svn commit: r685746 - in /ofbiz/trunk: framework/common/config/ specialpurpose/mypage/ specialpurpose/mypage/config/ specialpurpose/mypage/data/ specialpurpose/mypage/widget/
Locked
 
|
Author: hansbak
Date: Wed Aug 13 18:56:28 2008 New Revision: 685746 URL: http://svn.apache.org/viewvc?rev=685746&view=rev Log: added security, also added the possibility for custumers to see their entered requests under the new security rules, added demo data to test all this Added: ofbiz/trunk/specialpurpose/mypage/data/MyPageSecurityData.xml (with props) Modified: ofbiz/trunk/framework/common/config/CommonUiLabels.xml ofbiz/trunk/specialpurpose/mypage/config/MyPageUiLabels.xml ofbiz/trunk/specialpurpose/mypage/data/MyPageDemoData.xml ofbiz/trunk/specialpurpose/mypage/ofbiz-component.xml ofbiz/trunk/specialpurpose/mypage/widget/CommonScreens.xml ofbiz/trunk/specialpurpose/mypage/widget/MyPageMenus.xml Modified: ofbiz/trunk/framework/common/config/CommonUiLabels.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/config/CommonUiLabels.xml?rev=685746&r1=685745&r2=685746&view=diff ============================================================================== --- ofbiz/trunk/framework/common/config/CommonUiLabels.xml (original) +++ ofbiz/trunk/framework/common/config/CommonUiLabels.xml Wed Aug 13 18:56:28 2008 @@ -3644,6 +3644,9 @@ <value xml:lang="zh_CN">没æå°å</value> <value xml:lang="zh">æ å°å</value> </property> + <property key="CommonNoAccess"> + <value xml:lang="en">No Access to this function, contact your system administrator if you feel this is an error</value> + </property> <property key="CommonNoContactInformationOnFile"> <value xml:lang="ar">Ùا ٠عاÙ٠ات ØÙ٠اÙصÙØ© Ù٠اÙÙ ÙÙ</value> <value xml:lang="de">Keine Kontaktinformation hinterlegt</value> Modified: ofbiz/trunk/specialpurpose/mypage/config/MyPageUiLabels.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/mypage/config/MyPageUiLabels.xml?rev=685746&r1=685745&r2=685746&view=diff ============================================================================== --- ofbiz/trunk/specialpurpose/mypage/config/MyPageUiLabels.xml (original) +++ ofbiz/trunk/specialpurpose/mypage/config/MyPageUiLabels.xml Wed Aug 13 18:56:28 2008 @@ -26,6 +26,9 @@ <value xml:lang="en">All Communications</value> <value xml:lang="fr">Toutes les communications</value> </property> + <property key="IncomingCustRequests"> + <value xml:lang="en">Incoming customer requests</value> + </property> <property key="MyCommunications"> <value xml:lang="en">My Communications</value> <value xml:lang="fr">Mes communications</value> @@ -42,10 +45,25 @@ <value xml:lang="en">New Message</value> <value xml:lang="fr">Nouveau message</value> </property> + <property key="MyPageNoAccess1"> + <value xml:lang="en">No Access priviledges has been setup.</value> + </property> + <property key="MyPageNoAccess2"> + <value xml:lang="en">You do not have access to any function in the MyPage subsystem, please contact your system admin</value> + </property> + <property key="MyPageNoAccess3"> + <value xml:lang="en">At least MYPAGE_CUSTOMER or MYPAGE_EMPLOYEE permission is required</value> + </property> + <property key="MyPageNoAccess4"> + <value xml:lang="en">Use the demo userLogin id's 'DemoCustomer1' and 'DemoEmployee1' for a demo.