I am trying to restrict user logins to a subset of
facilities within ofbiz
Warehouses are separate with an individual manager and
number of operators.
I want to restrict PO / inventory receipts to allowed
facilities
(including drop down boxes) to reduce/minimise
operator errors
From what I understand so far.
1. a party can have >1 user login
2. a user login can be a member of one or more
security groups
3. Each security group has a list of permissions
It would appear that permissions are 'broken' up
within the code (ftl,
bsh etc) into component eg ORDERMGR and operation eg
CREATE and then
applied.
Example :- In the demo data, there are two logins
DemoRepStore and
DemoRepAll for which DemoRepStore has
ORDERMGR_SALES_ENTRY and
DemoRepAll has ORDERMGR_SALES_ENTRY and
ORDER_SALES_CREATE.
The checkinits.ftl appears to check against the CREATE
permission
<#if security.hasEntityPermission("ORDERMGR",
"_CREATE", session)>
meaning that DemoRepStore cannot enter any orders and
DempRepAll can -
is this right? I may have thought that the CREATE
permission would only
be applied at creation/approval stage and not at order
entry stage?
I have read the WIKI entry of security
http://ofbizwiki.go-integral.com/Wiki.jsp?page=SecurityAdministrationand assume that I will need the use of security roles
to achive what I
want, but until I understand the above I feel at a
loss.
Daniel
___________________________________________________________
To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre.
http://uk.security.yahoo.com
_______________________________________________
Users mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/users
Locked
