Help with roles / security groups in a certain usage case
Locked
Help with roles / security groups in a certain usage case
 
|
Hi ,
I am trying to model multiple suppliers ( scale=10000's) and multiple buyers (scale=10000's) . Each supplier (a PartyGroup/Person) shall have (its own) product categories , products , store , warehouses etc that is required to run his business. Each buyer (a PartyGroup or Person) shall have minimal of such entities and its role is limited to buying and creating financial transactions. Can anyone point me to useful documentation that shall help me to create a set of permission / role assignment so that each of the stake holders are able to see only that much information which they are supposed to see. By "supposed" i mean the security accesses that are generally accepted , eg each supplier should be able to see only his products / its pricings and all entities owned by him only. Please Note all the above *needs *to be preferably done under a single tenant. Also any direct guidance is also solicited. regds mallah. |
Re: Help with roles / security groups in a certain usage case
Administrator
|
Short answer: did you read https://cwiki.apache.org/confluence/display/OFBIZ/OFBiz+Security+Permissions ?
Jacques Le 16/03/2018 à 08:03, Rajesh Mallah a écrit : > Hi , > > I am trying to model multiple suppliers ( scale=10000's) and > multiple buyers (scale=10000's) . > > Each supplier (a PartyGroup/Person) shall have (its own) product > categories , > products , store , warehouses etc that is required to run his business. > > Each buyer (a PartyGroup or Person) shall have minimal of such entities > and its role is limited to buying and creating financial transactions. > > Can anyone point me to useful documentation that shall help me > to create a set of permission / role assignment so that each of the stake > holders are able to see only that much information which they are > supposed to see. By "supposed" i mean the security accesses that > are generally accepted , eg each supplier should be able to see only > his products / its pricings and all entities owned by him only. > > Please Note all the above *needs *to be preferably done under a single > tenant. > > Also any direct guidance is also solicited. > > regds > mallah. > |
|
In reply to this post by Rajesh Mallah
Hi Rajesh,
I think what you are looking for is row-level security (restricted database records) not user interface security [1]. So your restrictions are more-or-less queries against the user login to check if the party of logged in user has a certain role. Essentially, the screens that you want to design with these restrictions should check in <actions>...</actions> if roles-to-entities exist and then display related records. [1] https://cwiki.apache.org/confluence/display/OFBIZ/OFBiz+Security+Permissions#OFBizSecurityPermissions-Atrecordlevel,byusingRolelimitedpermissionsorrelatedmeans On Mar 16, 2018 10:04 AM, "Rajesh Mallah" <[hidden email]> wrote: > Hi , > > I am trying to model multiple suppliers ( scale=10000's) and > multiple buyers (scale=10000's) . > > Each supplier (a PartyGroup/Person) shall have (its own) product > categories , > products , store , warehouses etc that is required to run his business. > > Each buyer (a PartyGroup or Person) shall have minimal of such entities > and its role is limited to buying and creating financial transactions. > > Can anyone point me to useful documentation that shall help me > to create a set of permission / role assignment so that each of the stake > holders are able to see only that much information which they are > supposed to see. By "supposed" i mean the security accesses that > are generally accepted , eg each supplier should be able to see only > his products / its pricings and all entities owned by him only. > > Please Note all the above *needs *to be preferably done under a single > tenant. > > Also any direct guidance is also solicited. > > regds > mallah. > |
Re: Help with roles / security groups in a certain usage case
|
|
In reply to this post by Jacques Le Roux
Thanks Jaqcues!. Shall go through it.
@Taher The normal access to entities shall be through XMLRPC or SOAP using certain 'login.username' and 'login.password' params . There shall be a layer of software which shall be doing the XMLRPC/SOAP I shall be restricting the exposure of data by limiting the dataset by filtering the dataset to the linked data of current user . But i wanted that the real security should be imposed by OFBiz security system only so that if ever OOTB access is granted the information exposure is consistent. Shall discuss more after some self-study. regds mallah. On Fri, Mar 16, 2018 at 1:03 PM, Jacques Le Roux < [hidden email]> wrote: > Short answer: did you read https://cwiki.apache.org/confl > uence/display/OFBIZ/OFBiz+Security+Permissions ? > > Jacques > > > Le 16/03/2018 à 08:03, Rajesh Mallah a écrit : > >> Hi , >> >> I am trying to model multiple suppliers ( scale=10000's) and >> multiple buyers (scale=10000's) . >> >> Each supplier (a PartyGroup/Person) shall have (its own) product >> categories , >> products , store , warehouses etc that is required to run his business. >> >> Each buyer (a PartyGroup or Person) shall have minimal of such entities >> and its role is limited to buying and creating financial transactions. >> >> Can anyone point me to useful documentation that shall help me >> to create a set of permission / role assignment so that each of the stake >> holders are able to see only that much information which they are >> supposed to see. By "supposed" i mean the security accesses that >> are generally accepted , eg each supplier should be able to see only >> his products / its pricings and all entities owned by him only. >> >> Please Note all the above *needs *to be preferably done under a single >> tenant. >> >> Also any direct guidance is also solicited. >> >> regds >> mallah. >> >> > |
|
|
Okay, then you bake the security into your services.
On Mar 16, 2018 12:02 PM, "Rajesh Mallah" <[hidden email]> wrote: > Thanks Jaqcues!. Shall go through it. > > > @Taher > > The normal access to entities shall be through XMLRPC or SOAP using > certain 'login.username' and 'login.password' params . There shall > be a layer of software which shall be doing the XMLRPC/SOAP > > I shall be restricting the exposure of data by limiting > the dataset by filtering the dataset to the linked data of current > user . > > But i wanted that the real security should be imposed by OFBiz > security system only so that if ever OOTB access is granted > the information exposure is consistent. > > Shall discuss more after some self-study. > > regds > mallah. > > > > > > > > > > > On Fri, Mar 16, 2018 at 1:03 PM, Jacques Le Roux < > [hidden email]> wrote: > > > Short answer: did you read https://cwiki.apache.org/confl > > uence/display/OFBIZ/OFBiz+Security+Permissions ? > > > > Jacques > > > > > > Le 16/03/2018 à 08:03, Rajesh Mallah a écrit : > > > >> Hi , > >> > >> I am trying to model multiple suppliers ( scale=10000's) and > >> multiple buyers (scale=10000's) . > >> > >> Each supplier (a PartyGroup/Person) shall have (its own) product > >> categories , > >> products , store , warehouses etc that is required to run his business. > >> > >> Each buyer (a PartyGroup or Person) shall have minimal of such entities > >> and its role is limited to buying and creating financial transactions. > >> > >> Can anyone point me to useful documentation that shall help me > >> to create a set of permission / role assignment so that each of the > stake > >> holders are able to see only that much information which they are > >> supposed to see. By "supposed" i mean the security accesses that > >> are generally accepted , eg each supplier should be able to see only > >> his products / its pricings and all entities owned by him only. > >> > >> Please Note all the above *needs *to be preferably done under a single > >> tenant. > >> > >> Also any direct guidance is also solicited. > >> > >> regds > >> mallah. > >> > >> > > > |
«
Return to OFBiz - User
|
1 view|%1 views
| Free forum by Nabble | Edit this page |