Permission required to add product to "ViewAllow" / "PurchaseAllow"

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Permission required to add product to "ViewAllow" / "PurchaseAllow"

Chris Snow-3
There are two options when creating/editing a Product Catalog:

- Permission required to add product to "ViewAllow" category
- Permission required to add product to "PurchaseAllow" category

What do these options actually do?

Many thanks,

Chris
Reply | Threaded
Open this post in threaded view
|

Re: Permission required to add product to "ViewAllow" / "PurchaseAllow"

BJ Freeman

the permission are  programmed in to widgets, ftl and services.
there are two parts to a permission
XXXX is the permission
YYYY is that action
XXXX_YYYY
XXXX_VIEW for permission.
_VIEW should only allow seeing data. note the _ preceding it.
if you want to granularize something more then created a new section or
Permission XXXX_
here are the permission groups
https://demo-trunk.ofbiz.apache.org/webtools/control/FindGeneric?entityName=UserLoginSecurityGroup&find=true&VIEW_SIZE=50&VIEW_INDEX=0
and add the following
_CREATE
_UPDATE
_DELETE
_VIEW
_ADMIN
https://demo-trunk.ofbiz.apache.org/webtools/control/FindGeneric?entityName=SecurityGroupPermission&find=true&VIEW_SIZE=50&VIEW_INDEX=0
like
!security.hasPermission("LEARN_VIEW",(GenericValue)context.get("userLogin")))
<if-has-permission permission="ORDERMGR" action="_VIEW"/>



If you find others that are different they are not following the best
practices.

=======================

BJ Freeman
http://bjfreeman.elance.com
Strategic Power Office with Supplier Automation <http://www.businessesnetwork.com/automation/viewforum.php?f=93>
Specialtymarket.com <http://www.specialtymarket.com/>

Systems Integrator-- Glad to Assist

Chat  Y! messenger: bjfr33man
Linkedin
<http://www.linkedin.com/profile?viewProfile=&key=1237480&locale=en_US&trk=tab_pro>


Christopher Snow sent the following on 5/15/2010 2:28 PM:

> There are two options when creating/editing a Product Catalog:
>
> - Permission required to add product to "ViewAllow" category
> - Permission required to add product to "PurchaseAllow" category
>
> What do these options actually do?
>
> Many thanks,
>
> Chris
>


Reply | Threaded
Open this post in threaded view
|

Re: Permission required to add product to "ViewAllow" / "PurchaseAllow"

chris snow-2
Hi BJ,

I know how the security system works - but I still don't understand the
meaning of the fields on the form:

https://localhost:8443/catalog/control/EditProdCatalog

I am trying to write the help text for these fields from an catalog
administrators perspective, for example:

Permission required to add product to "ViewAllow" category:

  "if this is Y, catalog administrators can only add products to 'View
Allow' categories if the have the permission CATALOG_VIEW_ALLOW"

Question: is this description correct? when would you want to set this to Y?

Permission required to add product to "PurchaseAllow" category:

  "if this is Y, catalog administrators can only add products to 'Purchase
Allow' categories if the have the permission CATALOG_VIEW_ALLOW"

Question: is this description correct? when would you want to set this to Y?

Many thanks,

Chris

On Sat, May 15, 2010 at 11:21 PM, BJ Freeman <[hidden email]> wrote:

