OFBiz › OFBiz - Commits

svn commit: r507809 - in /ofbiz/trunk/applications/product: data/ProductSecurityData.xml script/org/ofbiz/product/category/CategoryServices.xml servicedef/services.xml webapp/catalog/WEB-INF/controller.xml

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

1 message

jonesde

svn commit: r507809 - in /ofbiz/trunk/applications/product: data/ProductSecurityData.xml script/org/ofbiz/product/category/CategoryServices.xml servicedef/services.xml webapp/catalog/WEB-INF/controller.xml

Author: jonesde
Date: Wed Feb 14 20:12:07 2007
New Revision: 507809

URL: http://svn.apache.org/viewvc?view=rev&rev=507809
Log:
Some fixed for the view and purchase allow category product add permission code; major cleanup, changed name to better represent and distinguish what it does; also changed OOTB security group setup to better represent how this is intended to be used; now appears to work properly

Modified:
ofbiz/trunk/applications/product/data/ProductSecurityData.xml
ofbiz/trunk/applications/product/script/org/ofbiz/product/category/CategoryServices.xml
ofbiz/trunk/applications/product/servicedef/services.xml
ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/controller.xml

Modified: ofbiz/trunk/applications/product/data/ProductSecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/data/ProductSecurityData.xml?view=diff&rev=507809&r1=507808&r2=507809
==============================================================================
--- ofbiz/trunk/applications/product/data/ProductSecurityData.xml (original)
+++ ofbiz/trunk/applications/product/data/ProductSecurityData.xml Wed Feb 14 20:12:07 2007
@@ -42,21 +42,24 @@
<SecurityGroup description="Catalog Admin group, has all catalog permissions." groupId="CATALOGADMIN"/>
<SecurityGroupPermission groupId="CATALOGADMIN" permissionId="CATALOG_ADMIN"/>
<SecurityGroupPermission groupId="CATALOGADMIN" permissionId="OFBTOOLS_VIEW"/>
- <SecurityGroupPermission groupId="CATALOGADMIN" permissionId="CATALOG_VIEW_ALLOW"/>
- <SecurityGroupPermission groupId="CATALOGADMIN" permissionId="CATALOG_PURCHASE_ALLOW"/>
+
+ <SecurityGroup description="Catalog Admin View and Purchase Allow Products" groupId="CATALOGADMIN"/>
+ <SecurityGroupPermission groupId="FLEXADMIN" permissionId="CATALOG_VIEW_ALLOW"/>
+ <SecurityGroupPermission groupId="FLEXADMIN" permissionId="CATALOG_PURCHASE_ALLOW"/>

<SecurityGroupPermission groupId="FULLADMIN" permissionId="CATALOG_ADMIN"/>
<SecurityGroupPermission groupId="FULLADMIN" permissionId="CATALOG_PRICE_MAINT"/>
<SecurityGroupPermission groupId="FULLADMIN" permissionId="CATALOG_VIEW_ALLOW"/>
<SecurityGroupPermission groupId="FULLADMIN" permissionId="CATALOG_PURCHASE_ALLOW"/>
- <SecurityGroupPermission groupId="FLEXADMIN" permissionId="CATALOG_VIEW_ALLOW"/>
- <SecurityGroupPermission groupId="FLEXADMIN" permissionId="CATALOG_PURCHASE_ALLOW"/>
+
<SecurityGroupPermission groupId="FLEXADMIN" permissionId="CATALOG_CREATE"/>
<SecurityGroupPermission groupId="FLEXADMIN" permissionId="CATALOG_DELETE"/>
<SecurityGroupPermission groupId="FLEXADMIN" permissionId="CATALOG_UPDATE"/>
<SecurityGroupPermission groupId="FLEXADMIN" permissionId="CATALOG_VIEW"/>
<SecurityGroupPermission groupId="FLEXADMIN" permissionId="CATALOG_PRICE_MAINT"/>
-
+ <SecurityGroupPermission groupId="FLEXADMIN" permissionId="CATALOG_VIEW_ALLOW"/>
+ <SecurityGroupPermission groupId="FLEXADMIN" permissionId="CATALOG_PURCHASE_ALLOW"/>
+
<SecurityGroupPermission groupId="VIEWADMIN" permissionId="CATALOG_VIEW"/>
<SecurityGroupPermission groupId="BIZADMIN" permissionId="CATALOG_ADMIN"/>
<SecurityGroupPermission groupId="BIZADMIN" permissionId="CATALOG_PRICE_MAINT"/>

