Re: Request for enhance entity:SystemProperty.

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
12 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: Request for enhance entity:SystemProperty.

Jacques Le Roux
Administrator
Hi Wai,

This is typically the kind of questions which can go in dev ML, copying there

Thanks

Jacques


Le 07/08/2017 à 04:44, Wai a écrit :

> I would like to get some comments on a request to enhance the SystemProperty
> entity.
> It would be useful to add the following fields:
>
> field: access
>      -this field is used to indicate if the entry is readable and/or writable
> by the a user with admin access.
>      -valid values:
>
>
> field: valueType
>      -this field is used to indicate the format of the value. It could be
> used to aid validation
>      -valid values:
>
>
> A second point.  The SystemProperty entity contains settings for the whole
> system (even thought some are for specific components).  Would it be useful
> to include user specific settings based on userLoginId.  If so, would that
> be using SystemProperty or create a new entity (eg. UserProperty?)
>
> Thanks.
>
>
>
>
> --
> View this message in context: http://ofbiz.135035.n4.nabble.com/Request-for-enhance-entity-SystemProperty-tp4709232.html
> Sent from the OFBiz - User mailing list archive at Nabble.com.
>

Reply | Threaded
Open this post in threaded view
|

Re: Request for enhance entity:SystemProperty.

Nicolas Malin-2
Hi Wai,

Can you give us some examples on the reason to set a specific access to
a property or have a UserProperty.

Because my first react would be says when you use a property, it's
always through a service or screen so the limit access is manage by
them. And for the user property it seems to be an UserPreference

Nicolas


Le 07/08/2017 à 09:03, Jacques Le Roux a écrit :

> Hi Wai,
>
> This is typically the kind of questions which can go in dev ML,
> copying there
>
> Thanks
>
> Jacques
>
>
> Le 07/08/2017 à 04:44, Wai a écrit :
>> I would like to get some comments on a request to enhance the
>> SystemProperty
>> entity.
>> It would be useful to add the following fields:
>>
>> field: access
>>      -this field is used to indicate if the entry is readable and/or
>> writable
>> by the a user with admin access.
>>      -valid values:
>>
>>
>> field: valueType
>>      -this field is used to indicate the format of the value. It
>> could be
>> used to aid validation
>>      -valid values:
>>
>>
>> A second point.  The SystemProperty entity contains settings for the
>> whole
>> system (even thought some are for specific components).  Would it be
>> useful
>> to include user specific settings based on userLoginId.  If so, would
>> that
>> be using SystemProperty or create a new entity (eg. UserProperty?)
>>
>> Thanks.
>>
>>
>>
>>
>> --
>> View this message in context:
>> http://ofbiz.135035.n4.nabble.com/Request-for-enhance-entity-SystemProperty-tp4709232.html
>> Sent from the OFBiz - User mailing list archive at Nabble.com.
>>
>
>

Wai
Reply | Threaded
Open this post in threaded view
|

Re: Request for enhance entity:SystemProperty.

Wai
This post was updated on .
Sorry it took so long to reply. I was not notified by Nabble that anybody responded.

When I use the term "access", it is _not_ related to ofbiz security. Perhaps I should have used a different term to describe these fields.  I shall replace "access" with readWriteType.

readWriteType means how ofbiz treats the property when a user interacts with it.  Of course, only users with the proper ofbiz authorization may access the properties. Some properties are mean to be viewed and not modified (ie. readWriteType=readOnly).  Some are hidden altogether (ie. readWriteType=hidden).

Example of a read only property field:
An ofbiz owner may subscribe to a third party service via oauth2 authentication.  This 3rd party service is used by ofbiz to provide a functionality.  A user with proper ofbiz authorization may modify the oauth2 authentication parameters(ie. readWriteType=readWrite) and can also view the current oauth2 status (ie. readWriteType=readOnly). (Note: this is not related to ofbiz passport component).

In the case of readWriteType=hidden, lets define 2 terms. ofbizOwner and ofbizTenantOwner.  ofbizOwner is an entity that owns an ofbiz system. Such an entity is responsible for installation, setup, upgrades, database upgrades and tenant administrations. A ofbizInstanceOwner is a tenant of an ofbiz system configured for multitenant mode of operation.  A property with readWriteType=hidden is one which is administered by the ofbizOwner and stored in the database of an ofbizTenantOwner and affects the instance of that tenant.  As such, the ofbizTenantOwner cannot view nor edit such a property.

Hope this clear things up.
Wai
Reply | Threaded
Open this post in threaded view
|

Re: Request for enhance entity:SystemProperty.

Wai
In reply to this post by Jacques Le Roux
There was also a second question for this posting.  It was whether another entity should be created to address party specific properties.

Arun Patidar-2, made reference to entity:PartyAcctgPreference. I shall take a look at that to see if that would meet my needs.

