OFBiz OFBiz - Dev

Parameterize serviceName in error message for permission error.

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Anil Patel
Reply | Threaded
Open this post in threaded view
|

Parameterize serviceName in error message for permission error.

Anil Patel
Hi,
Checking to see if there is possible better way to do this. Every time we do
permission check for CRUD operation we end up defining new message resource
file. Only thing that changes is name of service.

Is there a known solution, where we can parameterize the service name and
use just one message all these CRUD operation?

Regards
Anil Patel
David E Jones-2
Reply | Threaded
Open this post in threaded view
|

Re: Parameterize serviceName in error message for permission error.

David E Jones-2

Yes, there is a solution to this.

As with various things rather than trying to universally implement  
best practices due to practicality the best practice is demonstrated  
in the example component. You can see what you need in the  
ExampleServices.xml, and in the corresponding label properties file  
if I remember right.

-David


On Jan 2, 2007, at 4:07 PM, Anil Patel wrote:

> Hi,
> Checking to see if there is possible better way to do this. Every  
> time we do
> permission check for CRUD operation we end up defining new message  
> resource
> file. Only thing that changes is name of service.
>
> Is there a known solution, where we can parameterize the service  
> name and
> use just one message all these CRUD operation?
>
> Regards
> Anil Patel

Anil Patel
Reply | Threaded
Open this post in threaded view
|

Re: Parameterize serviceName in error message for permission error.

Anil Patel
If we were to go by this, In example component, we look for _CREATE or
_DELETE permission on the component in different CRUD services and not at
the entity level like _ROLE_PARTY

is this right?

Regards
Anil

On 1/2/07, David E Jones <[hidden email]> wrote:

>
>
> Yes, there is a solution to this.
>
> As with various things rather than trying to universally implement
> best practices due to practicality the best practice is demonstrated
> in the example component. You can see what you need in the
> ExampleServices.xml, and in the corresponding label properties file
> if I remember right.
>
> -David
>
>
> On Jan 2, 2007, at 4:07 PM, Anil Patel wrote:
>
> > Hi,
> > Checking to see if there is possible better way to do this. Every
> > time we do
> > permission check for CRUD operation we end up defining new message
> > resource
> > file. Only thing that changes is name of service.
> >
> > Is there a known solution, where we can parameterize the service
> > name and
> > use just one message all these CRUD operation?
> >
> > Regards
> > Anil Patel
>
>
David E Jones-2
Reply | Threaded
Open this post in threaded view
|

Re: Parameterize serviceName in error message for permission error.

David E Jones-2

That's a different issue, sounds like the one from your other email  
earlier today.

Having a permission extension like "_ROLE_PARTY" is weird, I'm not  
sure _what_ that is for. It looks like a variation on the "role  
limited permissions" that are an established pattern in OFBiz. The  
best example of them is probably the checkProductRelatedPermission  
simple-method in the ProductServices.xml file. On line 511 you'll see  
where it uses "CATALOG_ROLE" as the prefix instead of "CATALOG".

When doing role-limited permissions the "_ROLE" appendage should  
always be a suffix to the "permission", and not a prefix to the  
"action" side of the permission. I have seen this confused before and  
I think it's a bad practice because it breaks the normal suffix set  
("_CREATE", "_UPDATE", "_DELETE", "_VIEW", "_ADMIN").

The basic idea is that if you have something like a "CATALOG_ROLE"  
permission base instead of the "CATALOG" permission base, then you  
have to be connected to the item in question either in a  
predetermined role, or in any role, depending on how things are coded  
(ie it's a convention, not a set of hard rules).

-David


On Jan 2, 2007, at 7:40 PM, Anil Patel wrote:

> If we were to go by this, In example component, we look for _CREATE or
> _DELETE permission on the component in different CRUD services and  
> not at
> the entity level like _ROLE_PARTY
>
> is this right?
>
> Regards
> Anil
>
> On 1/2/07, David E Jones <[hidden email]> wrote:
>>
>>
>> Yes, there is a solution to this.
>>
>> As with various things rather than trying to universally implement
>> best practices due to practicality the best practice is demonstrated
>> in the example component. You can see what you need in the
>> ExampleServices.xml, and in the corresponding label properties file
>> if I remember right.
>>
>> -David
>>
>>
>> On Jan 2, 2007, at 4:07 PM, Anil Patel wrote:
>>
>> > Hi,
>> > Checking to see if there is possible better way to do this. Every
>> > time we do
>> > permission check for CRUD operation we end up defining new message
>> > resource
>> > file. Only thing that changes is name of service.
>> >
>> > Is there a known solution, where we can parameterize the service
>> > name and
>> > use just one message all these CRUD operation?
>> >
>> > Regards
>> > Anil Patel
>>
>>

Free forum by Nabble Edit this page