OFBiz › OFBiz - Commits

svn commit: r561569 - /ofbiz/trunk/applications/party/data/PartySecurityData.xml

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

2 messages Options

sichen

svn commit: r561569 - /ofbiz/trunk/applications/party/data/PartySecurityData.xml

Author: sichen
Date: Tue Jul 31 15:09:15 2007
New Revision: 561569

URL: http://svn.apache.org/viewvc?view=rev&rev=561569
Log:
Not sure if this is intentional or a bug, so here's my fix. The PARTYADMIN user actually could not set security permissions for any of the users, and there was no SECURITY permission group that I could find

Modified:
ofbiz/trunk/applications/party/data/PartySecurityData.xml

Modified: ofbiz/trunk/applications/party/data/PartySecurityData.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/data/PartySecurityData.xml?view=diff&rev=561569&r1=561568&r2=561569
==============================================================================
--- ofbiz/trunk/applications/party/data/PartySecurityData.xml (original)
+++ ofbiz/trunk/applications/party/data/PartySecurityData.xml Tue Jul 31 15:09:15 2007
@@ -84,4 +84,7 @@
<SecurityGroupPermission groupId="FLEXADMIN" permissionId="SECURITY_UPDATE"/>
<SecurityGroupPermission groupId="FLEXADMIN" permissionId="SECURITY_VIEW"/>
<SecurityGroupPermission groupId="VIEWADMIN" permissionId="SECURITY_VIEW"/>
+
+ <SecurityGroupPermission groupId="PARTYADMIN" permissionId="SECURITY_ADMIN"/>
+
</entity-engine-xml>

David E Jones

Re: svn commit: r561569 - /ofbiz/trunk/applications/party/data/PartySecurityData.xml

Yeah, I'm pretty sure this was intentional. Security admin privileges should be very explicit and not part of any general group.

I think the intention of the PARTYADMIN group was for general party administration, but NOT the security administration side of parties.

We should discuss this, but I think the most flexible and secure would be to remove this and create a SECURITYADMIN group that has this permission for easy application when needed.

-David

[hidden email] wrote:

> Author: sichen
> Date: Tue Jul 31 15:09:15 2007
> New Revision: 561569
>
> URL: http://svn.apache.org/viewvc?view=rev&rev=561569
> Log:
> Not sure if this is intentional or a bug, so here's my fix. The PARTYADMIN user actually could not set security permissions for any of the users, and there was no SECURITY permission group that I could find
>
> Modified:
> ofbiz/trunk/applications/party/data/PartySecurityData.xml
>
> Modified: ofbiz/trunk/applications/party/data/PartySecurityData.xml
> URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/data/PartySecurityData.xml?view=diff&rev=561569&r1=561568&r2=561569
> ==============================================================================
> --- ofbiz/trunk/applications/party/data/PartySecurityData.xml (original)
> +++ ofbiz/trunk/applications/party/data/PartySecurityData.xml Tue Jul 31 15:09:15 2007
> @@ -84,4 +84,7 @@
> <SecurityGroupPermission groupId="FLEXADMIN" permissionId="SECURITY_UPDATE"/>
> <SecurityGroupPermission groupId="FLEXADMIN" permissionId="SECURITY_VIEW"/>
> <SecurityGroupPermission groupId="VIEWADMIN" permissionId="SECURITY_VIEW"/>
> +
> + <SecurityGroupPermission groupId="PARTYADMIN" permissionId="SECURITY_ADMIN"/>
> +
> </entity-engine-xml>
>
>