OFBiz OFBiz - Dev

PortalPage security permission

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Bruno Busco
Reply | Threaded
Open this post in threaded view
|

PortalPage security permission

Bruno Busco
Hi,
I am walking through the PortalPage system and found something I would like
to discuss about:

1) each PortalPage has now a <field name="securityGroupId"
type="id"></field>. Shouldn't it be a simple securityPermissionId instead of
securityGroupId so that more than one securityGroup can have access to the
PortalPage?
The standard pattern should be to have a single permission for single
operation/resource access and than have this permission grouped with other
and assigned to a Party. Shouldn't it?

2) each PortalPortlet has now a <field name="securityServiceName"
type="long-varchar"></field>. At the moment the services used in the OOTB
(portalPermissionIsEmployee, portalPermissionIsCustomer,
projectMgrRequestPermission), simply check respectively for
MYPORTAL_EMPLOYEE, MYPORTAL_CUSTOMER, PROJECTMGR_ADMIN. Only
projectMgrPermission service is a more complicate service.
Could we have also a securityPermissionId field that can be used instead of
securityServiceName when it is a simple permission that needs to be checked?

3) What is the purpose of securityMainAction ?

Thank you for sharing about this.
I am reviewing the PortalPage system improving the "include-portal-page"
widget and those items are somehow related. I hope to commit my work this
week end.

-Bruno

    <entity entity-name="PortalPage" package-name="org.ofbiz.common.portal"
title="Defines a Portal Page"
        default-resource-name="CommonPortalEntityLabels">
        <field name="portalPageId" type="id-ne"></field>
        <field name="portalPageName" type="name"></field>
        <field name="description" type="description"></field>
        <field name="ownerUserLoginId" type="id"></field>
        <field name="originalPortalPageId" type="id"><description>The system
portal page this page is derived from</description></field>
        <field name="parentPortalPageId" type="id"><description>the parent
this page is belonging to, normally the startpage of the portal page
group</description></field>
        <field name="sequenceNum" type="numeric"></field>
        <field name="securityGroupId" type="id"></field>
        <prim-key field="portalPageId"/>
        <relation type="one" fk-name="PortPage_PARENT" title="Parent"
rel-entity-name="PortalPage">
          <key-map field-name="parentPortalPageId"
rel-field-name="portalPageId"/>
        </relation>
        <relation type="one" fk-name="PORTPAGE_SECGRP"
rel-entity-name="SecurityGroup">
          <key-map field-name="securityGroupId" rel-field-name="groupId"/>
        </relation>
    </entity>
Bruno Busco
Reply | Threaded
Open this post in threaded view
|

Re: PortalPage security permission

Bruno Busco
Hi, still reviewing how the PortalPage system works now.

From what I have understood we want that each application can define a
"main" PortalPage and this is used as parentPortalPage on any other
PortalPage created by the SysAdmin or the User under that Application. That
is OK.

1) I do not clear understand what is the purpose of the
GetParentPortalPageId.groovy script? This is called in the application
commonscreens. Could someone give me a light?
2) I think that in the application specific ManagePortal menu item we should
use the specific portalPageId and not taken from parameters. I mean:
        <menu-item name="Preferences"
title="${uiLabelMap.CommonPreferences}" align-style="opposed">
            <link target="ManagePortalPages">
                <parameter param-name="parentPortalPageId"
from-field="parameters.parentPortalPageId"/>
            </link>
        </menu-item>
should be
        <menu-item name="Preferences"
title="${uiLabelMap.CommonPreferences}" align-style="opposed">
            <link target="ManagePortalPages">
                <parameter param-name="parentPortalPageId"
from-field="SFA_MAIN"/>
            </link>
        </menu-item>

Please give me some explanation becouse I am going to do some changes in
this area and I do not want to hurt anything.
Thank you,
Bruno



2010/10/8 Bruno Busco <[hidden email]>

> Hi,
> I am walking through the PortalPage system and found something I would like
> to discuss about:
>
> 1) each PortalPage has now a <field name="securityGroupId"
> type="id"></field>. Shouldn't it be a simple securityPermissionId instead of
> securityGroupId so that more than one securityGroup can have access to the
> PortalPage?
> The standard pattern should be to have a single permission for single
> operation/resource access and than have this permission grouped with other
> and assigned to a Party. Shouldn't it?
>
> 2) each PortalPortlet has now a <field name="securityServiceName"
> type="long-varchar"></field>. At the moment the services used in the OOTB
> (portalPermissionIsEmployee, portalPermissionIsCustomer,
> projectMgrRequestPermission), simply check respectively for
> MYPORTAL_EMPLOYEE, MYPORTAL_CUSTOMER, PROJECTMGR_ADMIN. Only
> projectMgrPermission service is a more complicate service.
> Could we have also a securityPermissionId field that can be used instead of
> securityServiceName when it is a simple permission that needs to be checked?
>
> 3) What is the purpose of securityMainAction ?
>
> Thank you for sharing about this.
> I am reviewing the PortalPage system improving the "include-portal-page"
> widget and those items are somehow related. I hope to commit my work this
> week end.
>
> -Bruno
>
>     <entity entity-name="PortalPage" package-name="org.ofbiz.common.portal"
> title="Defines a Portal Page"
>         default-resource-name="CommonPortalEntityLabels">
>         <field name="portalPageId" type="id-ne"></field>
>         <field name="portalPageName" type="name"></field>
>         <field name="description" type="description"></field>
>         <field name="ownerUserLoginId" type="id"></field>
>         <field name="originalPortalPageId" type="id"><description>The
> system portal page this page is derived from</description></field>
>         <field name="parentPortalPageId" type="id"><description>the parent
> this page is belonging to, normally the startpage of the portal page
> group</description></field>
>         <field name="sequenceNum" type="numeric"></field>
>         <field name="securityGroupId" type="id"></field>
>         <prim-key field="portalPageId"/>
>         <relation type="one" fk-name="PortPage_PARENT" title="Parent"
> rel-entity-name="PortalPage">
>           <key-map field-name="parentPortalPageId"
> rel-field-name="portalPageId"/>
>         </relation>
>         <relation type="one" fk-name="PORTPAGE_SECGRP"
> rel-entity-name="SecurityGroup">
>           <key-map field-name="securityGroupId" rel-field-name="groupId"/>
>         </relation>
>     </entity>
>
>
hans_bakker
Reply | Threaded
Open this post in threaded view
|

