[
https://issues.apache.org/jira/browse/OFBIZ-9763?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Chinmay Patidar updated OFBIZ-9763:
-----------------------------------
Attachment: OFBIZ-9763.patch
Updated the patch with an occurrence which was left out. i.e. replace the method call to 'checkShoppingListItemSecurity' with service call as it's converted into a service.
> Create separate Permission Services for CRUD services of ShoppingList and ShoppingListItem
> ------------------------------------------------------------------------------------------
>
> Key: OFBIZ-9763
> URL:
https://issues.apache.org/jira/browse/OFBIZ-9763> Project: OFBiz
> Issue Type: Improvement
> Components: ecommerce, party
> Affects Versions: Trunk, Release Branch 16.11
> Reporter: Chinmay Patidar
> Assignee: Arun Patidar
> Fix For: Trunk
>
> Attachments: OFBIZ-9763.patch, OFBIZ-9763.patch
>
>
> In CRUD services for ShoppingList and ShoppingListItem entities, the security related checks are present inline in the services. This implementation violates the best practice of keeping security implementation different from the business logic.
> We need to implement security services for such operations and to call them as a permission-service from the CRUD operation services definition
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
Locked
