OFBiz › OFBiz - User

Permissions setup

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

4 messages Options

opablo

Permissions setup

Hi,

We have an organization with two companies (the organization
headquarters at two different countries), each of them working
separately, but both included in the organization (so the organization
user views all data). Is there a way to configure OfBiz that a user from
a company can see only the orders from the company he/she belongs and is
not able to see the orders from the other company?

Regards,

Óscar

David E Jones

Re: Permissions setup

Not configure per se, but the data structures are there and this sort of thing has been done before, it's just a matter of a little customization to filter queries and such how you want to.

-David

opablo wrote:

> Hi,
>
> We have an organization with two companies (the organization
> headquarters at two different countries), each of them working
> separately, but both included in the organization (so the organization
> user views all data). Is there a way to configure OfBiz that a user from
> a company can see only the orders from the company he/she belongs and is
> not able to see the orders from the other company?
>
> Regards,
>
> Óscar
>

jonwimp

Re: Permissions setup

Also, if you code your data retrieval functions into services, you can use SECAs to slap on
pre-checks (permissions checks).

But I thought there was something else done for this. The service engine can call a
custom-specified "permissions checking service" prior to calling a service. So, a service
"getPrivateInfo" can have a custom-specified permissions service called "somePermissionsChecks"
attached to it.

Is that true?

Jonathon

David E Jones wrote:

>
> Not configure per se, but the data structures are there and this sort of
> thing has been done before, it's just a matter of a little customization
> to filter queries and such how you want to.
>
> -David
>
>
> opablo wrote:
>> Hi,
>>
>> We have an organization with two companies (the organization
>> headquarters at two different countries), each of them working
>> separately, but both included in the organization (so the organization
>> user views all data). Is there a way to configure OfBiz that a user from
>> a company can see only the orders from the company he/she belongs and is
>> not able to see the orders from the other company?
>>
>> Regards,
>>
>> Óscar
>>
>
>

David E Jones

Re: Permissions setup

That is true, but it's not quite that simple, or in other words there are other things that need to have checks and filters, like an order find query, that won't be do-able with a just service level permission checks and such.

-David

Jonathon -- Improov wrote:

> Also, if you code your data retrieval functions into services, you can
> use SECAs to slap on pre-checks (permissions checks).
>
> But I thought there was something else done for this. The service engine
> can call a custom-specified "permissions checking service" prior to
> calling a service. So, a service "getPrivateInfo" can have a
> custom-specified permissions service called "somePermissionsChecks"
> attached to it.
>
> Is that true?
>
> Jonathon
>
> David E Jones wrote:
>>
>> Not configure per se, but the data structures are there and this sort
>> of thing has been done before, it's just a matter of a little
>> customization to filter queries and such how you want to.
>>
>> -David
>>
>>
>> opablo wrote:
>>> Hi,
>>>
>>> We have an organization with two companies (the organization
>>> headquarters at two different countries), each of them working
>>> separately, but both included in the organization (so the organization
>>> user views all data). Is there a way to configure OfBiz that a user from
>>> a company can see only the orders from the company he/she belongs and is
>>> not able to see the orders from the other company?
>>>
>>> Regards,
>>>
>>> Óscar
>>>
>>
>>
>