Thanks.
Wai
Reply | Threaded
Open this post in threaded view
|

Re: Request for enhance entity:SystemProperty.

Wai
In reply to this post by Nicolas Malin-2
Regarding the need for a user specific entity to store user specific settings, the structure for entity:UserPreference looks like a good match for what I need. Seeing that there is only one value defined for userPrefGroupTypeId (ie. GLOBAL_PREFERENCES), I can define USER_PREFERENCES for this field.

Thanks.
Wai
Reply | Threaded
Open this post in threaded view
|

Re: Request for enhance entity:SystemProperty.

Wai
In reply to this post by Jacques Le Roux
Is anyone interested in this enhancement?
Thanks
Reply | Threaded
Open this post in threaded view
|

Re: Request for enhance entity:SystemProperty.

Jacques Le Roux
Administrator
Le 13/08/2017 à 07:10, Wai a écrit :
> Is anyone interested in this enhancement?
> Thanks
>
>
>
> --
> View this message in context: http://ofbiz.135035.n4.nabble.com/Re-Request-for-enhance-entity-SystemProperty-tp4709235p4709546.html
> Sent from the OFBiz - Dev mailing list archive at Nabble.com.
>
Hi Wai,

What the enhancement would be is not totally clear to me.

You agree that using UserPreference answers to your 2nd point, right? But why do you need USER_PREFERENCES? Is GLOBAL_PREFERENCES not enough for you?
Also you speak about "include user specific settings based on userLoginId." Do you really want that by login (like in the misNamed UserPreference
which should be userLoginPreference ), not by party?

BTW I don't think that PartyAcctgPreference fits with your needs (that I must say, I don't completely understand). It's only related with accounting
and should be ignored in this topic.

Jacques

Reply | Threaded
Open this post in threaded view
|

Re: Request for enhance entity:SystemProperty.

Nicolas Malin-2
In reply to this post by Wai
Hello Wai,

My apologies, I read, reread your response but I didn't understand your
example :(

Maybe I wrong but I already have the feel in your problematic isn't only
a technical problem and I'm more in favor the anaylse more
UserPreference, with party relation instead of change a low brick

Cheers,

Nicolas


Le 10/08/2017 à 21:08, Wai a écrit :

> Sorry it took so long to reply. I was not notified by Nabble that anybody
> responded.When I use the term "access", it is _not_ related to ofbiz
> security. Perhaps I should have used a different term to describe these
> fields.  I shall replace "access" with readWriteType.readWriteType means how
> ofbiz treats the property when a user interacts with it.  Of course, only
> users with the proper ofbiz authorization may access the properties. Some
> properties are mean to be viewed and not modified (ie.
> readWriteType=readOnly).  Some are hidden altogether (ie.
> readWriteType=hidden).Example of a read only property field:An ofbiz owner
> may subscribe to a third party service via oauth2 authentication.  This 3rd
> party service is used by ofbiz to provide a functionality.  A user with
> proper ofbiz authorization may modify the oauth2 authentication
> parameters(ie. readWriteType=readWrite) and can also view the current oauth2
> status (ie. readWriteType=readOnly). (Note: this is not related to ofbiz
> passport component).In the case of readWriteType=hidden, lets define 2
> terms. ofbizOwner and ofbizTenantOwner.  ofbizOwner is an entity that owns
> an ofbiz system. Such an entity is responsible for installation, setup,
> upgrades, database upgrades and tenant administrations. A ofbizInstanceOwner
> is a tenant of an ofbiz system configured for multitenant mode of operation.
> A property with readWriteType=hidden is one which is administered by the
> ofbizOwner and stored in the database of an ofbizTenantOwner and affects the
> instance of that tenant.  As such, the ofbizTenantOwner cannot view nor edit
> such a property.Hope this clear things up.
>
>
>
> --
> View this message in context: http://ofbiz.135035.n4.nabble.com/Re-Request-for-enhance-entity-SystemProperty-tp4709235p4709445.html
> Sent from the OFBiz - Dev mailing list archive at Nabble.com.
>

Reply | Threaded
Open this post in threaded view
|

Re: Request for enhance entity:SystemProperty.

Gil Portenseigne
In reply to this post by Wai
Hello Wai,

To try to better understand your examples, i will reformulate :

* A user can access a functionality using an oauth2 settings that is
configured only by an administrator ? But the concerned user can view it.

The way i would implement that is using *security group* granting
permission to configure these kinds of parameters (that do not seems to
belong to SystemProperty since it do not contains userLogin/party
reference).

The Owner of the configuration, could only view it (based on userLoginId
or partyId check on the configuration entity) and those from a specific
screen.

* The property is hidden by default (to anyone, including the
ofbizTenantOwner), but can be configured by a specific profile (OfbizOwner).

Given the property type, i would store it into SystemProperty and grant
access to it using security through a specific screen.

I do not get the point that could justify the creation of accessType
onto SystemProperty.