</value> + </property> <property key="OpenEvents"> <value xml:lang="en">Open Communications</value> <value xml:lang="fr">Communications ouvertes</value> </property> + <property key="MyCustRequests"> + <value xml:lang="en">My customer requests</value> + </property> <property key="OtherCommunications"> <value xml:lang="en">Other Communications</value> <value xml:lang="fr">Autres communications</value> Modified: ofbiz/trunk/specialpurpose/mypage/data/MyPageDemoData.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/mypage/data/MyPageDemoData.xml?rev=685746&r1=685745&r2=685746&view=diff ============================================================================== --- ofbiz/trunk/specialpurpose/mypage/data/MyPageDemoData.xml (original) +++ ofbiz/trunk/specialpurpose/mypage/data/MyPageDemoData.xml Wed Aug 13 18:56:28 2008 @@ -35,4 +35,28 @@ <CommunicationEvent communicationEventId="9000" communicationEventTypeId="AUTO_EMAIL_COMM" statusId="COM_UNKNOWN_PARTY" contactMechTypeId="EMAIL_ADDRESS" contactMechIdTo="admin" roleTypeIdFrom="_NA_" roleTypeIdTo="_NA_" partyIdTo="admin" entryDate="2008-07-28 13:55:55.827" datetimeStarted="2008-07-28 13:55:19.0" subject="Why i would use the OFBiz system" contentMimeTypeId="text/plain" content="Every time i think of you, only you...you are always on my mind......." note="Sent from: [hidden email]; Sent Name from: Jo Easy User; Sent to: [hidden email]; Delivered-To: [hidden email]; " fromString="[hidden email]" toString="[hidden email]"/> <PartyRole partyId="admin" roleTypeId="ADDRESSEE"/> <CommunicationEventRole communicationEventId="9000" partyId="admin" roleTypeId="ADDRESSEE" contactMechId="admin" statusId="COM_ROLE_CREATED"/> + + <!-- mypage users --> + <!-- demo customer read access to his own customer requests and related tasks including planning and actual hours--> + <UserLoginSecurityGroup groupId="MYPAGE_CUSTOMER" userLoginId="DemoCustomer" fromDate="2000-01-01 00:00:00.0"/> + <!-- these customers also have access to the project manager (via rules in the project manager comp) --> + <UserLoginSecurityGroup groupId="MYPAGE_CUSTOMER" userLoginId="DemoCustomer1" fromDate="2000-01-01 00:00:00.0"/> + <UserLoginSecurityGroup groupId="MYPAGE_CUSTOMER" userLoginId="DemoCustomer2" fromDate="2000-01-01 00:00:00.0"/> + <UserLoginSecurityGroup groupId="MYPAGE_CUSTOMER" userLoginId="DemoCustomer3" fromDate="2000-01-01 00:00:00.0"/> + <!-- demo employee has limited projectmanager access including timesheets, can read/write internal notes--> + <UserLoginSecurityGroup groupId="MYPAGE_EMPLOYEE" userLoginId="DemoEmployee1" fromDate="2000-01-01 00:00:00.0"/> + <UserLoginSecurityGroup groupId="MYPAGE_EMPLOYEE" userLoginId="DemoEmployee2" fromDate="2000-01-01 00:00:00.0"/> + <UserLoginSecurityGroup groupId="MYPAGE_EMPLOYEE" userLoginId="DemoEmployee3" fromDate="2000-01-01 00:00:00.0"/> + <!-- employee have no access to any project --> + <UserLoginSecurityGroup groupId="MYPAGE_EMPLOYEE" userLoginId="DemoEmployee" fromDate="2000-01-01 00:00:00.0"/> + + <!-- admin logins --> + <UserLoginSecurityGroup groupId="MYPAGE_EMPLOYEE" userLoginId="admin" fromDate="2000-01-01 00:00:00.0"/> + <UserLoginSecurityGroup groupId="MYPAGE_CUSTOMER" userLoginId="admin" fromDate="2000-01-01 00:00:00.0"/> + <UserLoginSecurityGroup groupId="MYPAGE_EMPLOYEE" userLoginId="demoadmin" fromDate="2000-01-01 00:00:00.0"/> + <UserLoginSecurityGroup groupId="MYPAGE_CUSTOMER" userLoginId="demoadmin" fromDate="2000-01-01 00:00:00.0"/> + + + + </entity-engine-xml> Added: ofbiz/trunk/specialpurpose/mypage/data/MyPageSecurityData.