Modified: ofbiz/trunk/applications/product/script/org/ofbiz/product/category/CategoryServices.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/script/org/ofbiz/product/category/CategoryServices.xml?view=diff&rev=507809&r1=507808&r2=507809
==============================================================================
--- ofbiz/trunk/applications/product/script/org/ofbiz/product/category/CategoryServices.xml (original)
+++ ofbiz/trunk/applications/product/script/org/ofbiz/product/category/CategoryServices.xml Wed Feb 14 20:12:07 2007
@@ -551,154 +551,6 @@
</if-compare>
</simple-method>

- 
- <simple-method method-name="checkCategoryRelatedPermission" short-description="Check Product Category Related Permission">
- <if-empty field-name="callingMethodName">
- <set field="callingMethodName" value="this operation"/>
- </if-empty>
- <if-empty field-name="checkAction">
- <set field="checkAction" value="UPDATE"/>
- </if-empty>
- <if-empty field-name="productCategoryIdName">
- <set field="productCategoryIdName" value="productCategoryId"/>
- </if-empty>
- <if-empty field-name="productCategoryIdToCheck">
- <set field="productCategoryIdToCheck" from-field="parameters.${productCategoryIdName}"/>
- </if-empty>
-
- 
- <if>
- <condition>
- <not><if-has-permission permission="CATALOG" action="_${checkAction}"/></not>
- </condition>
- <then>
- <entity-and entity-name="ProductCategoryRollupAndRole" list-name="roleCategories">
- <field-map field-name="productCategoryId" env-name="productCategoryIdToCheck"/>
- <field-map field-name="partyId" env-name="userLogin.partyId"/>
- <field-map field-name="roleTypeId" value="LTD_ADMIN"/>
- </entity-and>
- <filter-list-by-date list-name="roleCategories" valid-date-name="nowTimestamp"/>
- <filter-list-by-date list-name="roleCategories" valid-date-name="nowTimestamp" from-field-name="roleFromDate" thru-field-name="roleThruDate"/>
- </then>
- </if>
- <log level="info" message="Checking category permission, roleCategories=${roleCategories}"/>
- <if>
- <condition>
- <not>
- <or>
- <if-has-permission permission="CATALOG" action="_${checkAction}"/>
- <and>
- <if-has-permission permission="CATALOG_ROLE" action="_${checkAction}"/>
- <not><if-empty field-name="roleCategories"/></not>
- </and>
- </or>
- </not>
- </condition>
- <then>
- <log level="verbose" message="Permission check failed, user does not have permission"/>
- <add-error><fail-message message="Security Error: to run ${callingMethodName} you must have the CATALOG_${checkAction} or CATALOG_ADMIN permission or have the CATALOG_ROLE_${checkAction} permission and be associated with a category containing this category."/></add-error>
- <set field="hasPermission" type="Boolean" value="false"/>
- </then>
- </if>
- </simple-method>
-
- 
- <simple-method method-name="checkCategoryRelatedPermissionService" short-description="Check Product Category Related Permission">
- <set field="hasPermission" type="Boolean" value="true"/>
-
- 
- <if-empty field-name="parameters.resourceDescription">
- <set field="callingMethodName" value="this operation"/>
- <else>
- <set field="callingMethodName" value="parameters.resourceDescription"/>
- </else>
- </if-empty>
- <if-empty field-name="parameters.mainAction">
- <set field="checkAction" value="UPDATE"/>
- <else>
- <set field="checkAction" value="parameters.mainAction"/>
- </else>
- </if-empty>
-
- 
- <set field="productCategoryIdList" from-field="parameters.categories"/>
- <if-empty field-name="productCategoryIdList" >
- <set field="productCategoryIdList[]" from-field="parameters.productCategoryId"/>
- </if-empty>
-
- 
- <iterate entry-name="productCategoryId" list-name="productCategoryIdList">
- <entity-and list-name="prodCatalogCategoryListRaw" entity-name="ProdCatalogCategory">
- <field-map field-name="productCategoryId"/>
- </entity-and>
- <filter-list-by-date list-name="prodCatalogCategoryListRaw" to-list-name="prodCatalogCategoryList"/>
- <iterate entry-name="prodCatalogCategory" list-name="prodCatalogCategoryList">
- 
- <if>
- <condition>
- <or>
- <if-compare operator="equals" field-name="prodCatalogCategory.prodCatalogCategoryTypeId" value="PCCT_VIEW_ALLW"/>
- <if-compare operator="equals" field-name="prodCatalogCategory.prodCatalogCategoryTypeId" value="PCCT_PURCH_ALLW"/>
- </or>
- </condition>
- <then>
- <set field="globalViewAllowPermReqd" value="N"/>
- <set field="globalPurchaseAllowPermReqd" value="N"/>
-
- 
- <entity-one entity-name="ProdCatalog" value-name="prodCatalog">
- <field-map field-name="prodCatalogId" env-name="prodCatalogCategory.prodCatalogId"/>
- </entity-one>
- <if-not-empty field-name="prodCatalog">
- <if-compare operator="equals" field-name="prodCatalog.viewAllowPermReqd" value="Y">
- <set field="globalViewAllowPermReqd" value="Y"/>
- </if-compare>
- <if-compare operator="equals" field-name="prodCatalog.purchaseAllowPermReqd" value="Y">
- <set field="globalPurchaseAllowPermReqd" value="Y"/>
- </if-compare>
- </if-not-empty>
- <if-compare operator="equals" field-name="globalViewAllowPermReqd" value="Y" >
- <if>
- <condition>
- <not>
- <if-has-permission permission="CATALOG" action="_VIEW_ALLOW"/>
- </not>
- </condition>
- <then>
- <log level="verbose" message="Permission check failed, user does not have permission"/>
- <set field="failMessage" value="Security Error: to run ${callingMethodName} you must have the CATALOG_VIEW_ALLOW permission."/>
- <set field="hasPermission" type="Boolean" value="false"/>
- </then>
- </if>
- </if-compare>
- <if-compare operator="equals" field-name="globalPurchaseAllowPermReqd" value="Y" >
