On Jun 10, 2008, at 6:44 AM, BJ Freeman wrote:
> there is no security at record level.
Actually, there is.
> there may be some way in code to sort based on partyID or login.
> but it would seem to be a large job.
There are tools just for this, and many parts of the data model in
OFBiz were designed with this intent. It generally involves defining a
path from the Party in question to the target/desired entity through
relationships. This is usually do-able and easy to do with a single
view entity, and if a query on that entity with the proper constraints
returns any results then you know the user/party has the permission.
See the catalog role limited permissions and how they are defined and
used in the ProductServices.xml file for an example.
-David
> stamilo sent the following on 6/10/2008 5:34 AM:
>> hi ,
>> i see the question how to create permission, but i have other
>> question
>> how create permission base on record?
>>
>> like this:
>> user a create a record recorda;
>> user b create a record recrodb;
>>
>> i want that:
>> user a only can see, edit , delete that records created by
>> himself;
>> user b only can see, edit , delete that records created by
>> himself;
>>
>> but some guy may see all the records that create by user a and
>> user b;
>>
>> .....
>> :)
>>
>> thx!
>>
>
Locked