Re: PortalPage security permission

hans_bakker
Hi Buno,

this is a long time ago i wrote this. as long as you keep myportal
working i am fine with that....
The purpose of he mainportal page you can find in the demo data of
myportal.... Remember portal pages can be overridden, re-ordered and
even disabled (set the page title to blank) in the preferences

Regards,
Hans

On Sat, 2010-10-09 at 10:11 +0200, Bruno Busco wrote:

> Hi, still reviewing how the PortalPage system works now.
>
> >From what I have understood we want that each application can define a
> "main" PortalPage and this is used as parentPortalPage on any other
> PortalPage created by the SysAdmin or the User under that Application. That
> is OK.
>
> 1) I do not clear understand what is the purpose of the
> GetParentPortalPageId.groovy script? This is called in the application
> commonscreens. Could someone give me a light?
> 2) I think that in the application specific ManagePortal menu item we should
> use the specific portalPageId and not taken from parameters. I mean:
>         <menu-item name="Preferences"
> title="${uiLabelMap.CommonPreferences}" align-style="opposed">
>             <link target="ManagePortalPages">
>                 <parameter param-name="parentPortalPageId"
> from-field="parameters.parentPortalPageId"/>
>             </link>
>         </menu-item>
> should be
>         <menu-item name="Preferences"
> title="${uiLabelMap.CommonPreferences}" align-style="opposed">
>             <link target="ManagePortalPages">
>                 <parameter param-name="parentPortalPageId"
> from-field="SFA_MAIN"/>
>             </link>
>         </menu-item>
>
> Please give me some explanation becouse I am going to do some changes in
> this area and I do not want to hurt anything.
> Thank you,
> Bruno
>
>
>
> 2010/10/8 Bruno Busco <[hidden email]>
>
> > Hi,
> > I am walking through the PortalPage system and found something I would like
> > to discuss about:
> >
> > 1) each PortalPage has now a <field name="securityGroupId"
> > type="id"></field>. Shouldn't it be a simple securityPermissionId instead of
> > securityGroupId so that more than one securityGroup can have access to the
> > PortalPage?
> > The standard pattern should be to have a single permission for single
> > operation/resource access and than have this permission grouped with other
> > and assigned to a Party. Shouldn't it?
> >
> > 2) each PortalPortlet has now a <field name="securityServiceName"
> > type="long-varchar"></field>. At the moment the services used in the OOTB
> > (portalPermissionIsEmployee, portalPermissionIsCustomer,
> > projectMgrRequestPermission), simply check respectively for
> > MYPORTAL_EMPLOYEE, MYPORTAL_CUSTOMER, PROJECTMGR_ADMIN. Only
> > projectMgrPermission service is a more complicate service.
> > Could we have also a securityPermissionId field that can be used instead of
> > securityServiceName when it is a simple permission that needs to be checked?
> >
> > 3) What is the purpose of securityMainAction ?
> >
> > Thank you for sharing about this.
> > I am reviewing the PortalPage system improving the "include-portal-page"
> > widget and those items are somehow related. I hope to commit my work this
> > week end.
> >
> > -Bruno
> >
> >     <entity entity-name="PortalPage" package-name="org.ofbiz.common.portal"
> > title="Defines a Portal Page"
> >         default-resource-name="CommonPortalEntityLabels">
> >         <field name="portalPageId" type="id-ne"></field>
> >         <field name="portalPageName" type="name"></field>
> >         <field name="description" type="description"></field>
> >         <field name="ownerUserLoginId" type="id"></field>
> >         <field name="originalPortalPageId" type="id"><description>The
> > system portal page this page is derived from</description></field>
> >         <field name="parentPortalPageId" type="id"><description>the parent
> > this page is belonging to, normally the startpage of the portal page
> > group</description></field>
> >         <field name="sequenceNum" type="numeric"></field>
> >         <field name="securityGroupId" type="id"></field>
> >         <prim-key field="portalPageId"/>
> >         <relation type="one" fk-name="PortPage_PARENT" title="Parent"
> > rel-entity-name="PortalPage">
> >           <key-map field-name="parentPortalPageId"
> > rel-field-name="portalPageId"/>
> >         </relation>
> >         <relation type="one" fk-name="PORTPAGE_SECGRP"
> > rel-entity-name="SecurityGroup">
> >           <key-map field-name="securityGroupId" rel-field-name="groupId"/>
> >         </relation>
> >     </entity>
> >
> >

--
Ofbiz on twitter: http://twitter.com/apache_ofbiz
Myself on twitter: http://twitter.com/hansbak
Antwebsystems.com: Quality services for competitive rates.

Free forum by Nabble Edit this page