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/mypage/data/MyPageSecurityData.xml?rev=685746&view=auto ============================================================================== --- ofbiz/trunk/specialpurpose/mypage/data/MyPageSecurityData.xml (added) +++ ofbiz/trunk/specialpurpose/mypage/data/MyPageSecurityData.xml Wed Aug 13 18:56:28 2008 @@ -0,0 +1,39 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, +software distributed under the License is distributed on an +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +KIND, either express or implied. See the License for the +specific language governing permissions and limitations +under the License. +--> +<entity-engine-xml> + + <SecurityPermission permissionId="MYPAGE_EMPLOYEE" description="Use the employee screens in mypage."/> + <SecurityGroup description="Employee user of mypage, giving limited access to the projectmanager and communications" groupId="MYPAGE_EMPLOYEE"/> + <SecurityGroupPermission groupId="MYPAGE_EMPLOYEE" permissionId="MYPAGE_EMPLOYEE"/> + <SecurityGroupPermission groupId="MYPAGE_EMPLOYEE" permissionId="PROJECTMGR_VIEW"/> + <SecurityGroupPermission groupId="MYPAGE_EMPLOYEE" permissionId="PROJECTMGR_ROLE_VIEW"/> + <SecurityGroupPermission groupId="MYPAGE_EMPLOYEE" permissionId="PROJECTMGR_ROLE_TASK_CREATE"/> + <SecurityGroupPermission groupId="MYPAGE_EMPLOYEE" permissionId="PROJECTMGR_ROLE_TIMESHEET_CREATE"/> + <SecurityGroupPermission groupId="MYPAGE_EMPLOYEE" permissionId="PROJECTMGR_ROLE_TIMESHEET_UPDATE"/> + <!-- be able to send and receive internal notes --> + <SecurityGroupPermission groupId="MYPAGE_EMPLOYEE" permissionId="PARTYMGR_CME_CREATE"/> + <SecurityGroupPermission groupId="MYPAGE_EMPLOYEE" permissionId="PARTYMGR_CME_UPDATE"/> + + <SecurityPermission permissionId="MYPAGE_CUSTOMER" description="Use the customer screens in mypage."/> + <SecurityGroup description="Customer user of mypage, giving limited access to entered customer requests and related tasks" groupId="MYPAGE_CUSTOMER"/> + <SecurityGroupPermission groupId="MYPAGE_CUSTOMER" permissionId="MYPAGE_CUSTOMER"/> + + +</entity-engine-xml> Propchange: ofbiz/trunk/specialpurpose/mypage/data/MyPageSecurityData.xml ------------------------------------------------------------------------------ svn:eol-style = native Propchange: ofbiz/trunk/specialpurpose/mypage/data/MyPageSecurityData.xml ------------------------------------------------------------------------------ svn:keywords = Date Rev Author URL Id Propchange: ofbiz/trunk/specialpurpose/mypage/data/MyPageSecurityData.xml ------------------------------------------------------------------------------ svn:mime-type = text/xml Modified: ofbiz/trunk/specialpurpose/mypage/ofbiz-component.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/mypage/ofbiz-component.xml?rev=685746&r1=685745&r2=685746&view=diff ============================================================================== --- ofbiz/trunk/specialpurpose/mypage/ofbiz-component.xml (original) +++ ofbiz/trunk/specialpurpose/mypage/ofbiz-component.xml Wed Aug 13 18:56:28 2008 @@ -26,6 +26,7 @@ <classpath type="dir" location="script"/> <entity-resource type="data" reader-name="seed" loader="main" location="data/MyPageTypeData.xml"/> + <entity-resource type="data" reader-name="seed" loader="main" location="data/MyPageSecurityData.xml"/> <entity-resource type="data" reader-name="demo" loader="main" location="data/MyPageDemoData.xml"/> <webapp name="mypage" Modified: ofbiz/trunk/specialpurpose/mypage/widget/CommonScreens.