[
https://issues.apache.org/jira/browse/OFBIZ-615?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12464000 ]
Andrew Zeneski commented on OFBIZ-615:
--------------------------------------
Here are the specs for WorkEffort Permissions, if possible it would be nice to keep these services as simple methods:
Three new Permissions to be added to WorkEffortSecurityData.xml
WORKEFFORT_ROLE_VIEW
WORKEFFORT_ROLE_CREATE
WORKEFFORT_ROLE_UPDATE
To create a new workeffort (with NO parent workeffort ID):
- WORKEFFORTMGR_CREATE or WORKEFFORT_ROLE_CREATE permission required
The create service auto associates the party with the workeffort in the role: CAL_OWNER (already implemented)
To create a new workeffort WITH a parent workeffort ID:
- WORKEFFORTMGR_CREATE or WORKEFFORT_ROLE_CREATE permission
- any associated role with any parent (see below for definition of parent)
To update a workeffort, or access other workeffort functions (party assignment, add roles, etc):
- WORKEFFORTMGR_UPDATE or WORKEFFORT_ROLE_UPDATE permission
- CAL_OWNER role member or CAL_DELEGATE role member
or
- WORKEFFORTMGR_UPDATE or WORKEFFORT_ROLE_UPDATE
- CAL_OWNER or CAL_DELEGATE of any Parent workeffort (see below for definition of parent)
To update a workeffort and change the parentWorkEffortId:
- must pass update permission on the current workeffort
- must pass update permission on any parent workeffort
To delete a workeffort:
- must have WORKEFFORTMGR_DELETE permission
** A parent workeffort can cascade. Get the related parent workeffort, test permissions, if fail, get THAT workeffort's related parent and test. Do this until the parentWorkEffortId == null.
To create a time sheet:
- WORKEFFORTMGR_CREATE or WORKEFFORT_ROLE_CREATE permission required
To update a time sheet:
- WORKEFFORTMGR_UPDATE or WORKEFFORT_ROLE_UPDATE and user matches partyId
To delete a time sheet:
- WORKEFFORTMGR_DELETE permission
To add time sheet roles:
- same as update timesheet
To add time entry w/ NO workeffort ID:
- same as time sheet update
To add time entry WITH workeffort ID;
- same as time sheet update
and
- must be associated with the workeffort in ANY role.
> Re-Factor WorkEffort permissions to follow new patterns
> -------------------------------------------------------
>
> Key: OFBIZ-615
> URL:
https://issues.apache.org/jira/browse/OFBIZ-615> Project: Apache OFBiz (The Open for Business Project)
> Issue Type: Sub-task
> Components: workeffort
> Reporter: Andrew Zeneski
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://issues.apache.org/jira/secure/Administrators.jspa-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
Locked