- <if>
- <condition>
- <not>
- <if-has-permission permission="CATALOG" action="_PURCHASE_ALLOW"/>
- </not>
- </condition>
- <then>
- <log level="verbose" message="Permission check failed, user does not have permission"/>
- <set field="failMessage" value="Security Error: to run ${callingMethodName} you must have the CATALOG_PURCHASE_ALLOW permission."/>
- <set field="hasPermission" type="Boolean" value="false"/>
- </then>
- </if>
- </if-compare>
- </then>
- </if>
- </iterate>
- 
- <if-compare operator="equals" field-name="hasPermission" value="true" type="Boolean">
- <set field="productCategoryIdToCheck" from-field="productCategoryId"/>
- <call-simple-method method-name="checkCategoryRelatedPermission"/>
- </if-compare>
- </iterate>
- <field-to-result field-name="hasPermission"/>
- <field-to-result field-name="failMessage"/>
- </simple-method>
-
<simple-method method-name="duplicateProductCategory" short-description="Duplicate a ProductCategory">
<set value="duplicateProductCategory" field="callingMethodName"/>
<check-permission permission="CATALOG" action="_CREATE">
@@ -837,5 +689,151 @@
<entity-one entity-name="ProductCategoryLink" value-name="lookedUpValue"/>
<remove-value value-name="lookedUpValue"/>
</simple-method>
+
+ 
+ 
+ 
+
+ 
+ <simple-method method-name="checkCategoryRelatedPermission" short-description="Check Product Category Related Permission">
+ <if-empty field-name="callingMethodName">
+ <set field="callingMethodName" value="this operation"/>
+ </if-empty>
+ <if-empty field-name="checkAction">
+ <set field="checkAction" value="UPDATE"/>
+ </if-empty>
+ <if-empty field-name="productCategoryIdName">
+ <set field="productCategoryIdName" value="productCategoryId"/>
+ </if-empty>
+ <if-empty field-name="productCategoryIdToCheck">
+ <set field="productCategoryIdToCheck" from-field="parameters.${productCategoryIdName}"/>
+ </if-empty>
+
+ 
+ <if>
+ <condition>
+ <not><if-has-permission permission="CATALOG" action="_${checkAction}"/></not>
+ </condition>
+ <then>
+ <entity-and entity-name="ProductCategoryRollupAndRole" list-name="roleCategories">
+ <field-map field-name="productCategoryId" env-name="productCategoryIdToCheck"/>
+ <field-map field-name="partyId" env-name="userLogin.partyId"/>
+ <field-map field-name="roleTypeId" value="LTD_ADMIN"/>
+ </entity-and>
+ <filter-list-by-date list-name="roleCategories" valid-date-name="nowTimestamp"/>
+ <filter-list-by-date list-name="roleCategories" valid-date-name="nowTimestamp" from-field-name="roleFromDate" thru-field-name="roleThruDate"/>
+ </then>
+ </if>
+ <log level="info" message="Checking category permission, roleCategories=${roleCategories}"/>
+ <if>
+ <condition>
+ <not>
+ <or>
+ <if-has-permission permission="CATALOG" action="_${checkAction}"/>
+ <and>
+ <if-has-permission permission="CATALOG_ROLE" action="_${checkAction}"/>
+ <not><if-empty field-name="roleCategories"/></not>
+ </and>
+ </or>
+ </not>
+ </condition>
+ <then>
+ <log level="verbose" message="Permission check failed, user does not have permission"/>
+ <add-error><fail-message message="Security Error: to run ${callingMethodName} you must have the CATALOG_${checkAction} or CATALOG_ADMIN permission or have the CATALOG_ROLE_${checkAction} permission and be associated with a category containing this category."/></add-error>
+ <set field="hasPermission" type="Boolean" value="false"/>
+ </then>
+ </if>
+ </simple-method>
+ <simple-method method-name="productCategoryGenericPermission" short-description="Main permission logic">
+ <set field="mainAction" from-field="parameters.mainAction"/>
+ <if-empty field-name="mainAction">
+ <add-error><fail-message message="In the permission-service element for the productGenericPermission service the main-action attribute was missing but is required"/></add-error>
+ <check-errors/>
+ </if-empty>
+
+ <set field="callingMethodName" from-field="parameters.resourceDescription"/>
+ <set field="checkAction" from-field="parameters.mainAction"/>
+ <call-simple-method method-name="checkCategoryRelatedPermission"/>
+
+ <if-empty field-name="error_list">
+ <set field="hasPermission" type="Boolean" value="true"/>
+ <field-to-result field-name="hasPermission"/>
+
+ <else>
+ <property-to-field resource="ProductUiLabels" property="ProductPermissionError" field-name="failMessage"/>
+ <set field="hasPermission" type="Boolean" value="false"/>
+ <field-to-result field-name="hasPermission"/>
+ <field-to-result field-name="failMessage"/>
+ </else>
+ </if-empty>
+ </simple-method>
+
+ 
+ <simple-method method-name="checkCategoryPermissionWithViewPurchaseAllow" short-description="Check Product Category Permission With View and Purchase Allow">
+ <set-service-fields service-name="productCategoryGenericPermission" map-name="parameters" to-map-name="productCategoryGenericPermissionMap"/>
+ <call-service service-name="productCategoryGenericPermission" in-map-name="productCategoryGenericPermissionMap">
+ <results-to-map map-name="genericResult"/>
+ </call-service>
+ <log level="info" message="checkCategoryPermissionWithViewPurchaseAllow genericResult: ${genericResult}"/>
+ <if-compare field-name="genericResult.hasPermission" operator="equals" value="false" type="Boolean">
+ <field-to-result field-name="genericResult.hasPermission" result-name="hasPermission"/>
+ <field-to-result field-name="genericResult.failMessage" map-name="failMessage"/>
+ <return/>
+ </if-compare>
+
+ 
+ <log level="info" message="checkCategoryPermissionWithViewPurchaseAllow got here 1; parameters.productCategoryId=${parameters.productCategoryId}"/>