>
> the permission are  programmed in to widgets, ftl and services.
> there are two parts to a permission
> XXXX is the permission
> YYYY is that action
> XXXX_YYYY
> XXXX_VIEW for permission.
> _VIEW should only allow seeing data. note the _ preceding it.
> if you want to granularize something more then created a new section or
> Permission XXXX_
> here are the permission groups
>
> https://demo-trunk.ofbiz.apache.org/webtools/control/FindGeneric?entityName=UserLoginSecurityGroup&find=true&VIEW_SIZE=50&VIEW_INDEX=0
> and add the following
> _CREATE
> _UPDATE
> _DELETE
> _VIEW
> _ADMIN
>
> https://demo-trunk.ofbiz.apache.org/webtools/control/FindGeneric?entityName=SecurityGroupPermission&find=true&VIEW_SIZE=50&VIEW_INDEX=0
> like
>
> !security.hasPermission("LEARN_VIEW",(GenericValue)context.get("userLogin")))
> <if-has-permission permission="ORDERMGR" action="_VIEW"/>
>
>
>
> If you find others that are different they are not following the best
> practices.
>
> =======================
>
> BJ Freeman
> http://bjfreeman.elance.com
> Strategic Power Office with Supplier Automation <
> http://www.businessesnetwork.com/automation/viewforum.php?f=93>
> Specialtymarket.com <http://www.specialtymarket.com/>
>
> Systems Integrator-- Glad to Assist
>
> Chat  Y! messenger: bjfr33man
> Linkedin
> <
> http://www.linkedin.com/profile?viewProfile=&key=1237480&locale=en_US&trk=tab_pro
> >
>
>
> Christopher Snow sent the following on 5/15/2010 2:28 PM:
> > There are two options when creating/editing a Product Catalog:
> >
> > - Permission required to add product to "ViewAllow" category
> > - Permission required to add product to "PurchaseAllow" category
> >
> > What do these options actually do?
> >
> > Many thanks,
> >
> > Chris
> >
>
>
>
Reply | Threaded
Open this post in threaded view
|

Re: Permission required to add product to "ViewAllow" / "PurchaseAllow"

Jacques Le Roux
Administrator
Chris,

I think your answer is here
https://cwiki.apache.org/confluence/display/OFBENDUSER/Apache+OFBiz+Business+Setup+Guide#ApacheOFBizBusinessSetupGuide-CatalogSetup

Jacques

From: "chris snow" <[hidden email]>

> Hi BJ,
>
> I know how the security system works - but I still don't understand the
> meaning of the fields on the form:
>
> https://localhost:8443/catalog/control/EditProdCatalog
>
> I am trying to write the help text for these fields from an catalog
> administrators perspective, for example:
>
> Permission required to add product to "ViewAllow" category:
>
>  "if this is Y, catalog administrators can only add products to 'View
> Allow' categories if the have the permission CATALOG_VIEW_ALLOW"
>
> Question: is this description correct? when would you want to set this to Y?
>
> Permission required to add product to "PurchaseAllow" category:
>
>  "if this is Y, catalog administrators can only add products to 'Purchase
> Allow' categories if the have the permission CATALOG_VIEW_ALLOW"
>
> Question: is this description correct? when would you want to set this to Y?
>
> Many thanks,
>
> Chris
>
> On Sat, May 15, 2010 at 11:21 PM, BJ Freeman <[hidden email]> wrote:
>
>>
>> the permission are  programmed in to widgets, ftl and services.
>> there are two parts to a permission
>> XXXX is the permission
>> YYYY is that action
>> XXXX_YYYY
>> XXXX_VIEW for permission.
>> _VIEW should only allow seeing data. note the _ preceding it.
>> if you want to granularize something more then created a new section or
>> Permission XXXX_
>> here are the permission groups
>>
>> https://demo-trunk.ofbiz.apache.org/webtools/control/FindGeneric?entityName=UserLoginSecurityGroup&find=true&VIEW_SIZE=50&VIEW_INDEX=0
>> and add the following
>> _CREATE
>> _UPDATE
>> _DELETE
>> _VIEW
>> _ADMIN
>>
>> https://demo-trunk.ofbiz.apache.org/webtools/control/FindGeneric?entityName=SecurityGroupPermission&find=true&VIEW_SIZE=50&VIEW_INDEX=0
>> like
>>
>> !security.hasPermission("LEARN_VIEW",(GenericValue)context.get("userLogin")))
>> <if-has-permission permission="ORDERMGR" action="_VIEW"/>
>>
>>
>>
>> If you find others that are different they are not following the best
>> practices.
>>
>> =======================
>>
>> BJ Freeman
>> http://bjfreeman.elance.com
>> Strategic Power Office with Supplier Automation <
>> http://www.businessesnetwork.com/automation/viewforum.php?f=93>
>> Specialtymarket.com <http://www.specialtymarket.com/>
>>
>> Systems Integrator-- Glad to Assist
>>
>> Chat  Y! messenger: bjfr33man
>> Linkedin
>> <
>> http://www.linkedin.com/profile?viewProfile=&key=1237480&locale=en_US&trk=tab_pro
>> >
>>
>>
>> Christopher Snow sent the following on 5/15/2010 2:28 PM:
>> > There are two options when creating/editing a Product Catalog:
>> >
>> > - Permission required to add product to "ViewAllow" category
>> > - Permission required to add product to "PurchaseAllow" category
>> >
>> > What do these options actually do?
>> >
>> > Many thanks,
>> >
>> > Chris
>> >
>>
>>
>>
>


Reply | Threaded
Open this post in threaded view
|

Re: Permission required to add product to "ViewAllow" / "PurchaseAllow"

Chris Snow-3
Thanks Jacques!

