more permissions to a >>>>> CUSTOMER or create my own Role? >>>> >>>> and https://localhost:8443/partymgr/control/FindSecurityGroup >>>> to give permissions >>>> >>>> But I wonder if it really answer your questions since you understood the >>>> differences between them >>>> >>>> Jacques >>>> >>>>> Thanks a lot for any help! >>>>> >>>>> Alexander >>>>> -- >>>>> View this message in context: >>>>> http://n4.nabble.com/Creating-a-new-Role-Changing-a-Role-tp977965p977965.html >>>>> Sent from the OFBiz - User mailing list archive at Nabble.com. >>>>> >>>> >>>> >>>> >>> >>> -- >>> View this message in context: >>> http://n4.nabble.com/Creating-a-new-Role-Changing-a-Role-tp977965p978432.html >>> Sent from the OFBiz - User mailing list archive at Nabble.com. >>> >> >> >> > > -- > View this message in context: http://n4.nabble.com/Creating-a-new-Role-Changing-a-Role-tp977965p978857.html > Sent from the OFBiz - User mailing list archive at Nabble.com. > |
Hi all,
after searching a while for the possibilty to call a service using the userLogin "system" I did it this way: <entity-one entity-name="UserLogin" value-field="billingAccountContext.userLogin" auto-field-map="false"> <field-map field-name="userLoginId" value="system"/> </entity-one> <call-service service-name="createBillingAccount" in-map-name="billingAccountContext"/> It works. @Jacques: Thanx a lot for the support. Alexander
|
Free forum by Nabble | Edit this page |