+ 
+ <set field="callingMethodName" from-field="parameters.resourceDescription" default-value="this operation"/>
+ <set field="checkAction" from-field="parameters.mainAction" default-value="UPDATE"/>
+
+ <entity-condition list-name="prodCatalogCategoryList" entity-name="ProdCatalogCategory" filter-by-date="true">
+ <condition-list combine="and">
+ <condition-expr field-name="productCategoryId" env-name="parameters.productCategoryId"/>
+ <condition-list combine="or">
+ <condition-expr field-name="prodCatalogCategoryTypeId" value="PCCT_VIEW_ALLW"/>
+ <condition-expr field-name="prodCatalogCategoryTypeId" value="PCCT_PURCH_ALLW"/>
+ </condition-list>
+ </condition-list>
+ </entity-condition>
+ <iterate entry-name="prodCatalogCategory" list-name="prodCatalogCategoryList">
+ 
+ <entity-one entity-name="ProdCatalog" value-name="prodCatalog" auto-field-map="false">
+ <field-map field-name="prodCatalogId" env-name="prodCatalogCategory.prodCatalogId"/>
+ </entity-one>
+ <log level="info" message="checkCategoryPermissionWithViewPurchaseAllow prodCatalogCategory: ${prodCatalogCategory}"/>
+ <log level="info" message="checkCategoryPermissionWithViewPurchaseAllow prodCatalog: ${prodCatalog}"/>
+ <if>
+ <condition>
+ <and>
+ <if-compare field-name="prodCatalog.viewAllowPermReqd" operator="equals" value="Y"/>
+ <not><if-has-permission permission="CATALOG_VIEW_ALLOW"/></not>
+ </and>
+ </condition>
+ <then>
+ <log level="verbose" message="Permission check failed, user does not have permission"/>
+ <set field="failMessage" value="Security Error: to run ${callingMethodName} you must have the CATALOG_VIEW_ALLOW permission."/>
+ <set field="hasPermission" type="Boolean" value="false"/>
+ </then>
+ </if>
+ <if>
+ <condition>
+ <and>
+ <if-compare field-name="prodCatalog.purchaseAllowPermReqd" operator="equals" value="Y"/>
+ <not><if-has-permission permission="CATALOG_PURCHASE_ALLOW"/></not>
+ </and>
+ </condition>
+ <then>
+ <log level="verbose" message="Permission check failed, user does not have permission"/>
+ <set field="failMessage" value="Security Error: to run ${callingMethodName} you must have the CATALOG_PURCHASE_ALLOW permission."/>
+ <set field="hasPermission" type="Boolean" value="false"/>
+ </then>
+ </if>
+ </iterate>
+
+ <field-to-result field-name="hasPermission"/>
+ <field-to-result field-name="failMessage"/>
+ </simple-method>
</simple-methods>