On 16/05/10 09:13, Jacques Le Roux wrote:

> Chris,
>
> I think your answer is here
> https://cwiki.apache.org/confluence/display/OFBENDUSER/Apache+OFBiz+Business+Setup+Guide#ApacheOFBizBusinessSetupGuide-CatalogSetup 
>
>
> Jacques
>
> From: "chris snow" <[hidden email]>
>> Hi BJ,
>>
>> I know how the security system works - but I still don't understand the
>> meaning of the fields on the form:
>>
>> https://localhost:8443/catalog/control/EditProdCatalog
>>
>> I am trying to write the help text for these fields from an catalog
>> administrators perspective, for example:
>>
>> Permission required to add product to "ViewAllow" category:
>>
>>  "if this is Y, catalog administrators can only add products to 'View
>> Allow' categories if the have the permission CATALOG_VIEW_ALLOW"
>>
>> Question: is this description correct? when would you want to set
>> this to Y?
>>
>> Permission required to add product to "PurchaseAllow" category:
>>
>>  "if this is Y, catalog administrators can only add products to
>> 'Purchase
>> Allow' categories if the have the permission CATALOG_VIEW_ALLOW"
>>
>> Question: is this description correct? when would you want to set
>> this to Y?
>>
>> Many thanks,
>>
>> Chris
>>
>> On Sat, May 15, 2010 at 11:21 PM, BJ Freeman <[hidden email]>
>> wrote:
>>
>>>
>>> the permission are  programmed in to widgets, ftl and services.
>>> there are two parts to a permission
>>> XXXX is the permission
>>> YYYY is that action
>>> XXXX_YYYY
>>> XXXX_VIEW for permission.
>>> _VIEW should only allow seeing data. note the _ preceding it.
>>> if you want to granularize something more then created a new section or
>>> Permission XXXX_
>>> here are the permission groups
>>>
>>> https://demo-trunk.ofbiz.apache.org/webtools/control/FindGeneric?entityName=UserLoginSecurityGroup&find=true&VIEW_SIZE=50&VIEW_INDEX=0 
>>>
>>> and add the following
>>> _CREATE
>>> _UPDATE
>>> _DELETE
>>> _VIEW
>>> _ADMIN
>>>
>>> https://demo-trunk.ofbiz.apache.org/webtools/control/FindGeneric?entityName=SecurityGroupPermission&find=true&VIEW_SIZE=50&VIEW_INDEX=0 
>>>
>>> like
>>>
>>> !security.hasPermission("LEARN_VIEW",(GenericValue)context.get("userLogin")))
>>>
>>> <if-has-permission permission="ORDERMGR" action="_VIEW"/>
>>>
>>>
>>>
>>> If you find others that are different they are not following the best
>>> practices.
>>>
>>> =======================
>>>
>>> BJ Freeman
>>> http://bjfreeman.elance.com
>>> Strategic Power Office with Supplier Automation <
>>> http://www.businessesnetwork.com/automation/viewforum.php?f=93>
>>> Specialtymarket.com <http://www.specialtymarket.com/>
>>>
>>> Systems Integrator-- Glad to Assist
>>>
>>> Chat  Y! messenger: bjfr33man
>>> Linkedin
>>> <
>>> http://www.linkedin.com/profile?viewProfile=&key=1237480&locale=en_US&trk=tab_pro 
>>>
>>> >
>>>
>>>
>>> Christopher Snow sent the following on 5/15/2010 2:28 PM:
>>> > There are two options when creating/editing a Product Catalog:
>>> >
>>> > - Permission required to add product to "ViewAllow" category
>>> > - Permission required to add product to "PurchaseAllow" category
>>> >
>>> > What do these options actually do?
>>> >
>>> > Many thanks,
>>> >
>>> > Chris
>>> >
>>>
>>>
>>>
>>
>
>

Reply | Threaded
Open this post in threaded view
|

Re: Permission required to add product to "ViewAllow" / "PurchaseAllow"

Ruth Hoffman-2
In reply to this post by chris snow-2
Hi Chris:
The permissions you are talking about are the "runtime" checks (not
really permissions) that OFBiz will perform if configured. So, these
aren't applicable to the catalog admin, but rather the products and the
categories the products are part of. This is how the catalog admin or
product manager may keep a product in the catalog, but not allow viewing
and/or purchase of the product (depending on the situation.)