But if you want to configure access to SystemProperty configuration,
that could be possible is to add a permissionId field... but that won't
solve your examples.

HTH

Gil


On 10/08/2017 21:08, Wai wrote:

> Sorry it took so long to reply. I was not notified by Nabble that anybody
> responded.When I use the term "access", it is _not_ related to ofbiz
> security. Perhaps I should have used a different term to describe these
> fields.  I shall replace "access" with readWriteType.readWriteType means how
> ofbiz treats the property when a user interacts with it.  Of course, only
> users with the proper ofbiz authorization may access the properties. Some
> properties are mean to be viewed and not modified (ie.
> readWriteType=readOnly).  Some are hidden altogether (ie.
> readWriteType=hidden).Example of a read only property field:An ofbiz owner
> may subscribe to a third party service via oauth2 authentication.  This 3rd
> party service is used by ofbiz to provide a functionality.  A user with
> proper ofbiz authorization may modify the oauth2 authentication
> parameters(ie. readWriteType=readWrite) and can also view the current oauth2
> status (ie. readWriteType=readOnly). (Note: this is not related to ofbiz
> passport component).In the case of readWriteType=hidden, lets define 2
> terms. ofbizOwner and ofbizTenantOwner.  ofbizOwner is an entity that owns
> an ofbiz system. Such an entity is responsible for installation, setup,
> upgrades, database upgrades and tenant administrations. A ofbizInstanceOwner
> is a tenant of an ofbiz system configured for multitenant mode of operation.
> A property with readWriteType=hidden is one which is administered by the
> ofbizOwner and stored in the database of an ofbizTenantOwner and affects the
> instance of that tenant.  As such, the ofbizTenantOwner cannot view nor edit
> such a property.Hope this clear things up.
>
>
>
> --
> View this message in context: http://ofbiz.135035.n4.nabble.com/Re-Request-for-enhance-entity-SystemProperty-tp4709235p4709445.html
> Sent from the OFBiz - Dev mailing list archive at Nabble.com.

Wai
Reply | Threaded
Open this post in threaded view
|

Re: Request for enhance entity:SystemProperty.

Wai
The confusion was my original posting containing 2 separate items.
1) request to add readWriteType and valueType into entity:SystemProperty.
2) A question about user specific properties.

This reply addresses item#1. I request to add 2 fields called readWriteType (formerly called accessType) and valueType to entity:SystemProperty. For each entry of entity:SystemProperty, valid values for readWriteType is 'hidden', 'readOnly', and 'readWrite'. The valid values for valueType is 'TEXT', 'NUMERIC', 'BOOLEAN', 'DATE', 'LIST', etc.

The reason for these 2 new fields is to help with visibility and validation purposes. For validation, when ofbiz outputs html to the browser, an entry with valueType=DATE, for example, would indicate that a date value is expected and hence ofbiz could add a javascript calendar to help a user pick a date for that entry. On update of entry at postback, ofbiz could validate that it is indeed a date value before storing to database.

Regarding readWriteType field. This would be used to control the visibility of an entry to the user. Note, this has nothing to do with ofbiz security.Even when a user has authorization to view a page showing the entries of entity:SystemProperty, there could be fields that should be hidden or readOnly. These fields are normally manipulated by the ofbizDeveloper and not meant for the ofbizOwner to manipulate.  This might seem strange for a non-multitenant ofbiz installation but it makes sense when ofbiz is running in multitenant mode.  OfbizOwner can configure ofbiz to behave differently for each tenant.  The tenant would not be able to see nor manipulate such an entry.

Hope this clear things up.
Wai
Reply | Threaded
Open this post in threaded view
|

Re: Request for enhance entity:SystemProperty.

Wai
In reply to this post by Jacques Le Roux
Since entity:UserPreference provides a reference to entity:UserLogin, it seems a good fit for what I need.
You implied that a party-based preference would be more appropriate. What would be the advantage of a party-based version.
If I were to use a party-based version then I would have to create another entity (eg. PartyPreference)
Thanks
Reply | Threaded
Open this post in threaded view
|

Re: Request for enhance entity:SystemProperty.

Jacques Le Roux
Administrator
Hi Wai,

It was more a question. I also think UserLogin fits

Jacques


Le 14/08/2017 à 23:52, Wai a écrit :

> Since entity:UserPreference provides a reference to entity:UserLogin, it
> seems a good fit for what I need.
> You implied that a party-based preference would be more appropriate. What
> would be the advantage of a party-based version.
> If I were to use a party-based version then I would have to create another
> entity (eg. PartyPreference)
> Thanks
>
>
>
> --
> View this message in context: http://ofbiz.135035.n4.nabble.com/Re-Request-for-enhance-entity-SystemProperty-tp4709235p4709655.html
> Sent from the OFBiz - Dev mailing list archive at Nabble.com.
>