Re: object instance security
Locked
 
|
> I would like to setup entities representing projects (like those
> created in Microsoft Project). Each project has a different > project team that are responsible for maintaining the project > data. Therefore, the permissions need to be fine grained so that > project A can only be accessed by project team X, and project B can > only be accessed by project team Y. The project management office > (PMO) admin staff though will require access both projects. So I > need INSTANCE and GROUP (standard ofbiz security) level security. > > I'm not really worried where the security checks take place, I was > just wondering how this may be done in ofbiz. > > Best regards, > > Chris > > From: David E Jones <[hidden email]> > Subject: Re: object instance security > Date: Mon, 14 Aug 2006 15:05:00 -0600 > To: [hidden email] > X-Mailer: Apple Mail (2.752.2) > X-Virus-Checked: Checked by ClamAV on apache.org > X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N > > > On Aug 14, 2006, at 4:17 AM, [hidden email] wrote: > > > Out of the box, does ofbiz allow for fine grained security of my > > custom > > entities (i.e. at the object instance level)? > > > > Many thanks ... > > Could you describe a bit more about what your intended use of this > would be? Perhaps something like a business story? > > There are some entity-level permission resources in the security and > entity engine parts of OFBiz, but they aren't used much as we > generally go with data driven logic layer permissions more than data > driven data layer permissions. > > -David > > > |
|
|
Does anyone have any ideas on this requirement? Any information that
may point me in the right direction will be much appreciated. Many thanks, Chris On Fri, 2007-02-02 at 07:57 +0000, Christopher Snow wrote: > > I would like to setup entities representing projects (like those > > created in Microsoft Project). Each project has a different > > project team that are responsible for maintaining the project > > data. Therefore, the permissions need to be fine grained so that > > project A can only be accessed by project team X, and project B can > > only be accessed by project team Y. The project management office > > (PMO) admin staff though will require access both projects. So I > > need INSTANCE and GROUP (standard ofbiz security) level security. > > > > I'm not really worried where the security checks take place, I was > > just wondering how this may be done in ofbiz. > > > > Best regards, > > > > Chris > > > > From: David E Jones <[hidden email]> > > Subject: Re: object instance security > > Date: Mon, 14 Aug 2006 15:05:00 -0600 > > To: [hidden email] > > X-Mailer: Apple Mail (2.752.2) > > X-Virus-Checked: Checked by ClamAV on apache.org > > X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N > > > > > > On Aug 14, 2006, at 4:17 AM, [hidden email] wrote: > > > > > Out of the box, does ofbiz allow for fine grained security of my > > > custom > > > entities (i.e. at the object instance level)? > > > > > > Many thanks ... > > > > Could you describe a bit more about what your intended use of this > > would be? Perhaps something like a business story? > > > > There are some entity-level permission resources in the security and > > entity engine parts of OFBiz, but they aren't used much as we > > generally go with data driven logic layer permissions more than data > > driven data layer permissions. > > > > -David > > > > > > |
|
|
Chris,
Please take a look at following Issue. https://issues.apache.org/jira/browse/OFBIZ-615 Andrew is leading an Effort for Implementing security Permission management that will satisfy the requirements specified in your emails. Very soon I will submit patch that implements the Granting Permission using PartyGroup membership Regards Anil Patel On 2/4/07, Christopher Snow <[hidden email]> wrote: > > Does anyone have any ideas on this requirement? Any information that > may point me in the right direction will be much appreciated. > > Many thanks, > > Chris > > > On Fri, 2007-02-02 at 07:57 +0000, Christopher Snow wrote: > > > I would like to setup entities representing projects (like those > > > created in Microsoft Project). Each project has a different > > > project team that are responsible for maintaining the project > > > data. Therefore, the permissions need to be fine grained so that > > > project A can only be accessed by project team X, and project B can > > > only be accessed by project team Y. The project management office > > > (PMO) admin staff though will require access both projects. So I > > > need INSTANCE and GROUP (standard ofbiz security) level security. > > > > > > I'm not really worried where the security checks take place, I was > > > just wondering how this may be done in ofbiz. > > > > > > Best regards, > > > > > > Chris > > > > > > From: David E Jones <[hidden email]> > > > Subject: Re: object instance security > > > Date: Mon, 14 Aug 2006 15:05:00 -0600 > > > To: [hidden email] > > > X-Mailer: Apple Mail (2.752.2) > > > X-Virus-Checked: Checked by ClamAV on apache.org > > > X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N > > > > > > > > > On Aug 14, 2006, at 4:17 AM, [hidden email] wrote: > > > > > > > Out of the box, does ofbiz allow for fine grained security of my > > > > custom > > > > entities (i.e. at the object instance level)? > > > > > > > > Many thanks ... > > > > > > Could you describe a bit more about what your intended use of this > > > would be? Perhaps something like a business story? > > > > > > There are some entity-level permission resources in the security and > > > entity engine parts of OFBiz, but they aren't used much as we > > > generally go with data driven logic layer permissions more than data > > > driven data layer permissions. > > > > > > -David > > > > > > > > > > |
«
Return to OFBiz - User
|
1 view|%1 views
| Free forum by Nabble | Edit this page |