Modified: ofbiz/trunk/applications/product/servicedef/services.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/servicedef/services.xml?view=diff&rev=507809&r1=507808&r2=507809
==============================================================================
--- ofbiz/trunk/applications/product/servicedef/services.xml (original)
+++ ofbiz/trunk/applications/product/servicedef/services.xml Wed Feb 14 20:12:07 2007
@@ -578,7 +578,7 @@
<service name="safeAddProductToCategory" default-entity-name="ProductCategoryMember" engine="simple"
location="org/ofbiz/product/category/CategoryServices.xml" invoke="addProductToCategory" auth="true">
<description>Add Product To Category</description>
- <permission-service service-name="checkCategoryRelatedPermissionService" main-action="CREATE"/>
+ <permission-service service-name="checkCategoryPermissionWithViewPurchaseAllow" main-action="CREATE"/>
<auto-attributes include="pk" mode="IN" optional="false"/>
<auto-attributes include="nonpk" mode="IN" optional="true"/>
</service>
@@ -586,7 +586,7 @@
<service name="addProductToCategories" default-entity-name="ProductCategoryMember" engine="simple"
location="org/ofbiz/product/category/CategoryServices.xml" invoke="addProductToCategories" auth="true">
<description>Add Product To Multiple Categories</description>
- <permission-service service-name="checkCategoryRelatedPermissionService" main-action="CREATE"/>
+ <permission-service service-name="checkCategoryPermissionWithViewPurchaseAllow" main-action="CREATE"/>
<auto-attributes include="pk" mode="IN" optional="false">
<exclude field-name="productCategoryId"/>
</auto-attributes>
@@ -597,7 +597,7 @@
<service name="addProductToCategory" default-entity-name="ProductCategoryMember" engine="simple"
location="org/ofbiz/product/category/CategoryServices.xml" invoke="addProductToCategory" auth="true">
<description>Add Product To Category</description>
- <permission-service service-name="checkCategoryRelatedPermissionService" main-action="CREATE"/>
+ <permission-service service-name="checkCategoryPermissionWithViewPurchaseAllow" main-action="CREATE"/>
<auto-attributes include="pk" mode="IN" optional="false"/>
<auto-attributes include="nonpk" mode="IN" optional="true"/>
<override name="fromDate" optional="true"/>
@@ -605,14 +605,14 @@
<service name="updateProductToCategory" default-entity-name="ProductCategoryMember" engine="simple"
location="org/ofbiz/product/category/CategoryServices.xml" invoke="updateProductToCategory" auth="true">
<description>Add Product To Category</description>
- <permission-service service-name="checkCategoryRelatedPermissionService" main-action="UPDATE"/>
+ <permission-service service-name="checkCategoryPermissionWithViewPurchaseAllow" main-action="UPDATE"/>
<auto-attributes include="pk" mode="IN" optional="false"/>
<auto-attributes include="nonpk" mode="IN" optional="true"/>
</service>
<service name="removeProductFromCategory" default-entity-name="ProductCategoryMember" engine="simple"
location="org/ofbiz/product/category/CategoryServices.xml" invoke="removeProductFromCategory" auth="true">
<description>Remove Product From Category</description>
- <permission-service service-name="checkCategoryRelatedPermissionService" main-action="DELETE"/>
+ <permission-service service-name="checkCategoryPermissionWithViewPurchaseAllow" main-action="DELETE"/>
<auto-attributes include="pk" mode="IN" optional="false"/>
</service>

