OFBiz › OFBiz - User

Question on VIEW permissions on product/catalog

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

6 messages Options

Jacopo Cappellato

Question on VIEW permissions on product/catalog

Hi all,

I need to grant a user (from a custom application) the ability to lookup
products, i.e. to use the LookupProduct screen, but the screen requires
the CATALOG_VIEW permission; and with this permission the user has also
access to the Catalog application, including all the stores settings and
products/prices etc...
What is the best way of resolving this? Should we create a new
permission (PRODUCT_VIEW or PRODUCT_LOOKUP_VIEW) for the lookup screen?

Thanks,

Jacopo

jonwimp

Re: Question on VIEW permissions on product/catalog

Isn't there the possibility of creating tiered or hierarchical permissions structure? Like parent
permissions and child permissions?

Jonathon

Jacopo Cappellato wrote:

> Hi all,
>
> I need to grant a user (from a custom application) the ability to lookup
> products, i.e. to use the LookupProduct screen, but the screen requires
> the CATALOG_VIEW permission; and with this permission the user has also
> access to the Catalog application, including all the stores settings and
> products/prices etc...
> What is the best way of resolving this? Should we create a new
> permission (PRODUCT_VIEW or PRODUCT_LOOKUP_VIEW) for the lookup screen?
>
> Thanks,
>
> Jacopo
>
>

Jacques Le Roux

Re: Question on VIEW permissions on product/catalog

Administrator

In reply to this post by Jacopo Cappellato

Actually, I just discovered the new permission framework (build by Andy six months ago, I'm shameful).
https://issues.apache.org/jira/browse/OFBIZ-609

Now that I have understood how it works in less than half an hour (I guess I was afraid and did not look before Adrian said it was
easy to use) I'd like to help. But I'm afraid I have too much thinks already waiting... If nobody tackle with this before me, I will
help after finishing current OFBiz tasks pending.

Really cool stuff !

Jacques

De : "Jacopo Cappellato" <[hidden email]>

Adrian Crum

Re: Question on VIEW permissions on product/catalog

Jacopo,

David suggested putting an ECA on the original service's permission checking service - a really cool
idea. Problem is, it doesn't work because of flaws in the service engine. I've submitted fixes to
Jira during the last few days but they haven't been committed. Once they are in, then the capability
you describe will be very easy.

-Adrian

Jacques Le Roux wrote:

> Actually, I just discovered the new permission framework (build by Andy six months ago, I'm shameful).
> https://issues.apache.org/jira/browse/OFBIZ-609
>
> Now that I have understood how it works in less than half an hour (I guess I was afraid and did not look before Adrian said it was
> easy to use) I'd like to help. But I'm afraid I have too much thinks already waiting... If nobody tackle with this before me, I will
> help after finishing current OFBiz tasks pending.
>
> Really cool stuff !
>
> Jacques
>
> De : "Jacopo Cappellato" <[hidden email]>
>
>>Hi all,
>>
>>I need to grant a user (from a custom application) the ability to lookup
>>products, i.e. to use the LookupProduct screen, but the screen requires
>>the CATALOG_VIEW permission; and with this permission the user has also
>>access to the Catalog application, including all the stores settings and
>>products/prices etc...
>>What is the best way of resolving this? Should we create a new
>>permission (PRODUCT_VIEW or PRODUCT_LOOKUP_VIEW) for the lookup screen?
>>
>>Thanks,
>>
>>Jacopo
>>
>
>
>

Anil Patel-3

Re: Question on VIEW permissions on product/catalog

In reply to this post by Jacques Le Roux

I did a commit recently for
https://issues.apache.org/jira/browse/OFBIZ-615. There is still a patch
that is pending to for commit.

If will be nice if we can have it tested.

Also there is a Jira issue for small mod in framework component that
Adrian created that will be nice to have. I have tested it and seems to
work without known side effects.

Regards
Anil Patel

Jacques Le Roux wrote:

> Actually, I just discovered the new permission framework (build by Andy six months ago, I'm shameful).
> https://issues.apache.org/jira/browse/OFBIZ-609
>
> Now that I have understood how it works in less than half an hour (I guess I was afraid and did not look before Adrian said it was
> easy to use) I'd like to help. But I'm afraid I have too much thinks already waiting... If nobody tackle with this before me, I will
> help after finishing current OFBiz tasks pending.
>
> Really cool stuff !
>
> Jacques
>
> De : "Jacopo Cappellato" <[hidden email]>
>
>> Hi all,
>>
>> I need to grant a user (from a custom application) the ability to lookup
>> products, i.e. to use the LookupProduct screen, but the screen requires
>> the CATALOG_VIEW permission; and with this permission the user has also
>> access to the Catalog application, including all the stores settings and
>> products/prices etc...
>> What is the best way of resolving this? Should we create a new
>> permission (PRODUCT_VIEW or PRODUCT_LOOKUP_VIEW) for the lookup screen?
>>
>> Thanks,
>>
>> Jacopo
>>
>>
>
>

David E Jones

Re: Question on VIEW permissions on product/catalog

In reply to this post by Jacopo Cappellato

Yeah, adding a special permission for lookups is probably the best solution. We wouldn't want these to not have permissions, and we don't want certain users to have these general permissions, so that's the only option I can think of.

-David

Jacopo Cappellato wrote: