Issue in Project Manager

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Issue in Project Manager

Pranay Pandey-2
Hello Users,

I am facing issue in project manager application, I did following:

1. Created a userLogin with PROJECTADMIN security group.
2. This user should be having all the permissions for project manager.
3. Not getting option to create a new project in https://localhost:8443/projectmgr/control/FindProject 
.

I tried this by using admin profile and worked well so tried it again  
by assigning FULLADMIN to the newly created user login but it didn't  
work.

I tried to clear this out from the code in specialpurpose/projectmgr/
widget/Menus.xml which is behaving differently for these but couldn't  
get success.
<set field="hasUpdatePermission" value="${bsh:
                 result =  
dispatcher.runSync(&quot;projectMgrPermission&quot;,
                 
org.ofbiz.base.util.UtilMisc.toMap(&quot;userLogin&quot;,  
parameters.get(&quot;userLogin&quot;),
                 &quot;resourceDescription&quot;, &quot;Project&quot;,
                 &quot;mainAction&quot;, &quot;UPDATE&quot;,
                 &quot;projectId&quot;, projectId));
                 return result.get(&quot;hasPermission&quot;); }"  
type="Boolean"/>

Thanks in advance for any help.


Thanks & Regards
--
Pranay Pandey

smime.p7s (3K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Issue in Project Manager

Ashish Vijaywargiya-5
Hello Pranay,

Let me help you (Only concentrate on my comments that is present inside
code snippet taken from file ProjectPermissionServices.xml - I have put
false statement and some comment in that) :
The below code snippet is the only area which can help you to figure out
the problem.
Please discuss me in person if you are unable to figure out the issue.


        <if-compare field="sec_object" value="PROJECT" operator="equals">
            <!--log level="info" message="======ProjectMGR
Security=====  action: ${parameters.mainAction} object: ${sec_object}
Id: ${parameters.projectId} resourceDescription:
${parameters.resourceDescription}"/-->
            <set field="projectId" from-field="parameters.projectId"/>
            <set field="partyId" from-field="parameters.userLogin.partyId"/>
            <call-simple-method method-name="checkProjectMembership"/>
            <if>
                <condition>
                    <or>
                        <and>
                            <!-- view a project with a null id is a null
operation, so ok... -->
                            <if-empty field="parameters.projectIdId"/>
                            <if-compare field="parameters.mainAction"
value="VIEW" operator="equals"/>
                        </and>
                        <and>
                            <!-- false -->
                            <if-has-permission
permission="PROJECTMGR_ADMIN"/>
                            <not><if-has-permission
permission="PROJECTMGR_ROLE_ADMIN"/></not>
                        </and>
                        <and>
                            <!-- return false for the user you have
created -->
                            <!-- In case of admin it returns true
isMember flag returns true from method in the bottom
"checkProjectMembership-->
                            <!-- So we may need to add a record in
either WorkEffortPartyAssignment or WorkEffortPartyAssignByGroup entity -->
                            <!-- This is all from my side Pranay -->
                            <if-has-permission
permission="PROJECTMGR_ROLE_ADMIN"/>
                            <if-compare field="isMember" value="true"
operator="equals"/>
                        </and>
                        <and>
                            <!-- false -->
                            <if-has-permission
permission="PROJECTMGR_VIEW"/>
                            <not><if-has-permission
permission="PROJECTMGR_ROLE_VIEW"/></not>
                            <if-compare field="parameters.mainAction"
value="VIEW" operator="equals"/>
                        </and>
                        <and>
                            <!-- false -->
                            <if-has-permission
permission="PROJECTMGR_ROLE_VIEW"/>
                            <if-compare field="isMember" value="true"
operator="equals"/>
                            <if-compare field="parameters.mainAction"
value="VIEW" operator="equals"/>
                        </and>
                    </or>
                </condition>
                <then>
                    <field-to-result field="hasPermission"/>
                    <return/>
                </then>
                <else>
                    <property-to-field resource="ProjectMgrUiLabels"
property="ProjectMgrNoAccessToProject" field="failMessage"/>
                    <field-to-result field="failMessage"/>
                    <field-to-result field="hasNoPermission"
result-name="hasPermission"/>
                    <return/>
                </else>
            </if>
        </if-compare>

--
Ashish


Pranay Pandey wrote:

> Hello Users,
>
> I am facing issue in project manager application, I did following:
>
> 1. Created a userLogin with PROJECTADMIN security group.
> 2. This user should be having all the permissions for project manager.
> 3. Not getting option to create a new project in
> https://localhost:8443/projectmgr/control/FindProject.
>
> I tried this by using admin profile and worked well so tried it again
> by assigning FULLADMIN to the newly created user login but it didn't
> work.
>
> I tried to clear this out from the code in
> specialpurpose/projectmgr/widget/Menus.xml which is behaving
> differently for these but couldn't get success.
> <set field="hasUpdatePermission" value="${bsh:
>                 result =
> dispatcher.runSync(&quot;projectMgrPermission&quot;,
>                
> org.ofbiz.base.util.UtilMisc.toMap(&quot;userLogin&quot;,
> parameters.get(&quot;userLogin&quot;),
>                 &quot;resourceDescription&quot;, &quot;Project&quot;,
>                 &quot;mainAction&quot;, &quot;UPDATE&quot;,
>                 &quot;projectId&quot;, projectId));
>                 return result.get(&quot;hasPermission&quot;); }"
> type="Boolean"/>
>
> Thanks in advance for any help.
>
>
> Thanks & Regards
> --
> Pranay Pandey

smime.p7s (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Issue in Project Manager

Pranay Pandey-2
Thanks a lot Ashish, Now I got the solution of my problem.
You showed me the right place to hit and to understand the basic difference for permissions which should be given.
Issue was because of wrong permissions given by me to the user I was creating. I cleared it by again reading the document: OFBiz security


Thanks & Regards
--
Pranay Pandey


On Apr 23, 2009, at 11:59 AM, Ashish Vijaywargiya wrote:

Hello Pranay,

Let me help you (Only concentrate on my comments that is present inside code snippet taken from file ProjectPermissionServices.xml - I have put false statement and some comment in that) :
The below code snippet is the only area which can help you to figure out the problem.
Please discuss me in person if you are unable to figure out the issue.


      <if-compare field="sec_object" value="PROJECT" operator="equals">
          <!--log level="info" message="======ProjectMGR Security=====  action: ${parameters.mainAction} object: ${sec_object} Id: ${parameters.projectId} resourceDescription: ${parameters.resourceDescription}"/-->
          <set field="projectId" from-field="parameters.projectId"/>
          <set field="partyId" from-field="parameters.userLogin.partyId"/>
          <call-simple-method method-name="checkProjectMembership"/>
          <if>
              <condition>
                  <or>
                      <and>
                          <!-- view a project with a null id is a null operation, so ok... -->
                          <if-empty field="parameters.projectIdId"/>
                          <if-compare field="parameters.mainAction" value="VIEW" operator="equals"/>
                      </and>
                      <and>
                          <!-- false -->
                          <if-has-permission permission="PROJECTMGR_ADMIN"/>
                          <not><if-has-permission permission="PROJECTMGR_ROLE_ADMIN"/></not>
                      </and>
                      <and>
                          <!-- return false for the user you have created -->
                          <!-- In case of admin it returns true isMember flag returns true from method in the bottom "checkProjectMembership-->
                          <!-- So we may need to add a record in either WorkEffortPartyAssignment or WorkEffortPartyAssignByGroup entity -->
                          <!-- This is all from my side Pranay -->
                          <if-has-permission permission="PROJECTMGR_ROLE_ADMIN"/>
                          <if-compare field="isMember" value="true" operator="equals"/>
                      </and>
                      <and>
                          <!-- false -->
                          <if-has-permission permission="PROJECTMGR_VIEW"/>
                          <not><if-has-permission permission="PROJECTMGR_ROLE_VIEW"/></not>
                          <if-compare field="parameters.mainAction" value="VIEW" operator="equals"/>
                      </and>
                      <and>
                          <!-- false -->
                          <if-has-permission permission="PROJECTMGR_ROLE_VIEW"/>
                          <if-compare field="isMember" value="true" operator="equals"/>
                          <if-compare field="parameters.mainAction" value="VIEW" operator="equals"/>
                      </and>
                  </or>
              </condition>
              <then>
                  <field-to-result field="hasPermission"/>
                  <return/>
              </then>
              <else>
                  <property-to-field resource="ProjectMgrUiLabels" property="ProjectMgrNoAccessToProject" field="failMessage"/>
                  <field-to-result field="failMessage"/>
                  <field-to-result field="hasNoPermission" result-name="hasPermission"/>
                  <return/>
              </else>
          </if>
      </if-compare>

--
Ashish


Pranay Pandey wrote:
Hello Users,

I am facing issue in project manager application, I did following:

1. Created a userLogin with PROJECTADMIN security group.
2. This user should be having all the permissions for project manager.
3. Not getting option to create a new project in https://localhost:8443/projectmgr/control/FindProject.

I tried this by using admin profile and worked well so tried it again by assigning FULLADMIN to the newly created user login but it didn't work.