@@ -727,7 +727,7 @@
location="org/ofbiz/product/category/CategoryServices.xml"
invoke="createProductCategoryLink" auth="true">
<description>Create a ProductCategoryLink</description>
- <permission-service service-name="checkCategoryRelatedPermissionService" main-action="CREATE"/>
+ <permission-service service-name="productCategoryGenericPermission" main-action="CREATE"/>
<auto-attributes include="pk" mode="IN" optional="false"/>
<auto-attributes include="nonpk" mode="IN" optional="true"/>
<override name="fromDate" optional="true" />
@@ -737,7 +737,7 @@
location="org/ofbiz/product/category/CategoryServices.xml"
invoke="updateProductCategoryLink" auth="true">
<description>Update a ProductCategoryLink</description>
- <permission-service service-name="checkCategoryRelatedPermissionService" main-action="UPDATE"/>
+ <permission-service service-name="productCategoryGenericPermission" main-action="UPDATE"/>
<auto-attributes include="pk" mode="IN" optional="false"/>
<auto-attributes include="nonpk" mode="IN" optional="true"/>
</service>
@@ -745,7 +745,7 @@
location="org/ofbiz/product/category/CategoryServices.xml"
invoke="deleteProductCategoryLink" auth="true">
<description>Delete a ProductCategoryLink</description>
- <permission-service service-name="checkCategoryRelatedPermissionService" main-action="DELETE"/>
+ <permission-service service-name="productCategoryGenericPermission" main-action="DELETE"/>
<auto-attributes include="pk" mode="IN" optional="false"/>
</service>