Hope that makes sense.

Regards,
Ruth
----------------------------------------------------
Find me on the web at http://www.myofbiz.com or Google keyword "myofbiz"
[hidden email]

chris snow wrote:

> Hi BJ,
>
> I know how the security system works - but I still don't understand the
> meaning of the fields on the form:
>
> https://localhost:8443/catalog/control/EditProdCatalog
>
> I am trying to write the help text for these fields from an catalog
> administrators perspective, for example:
>
> Permission required to add product to "ViewAllow" category:
>
>   "if this is Y, catalog administrators can only add products to 'View
> Allow' categories if the have the permission CATALOG_VIEW_ALLOW"
>
> Question: is this description correct? when would you want to set this to Y?
>
> Permission required to add product to "PurchaseAllow" category:
>
>   "if this is Y, catalog administrators can only add products to 'Purchase
> Allow' categories if the have the permission CATALOG_VIEW_ALLOW"
>
> Question: is this description correct? when would you want to set this to Y?
>
> Many thanks,
>
> Chris
>
> On Sat, May 15, 2010 at 11:21 PM, BJ Freeman <[hidden email]> wrote:
>
>  
>> the permission are  programmed in to widgets, ftl and services.
>> there are two parts to a permission
>> XXXX is the permission
>> YYYY is that action
>> XXXX_YYYY
>> XXXX_VIEW for permission.
>> _VIEW should only allow seeing data. note the _ preceding it.
>> if you want to granularize something more then created a new section or
>> Permission XXXX_
>> here are the permission groups
>>
>> https://demo-trunk.ofbiz.apache.org/webtools/control/FindGeneric?entityName=UserLoginSecurityGroup&find=true&VIEW_SIZE=50&VIEW_INDEX=0
>> and add the following
>> _CREATE
>> _UPDATE
>> _DELETE
>> _VIEW
>> _ADMIN
>>
>> https://demo-trunk.ofbiz.apache.org/webtools/control/FindGeneric?entityName=SecurityGroupPermission&find=true&VIEW_SIZE=50&VIEW_INDEX=0
>> like
>>
>> !security.hasPermission("LEARN_VIEW",(GenericValue)context.get("userLogin")))
>> <if-has-permission permission="ORDERMGR" action="_VIEW"/>
>>
>>
>>
>> If you find others that are different they are not following the best
>> practices.
>>
>> =======================
>>
>> BJ Freeman
>> http://bjfreeman.elance.com
>> Strategic Power Office with Supplier Automation <
>> http://www.businessesnetwork.com/automation/viewforum.php?f=93>
>> Specialtymarket.com <http://www.specialtymarket.com/>
>>
>> Systems Integrator-- Glad to Assist
>>
>> Chat  Y! messenger: bjfr33man
>> Linkedin
>> <
>> http://www.linkedin.com/profile?viewProfile=&key=1237480&locale=en_US&trk=tab_pro
>>    
>> Christopher Snow sent the following on 5/15/2010 2:28 PM:
>>    
>>> There are two options when creating/editing a Product Catalog:
>>>
>>> - Permission required to add product to "ViewAllow" category
>>> - Permission required to add product to "PurchaseAllow" category
>>>
>>> What do these options actually do?
>>>
>>> Many thanks,
>>>
>>> Chris
>>>
>>>      
>>
>>    
>
>  
Reply | Threaded
Open this post in threaded view
|

Re: Permission required to add product to "ViewAllow" / "PurchaseAllow"

chris snow-2
Hi Ruth,

So are the following tooltip help popups incorrect?:

https://demo-trunk.ofbiz.apache.org/catalog/control/EditProdCatalog?prodCatalogId=DemoCatalog
(to see the tooltips, hover your mouse over the field labels)