I tried to clear this out from the code in specialpurpose/projectmgr/widget/Menus.xml which is behaving differently for these but couldn't get success.
<set field="hasUpdatePermission" value="${bsh:
               result = dispatcher.runSync(&quot;projectMgrPermission&quot;,
               org.ofbiz.base.util.UtilMisc.toMap(&quot;userLogin&quot;, parameters.get(&quot;userLogin&quot;),
               &quot;resourceDescription&quot;, &quot;Project&quot;,
               &quot;mainAction&quot;, &quot;UPDATE&quot;,
               &quot;projectId&quot;, projectId));
               return result.get(&quot;hasPermission&quot;); }" type="Boolean"/>

Thanks in advance for any help.


Thanks & Regards
--
Pranay Pandey


smime.p7s (3K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Issue in Project Manager

Ashish Vijaywargiya-5
Hey Pranay,

Its good that you were able to figure out the problem.

Enjoy the day ahead man :-) !

--
Ashish

Pranay Pandey wrote:

> Thanks a lot Ashish, Now I got the solution of my problem.
> You showed me the right place to hit and to understand the basic
> difference for permissions which should be given.
> Issue was because of wrong permissions given by me to the user I was
> creating. I cleared it by again reading the document: OFBiz security
> <http://docs.ofbiz.org/display/OFBTECH/OFBiz+security>
>
>
> Thanks & Regards
> --
> Pranay Pandey
>
>
> On Apr 23, 2009, at 11:59 AM, Ashish Vijaywargiya wrote:
>
>> Hello Pranay,
>>
>> Let me help you (Only concentrate on my comments that is present
>> inside code snippet taken from file ProjectPermissionServices.xml - I
>> have put false statement and some comment in that) :
>> The below code snippet is the only area which can help you to figure
>> out the problem.
>> Please discuss me in person if you are unable to figure out the issue.
>>
>>
>>       <if-compare field="sec_object" value="PROJECT" operator="equals">
>>           <!--log level="info" message="======ProjectMGR
>> Security=====  action: ${parameters.mainAction} object: ${sec_object}
>> Id: ${parameters.projectId} resourceDescription:
>> ${parameters.resourceDescription}"/-->
>>           <set field="projectId" from-field="parameters.projectId"/>
>>           <set field="partyId"
>> from-field="parameters.userLogin.partyId"/>
>>           <call-simple-method method-name="checkProjectMembership"/>
>>           <if>
>>               <condition>
>>                   <or>
>>                       <and>
>>                           <!-- view a project with a null id is a
>> null operation, so ok... -->
>>                           <if-empty field="parameters.projectIdId"/>
>>                           <if-compare field="parameters.mainAction"
>> value="VIEW" operator="equals"/>
>>                       </and>
>>                       <and>
>>                           <!-- false -->
>>                           <if-has-permission
>> permission="PROJECTMGR_ADMIN"/>
>>                           <not><if-has-permission
>> permission="PROJECTMGR_ROLE_ADMIN"/></not>
>>                       </and>
>>                       <and>
>>                           <!-- return false for the user you have
>> created -->
>>                           <!-- In case of admin it returns true
>> isMember flag returns true from method in the bottom
>> "checkProjectMembership-->
>>                           <!-- So we may need to add a record in
>> either WorkEffortPartyAssignment or WorkEffortPartyAssignByGroup
>> entity -->
>>                           <!-- This is all from my side Pranay -->
>>                           <if-has-permission
>> permission="PROJECTMGR_ROLE_ADMIN"/>
>>                           <if-compare field="isMember" value="true"
>> operator="equals"/>
>>                       </and>
>>                       <and>
>>                           <!-- false -->
>>                           <if-has-permission
>> permission="PROJECTMGR_VIEW"/>
>>                           <not><if-has-permission
>> permission="PROJECTMGR_ROLE_VIEW"/></not>
>>                           <if-compare field="parameters.mainAction"
>> value="VIEW" operator="equals"/>
>>                       </and>
>>                       <and>
>>                           <!-- false -->
>>                           <if-has-permission
>> permission="PROJECTMGR_ROLE_VIEW"/>
>>                           <if-compare field="isMember" value="true"
>> operator="equals"/>
>>                           <if-compare field="parameters.mainAction"
>> value="VIEW" operator="equals"/>
>>                       </and>
>>                   </or>
>>               </condition>
>>               <then>
>>                   <field-to-result field="hasPermission"/>
>>                   <return/>
>>               </then>
>>               <else>
>>                   <property-to-field resource="ProjectMgrUiLabels"
>> property="ProjectMgrNoAccessToProject" field="failMessage"/>
>