@@ -1035,10 +1035,13 @@
location="org/ofbiz/product/product/ProductServices.xml" invoke="productGenericPermission">
<implements service="permissionInterface"/>
</service>
- <service name="checkCategoryRelatedPermissionService" engine="simple"
- location="org/ofbiz/product/category/CategoryServices.xml" invoke="checkCategoryRelatedPermissionService">
+ <service name="productCategoryGenericPermission" engine="simple"
+ location="org/ofbiz/product/category/CategoryServices.xml" invoke="productCategoryGenericPermission">
+ <implements service="permissionInterface"/>
+ </service>
+ <service name="checkCategoryPermissionWithViewPurchaseAllow" engine="simple"
+ location="org/ofbiz/product/category/CategoryServices.xml" invoke="checkCategoryPermissionWithViewPurchaseAllow">
<implements service="permissionInterface"/>
<attribute type="String" mode="IN" name="productCategoryId" optional="true"/>
- <attribute type="List" mode="IN" name="categories" optional="true"/>
</service>
</services>

Modified: ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/controller.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/controller.xml?view=diff&rev=507809&r1=507808&r2=507809
==============================================================================
--- ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/controller.xml (original)
+++ ofbiz/trunk/applications/product/webapp/catalog/WEB-INF/controller.xml Wed Feb 14 20:12:07 2007
@@ -187,7 +187,6 @@
<response name="error" type="view" value="EditCategory"/>
</request-map>

-

<request-map uri="EditCategoryRollup">
<security https="true" auth="true"/>
@@ -405,6 +404,54 @@
<response name="error" type="view" value="EditCategoryContent"/>
</request-map>

