Re: object instance security

>
> Chris,
> Please take a look at following Issue.
> https://issues.apache.org/jira/browse/OFBIZ-615
>
> Andrew is leading an Effort for Implementing security Permission management
> that will satisfy the requirements specified in your emails. Very soon I
> will submit patch that implements the Granting Permission using PartyGroup
> membership
>
> Regards
> Anil Patel
>
>
>
> On 2/4/07, Christopher Snow <[hidden email]> wrote:
> >
> > Does anyone have any ideas on this requirement?  Any information that
> > may point me in the right direction will be much appreciated.
> >
> > Many thanks,
> >
> > Chris
> >
> >
> > On Fri, 2007-02-02 at 07:57 +0000, Christopher Snow wrote:
> > > > I would like to setup entities representing projects (like those
> > > > created in Microsoft Project).  Each project has a different
> > > > project team that are responsible for maintaining the project
> > > > data.  Therefore, the permissions need to be fine grained so that
> > > > project A can only be accessed by project team X, and project B can
> > > > only be accessed by project team Y.  The project management office
> > > > (PMO) admin staff though will require access both projects.  So I
> > > > need INSTANCE and GROUP (standard ofbiz security) level security.
> > > >
> > > > I'm not really worried where the security checks take place, I was
> > > > just wondering how this may be done in  ofbiz.
> > > >
> > > > Best regards,
> > > >
> > > > Chris
> > > >
> > > > From: David E Jones <[hidden email]>
> > > > Subject: Re: object instance security
> > > > Date: Mon, 14 Aug 2006 15:05:00 -0600
> > > > To: [hidden email]
> > > > X-Mailer: Apple Mail (2.752.2)
> > > > X-Virus-Checked: Checked by ClamAV on apache.org
> > > > X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N
> > > >
> > > >
> > > > On Aug 14, 2006, at 4:17 AM, [hidden email] wrote:
> > > >
> > > > > Out of the box, does ofbiz allow for fine grained security of my
> > > > > custom
> > > > > entities (i.e. at the object instance level)?
> > > > >
> > > > > Many thanks ...
> > > >
> > > > Could you describe a bit more about what your intended use of this
> > > > would be? Perhaps something like a business story?
> > > >
> > > > There are some entity-level permission resources in the security and
> > > > entity engine parts of OFBiz, but they aren't used much as we
> > > > generally go with data driven logic layer permissions more than data
> > > > driven data layer permissions.
> > > >
> > > > -David
> > > >
> > > >
> > > >
> >
>
>

>
> Anil,
>
> Sorry to be a pain - I've installed the latest patch but I can't see
> what it actually does, or how it will enable me to use fine grained
> access control in my application.  Any chance you could point me in the
> right direction?
>
> Many thanks,
>
> Chris
>
>
>
> On Fri, 2007-03-23 at 12:17 +0000, Christopher Snow wrote:
> >
> > Chris,
> > Please take a look at following Issue.
> > https://issues.apache.org/jira/browse/OFBIZ-615
> >
> > Andrew is leading an Effort for Implementing security Permission
> management
> > that will satisfy the requirements specified in your emails. Very soon I
>
> > will submit patch that implements the Granting Permission using
> PartyGroup
> > membership
> >
> > Regards
> > Anil Patel
> >
> >
> >
> > On 2/4/07, Christopher Snow < [hidden email]> wrote:
> > >
> > > Does anyone have any ideas on this requirement?  Any information that
> > > may point me in the right direction will be much appreciated.
> > >
> > > Many thanks,
> > >
> > > Chris
> > >
> > >
> > > On Fri, 2007-02-02 at 07:57 +0000, Christopher Snow wrote:
> > > > > I would like to setup entities representing projects (like those
> > > > > created in Microsoft Project).  Each project has a different
> > > > > project team that are responsible for maintaining the project
> > > > > data.  Therefore, the permissions need to be fine grained so that
> > > > > project A can only be accessed by project team X, and project B
> can
> > > > > only be accessed by project team Y.  The project management office
> > > > > (PMO) admin staff though will require access both projects.  So I
> > > > > need INSTANCE and GROUP (standard ofbiz security) level security.
> > > > >
> > > > > I'm not really worried where the security checks take place, I was
> > > > > just wondering how this may be done in  ofbiz.
> > > > >
> > > > > Best regards,
> > > > >
> > > > > Chris
> > > > >
> > > > > From: David E Jones < [hidden email]>
> > > > > Subject: Re: object instance security
> > > > > Date: Mon, 14 Aug 2006 15:05:00 -0600
> > > > > To: [hidden email]
> > > > > X-Mailer: Apple Mail (2.752.2)
> > > > > X-Virus-Checked: Checked by ClamAV on apache.org
> > > > > X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N
> > > > >
> > > > >
> > > > > On Aug 14, 2006, at 4:17 AM, [hidden email] wrote:
> > > > >
> > > > > > Out of the box, does ofbiz allow for fine grained security of my
> > > > > > custom
> > > > > > entities (i.e. at the object instance level)?
> > > > > >
> > > > > > Many thanks ...
> > > > >
> > > > > Could you describe a bit more about what your intended use of this
> > > > > would be? Perhaps something like a business story?
> > > > >
> > > > > There are some entity-level permission resources in the security
> and
> > > > > entity engine parts of OFBiz, but they aren't used much as we
> > > > > generally go with data driven logic layer permissions more than
> data
> > > > > driven data layer permissions.
> > > > >
> > > > > -David
> > > > >
> > > > >
> > > > >
> > >
> >
> >
>
>