Do you agree with these tooltips?:

https://demo-trunk.ofbiz.apache.org/catalog/control/EditProductStore?productStoreId=9000

There is a JIRA setup for tooltip help descriptions:

https://issues.apache.org/jira/browse/OFBIZ-3743

Many thanks,

Chris
On Sun, May 16, 2010 at 10:37 PM, Ruth Hoffman <[hidden email]>wrote:

> Hi Chris:
> The permissions you are talking about are the "runtime" checks (not really
> permissions) that OFBiz will perform if configured. So, these aren't
> applicable to the catalog admin, but rather the products and the categories
> the products are part of. This is how the catalog admin or product manager
> may keep a product in the catalog, but not allow viewing and/or purchase of
> the product (depending on the situation.)
>
> Hope that makes sense.
>
> Regards,
> Ruth
> ----------------------------------------------------
> Find me on the web at http://www.myofbiz.com or Google keyword "myofbiz"
> [hidden email]
>
> chris snow wrote:
>
>> Hi BJ,
>>
>> I know how the security system works - but I still don't understand the
>> meaning of the fields on the form:
>>
>> https://localhost:8443/catalog/control/EditProdCatalog
>>
>> I am trying to write the help text for these fields from an catalog
>> administrators perspective, for example:
>>
>> Permission required to add product to "ViewAllow" category:
>>
>>  "if this is Y, catalog administrators can only add products to 'View
>> Allow' categories if the have the permission CATALOG_VIEW_ALLOW"
>>
>> Question: is this description correct? when would you want to set this to
>> Y?
>>
>> Permission required to add product to "PurchaseAllow" category:
>>
>>  "if this is Y, catalog administrators can only add products to 'Purchase
>> Allow' categories if the have the permission CATALOG_VIEW_ALLOW"
>>
>> Question: is this description correct? when would you want to set this to
>> Y?
>>
>> Many thanks,
>>
>> Chris
>>
>> On Sat, May 15, 2010 at 11:21 PM, BJ Freeman <[hidden email]> wrote:
>>
>>
>>
>>> the permission are  programmed in to widgets, ftl and services.
>>> there are two parts to a permission
>>> XXXX is the permission
>>> YYYY is that action
>>> XXXX_YYYY
>>> XXXX_VIEW for permission.
>>> _VIEW should only allow seeing data. note the _ preceding it.
>>> if you want to granularize something more then created a new section or
>>> Permission XXXX_
>>> here are the permission groups
>>>
>>>
>>> https://demo-trunk.ofbiz.apache.org/webtools/control/FindGeneric?entityName=UserLoginSecurityGroup&find=true&VIEW_SIZE=50&VIEW_INDEX=0
>>> and add the following
>>> _CREATE
>>> _UPDATE
>>> _DELETE
>>> _VIEW
>>> _ADMIN
>>>
>>>
>>> https://demo-trunk.ofbiz.apache.org/webtools/control/FindGeneric?entityName=SecurityGroupPermission&find=true&VIEW_SIZE=50&VIEW_INDEX=0
>>> like
>>>
>>>
>>> !security.hasPermission("LEARN_VIEW",(GenericValue)context.get("userLogin")))
>>> <if-has-permission permission="ORDERMGR" action="_VIEW"/>
>>>
>>>
>>>
>>> If you find others that are different they are not following the best
>>> practices.
>>>
>>> =======================
>>>
>>> BJ Freeman
>>> http://bjfreeman.elance.com
>>> Strategic Power Office with Supplier Automation <
>>> http://www.businessesnetwork.com/automation/viewforum.php?f=93>
>>> Specialtymarket.com <http://www.specialtymarket.com/>
>>>
>>> Systems Integrator-- Glad to Assist
>>>
>>> Chat  Y! messenger: bjfr33man
>>> Linkedin
>>> <
>>>
>>> http://www.linkedin.com/profile?viewProfile=&key=1237480&locale=en_US&trk=tab_pro
>>>    Christopher Snow sent the following on 5/15/2010 2:28 PM:
>>>
>>>
>>>> There are two options when creating/editing a Product Catalog:
>>>>
>>>> - Permission required to add product to "ViewAllow" category
>>>> - Permission required to add product to "PurchaseAllow" category
>>>>
>>>> What do these options actually do?
>>>>
>>>> Many thanks,
>>>>
>>>> Chris
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>
>>
>>
>