+ 
+ <request-map uri="EditCategoryAttributes">
+ <security https="true" auth="true"/>
+ <response name="success" type="view" value="EditCategoryAttributes"/>
+ </request-map>
+ <request-map uri="createProductCategoryAttribute">
+ <security https="true" auth="true"/>
+ <event type="service" path="" invoke="createProductCategoryAttribute"/>
+ <response name="success" type="view" value="EditCategoryAttributes"/>
+ <response name="error" type="view" value="EditCategoryAttributes"/>
+ </request-map>
+ <request-map uri="updateProductCategoryAttribute">
+ <security https="true" auth="true"/>
+ <event type="service" path="" invoke="updateProductCategoryAttribute"/>
+ <response name="success" type="view" value="EditCategoryAttributes"/>
+ <response name="error" type="view" value="EditCategoryAttributes"/>
+ </request-map>
+ <request-map uri="deleteProductCategoryAttribute">
+ <security https="true" auth="true"/>
+ <event type="service" path="" invoke="deleteProductCategoryAttribute"/>
+ <response name="success" type="view" value="EditCategoryAttributes"/>
+ <response name="error" type="view" value="EditCategoryAttributes"/>
+ </request-map>
+
+ 
+ <request-map uri="EditProductCategoryLinks">
+ <security https="true" auth="true"/>
+ <response name="success" type="view" value="EditProductCategoryLinks"/>
+ </request-map>
+ <request-map uri="createProductCategoryLink">
+ <security https="true" auth="true"/>
+ <event type="service" path="" invoke="createProductCategoryLink"/>
+ <response name="success" type="view" value="EditProductCategoryLinks"/>
+ <response name="error" type="view" value="EditProductCategoryLinks"/>
+ </request-map>
+ <request-map uri="updateProductCategoryLink">
+ <security https="true" auth="true"/>
+ <event type="service" path="" invoke="updateProductCategoryLink"/>
+ <response name="success" type="view" value="EditProductCategoryLinks"/>
+ <response name="error" type="view" value="EditProductCategoryLinks"/>
+ </request-map>
+ <request-map uri="deleteProductCategoryLink">
+ <security https="true" auth="true"/>
+ <event type="service" path="" invoke="deleteProductCategoryLink"/>
+ <response name="success" type="view" value="EditProductCategoryLinks"/>
+ <response name="error" type="view" value="EditProductCategoryLinks"/>
+ </request-map>
+

<request-map uri="EditProduct">
<security https="true" auth="true"/>
@@ -696,54 +743,6 @@
<response name="error" type="view" value="EditProductCategories"/>
</request-map>

- 
- <request-map uri="EditCategoryAttributes">
- <security https="true" auth="true"/>
- <response name="success" type="view" value="EditCategoryAttributes"/>
- </request-map>
- <request-map uri="createProductCategoryAttribute">
- <security https="true" auth="true"/>
- <event type="service" path="" invoke="createProductCategoryAttribute"/>
- <response name="success" type="view" value="EditCategoryAttributes"/>
- <response name="error" type="view" value="EditCategoryAttributes"/>
- </request-map>
- <request-map uri="updateProductCategoryAttribute">
- <security https="true" auth="true"/>
- <event type="service" path="" invoke="updateProductCategoryAttribute"/>
- <response name="success" type="view" value="EditCategoryAttributes"/>
- <response name="error" type="view" value="EditCategoryAttributes"/>
- </request-map>
- <request-map uri="deleteProductCategoryAttribute">
- <security https="true" auth="true"/>
- <event type="service" path="" invoke="deleteProductCategoryAttribute"/>
- <response name="success" type="view" value="EditCategoryAttributes"/>
- <response name="error" type="view" value="EditCategoryAttributes"/>
- </request-map>
-
- 
- <request-map uri="EditProductCategoryLinks">
- <security https="true" auth="true"/>
- <response name="success" type="view" value="EditProductCategoryLinks"/>
- </request-map>
- <request-map uri="createProductCategoryLink">
- <security https="true" auth="true"/>
- <event type="service" path="" invoke="createProductCategoryLink"/>
- <response name="success" type="view" value="EditProductCategoryLinks"/>
- <response name="error" type="view" value="EditProductCategoryLinks"/>
- </request-map>
- <request-map uri="updateProductCategoryLink">
- <security https="true" auth="true"/>
- <event type="service" path="" invoke="updateProductCategoryLink"/>
- <response name="success" type="view" value="EditProductCategoryLinks"/>
- <response name="error" type="view" value="EditProductCategoryLinks"/>
- </request-map>
- <request-map uri="deleteProductCategoryLink">
- <security https="true" auth="true"/>
- <event type="service" path="" invoke="deleteProductCategoryLink"/>
- <response name="success" type="view" value="EditProductCategoryLinks"/>
- <response name="error" type="view" value="EditProductCategoryLinks"/>
- </request-map>
-

<request-map uri="EditProductKeyword">
<security https="true" auth="true"/>