I don't agree that party role types should be used for security. A
party's role could change, but not their permissions, or their
permissions could change but not their role.
It would be best to use a permission that represents a security role -
then it can be used independently of the party role.
Adrian Crum
Sandglass Software
www.sandglass-software.com
On 7/8/2014 10:30 AM, Pierre Smits wrote:
> Hi All,
>
> We have discussed it a number of times about extending the permissions
> aspects of OFBiz with some kind of Role Based Access Control.
> Currently we have in the functionalities only:
>
> <if-has-permission permission="PERMISSIONNAME" action="_PERMISSIONACTION"/>
>
> in various forms available for menu-items, screens and services.
>
> Would it not be a great improvement for OFBiz to have something equivalent
> for a role the user has to deliver a finer grained permission strategy,
> like:
>
> <if-has-role RoleType="ROLETYPEID">
>
> Regards,
>
> Pierre Smits
>
> *ORRTIZ.COM <
http://www.orrtiz.com>*
> Services & Solutions for Cloud-
> Based Manufacturing, Professional
> Services and Retail & Trade
>
http://www.orrtiz.com>
Locked