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/mypage/widget/CommonScreens.xml?rev=685746&r1=685745&r2=685746&view=diff ============================================================================== --- ofbiz/trunk/specialpurpose/mypage/widget/CommonScreens.xml (original) +++ ofbiz/trunk/specialpurpose/mypage/widget/CommonScreens.xml Wed Aug 13 18:56:28 2008 @@ -139,31 +139,40 @@ </widgets> </section> </screen> - <screen name="main"> - <section> - <actions> - <entity-one entity-name="PartyRole" value-name="isEmployee"> - <field-map field-name="partyId" env-name="userLogin.partyId" /> - <field-map field-name="roleTypeId" value="EMPLOYEE" /> - </entity-one> - </actions> - <widgets> + + <screen name="main"> + <section> + <widgets> + <section> + <condition> + <if-has-permission permission="MYPAGE_EMPLOYEE" /> + </condition> + <widgets> + <include-screen name="mainEmployee" /> + </widgets> + </section> <section> <condition> - <not> - <if-empty field-name="isEmployee" /> - </not> + <if-has-permission permission="MYPAGE_CUSTOMER" /> </condition> <widgets> - <include-screen name="mainEmployee" /> + <include-screen name="mainCustomer" /> </widgets> - <fail-widgets> - <include-screen name="mainNotEmployee" /> - </fail-widgets> </section> - </widgets> - </section> - </screen> + <section> + <condition> + <and> + <not><if-has-permission permission="MYPAGE_CUSTOMER"/></not> + <not><if-has-permission permission="MYPAGE_EMPLOYEE"/></not> + </and> + </condition> + <widgets> + <include-screen name="mainNoAccess" /> + </widgets> + </section> + </widgets> + </section> + </screen> <screen name="mainEmployee"> <section> @@ -200,7 +209,7 @@ <not><if-empty field-name="custRequests"/></not> </condition> <widgets> - <screenlet title="${uiLabelMap.OrderRequestList}" navigation-form-name="ListRequestList" > + <screenlet title="${uiLabelMap.IncomingCustRequests}" navigation-form-name="ListRequestList" > <include-form name="ListRequestList" location="component://order/webapp/ordermgr/request/RequestForms.xml"/> </screenlet> </widgets> @@ -260,7 +269,7 @@ </widgets> </section> </screen> - <screen name="mainNotEmployee"> + <screen name="mainCustomer"> <section> <actions> <entity-and list-name="custRequests" entity-name="WorkEffortCustRequestView"> @@ -272,7 +281,7 @@ <decorator-screen name="main-decorator" location="${parameters.mainDecoratorLocation}"> <decorator-section name="body"> - <screenlet title="${uiLabelMap.OrderRequestList}" navigation-form-name="ListRequestList" > + <screenlet title="${uiLabelMap.MyCustRequests}" navigation-form-name="ListRequestList" > <include-form name="ListCustRequests" location="component://mypage/widget/MyPageForms.xml"/> </screenlet> </decorator-section> @@ -280,6 +289,31 @@ </widgets> </section> </screen> + <screen name="mainNoAccess"> + <section> + <widgets> + <decorator-screen name="main-decorator" + location="${parameters.mainDecoratorLocation}"> + <decorator-section name="body"> + <screenlet title="${uiLabelMap.CommonNoAccess}" navigation-form-name="ListRequestList" > + <container> + <label style="h1" text="${uiLabelMap.MyPageNoAccess1}"></label> + </container> + <container> + <label style="h2" text="${uiLabelMap.MyPageNoAccess2}"></label> + </container> + <container> + <label style="h3" text="${uiLabelMap.MyPageNoAccess3}"></label> + </container> + <container> + <label style="h3" text="${uiLabelMap.MyPageNoAccess4}"></label> + </container> + </screenlet> + </decorator-section> + </decorator-screen> + </widgets> + </section> + </screen> <screen name="preferences"> <section> <actions> Modified: ofbiz/trunk/specialpurpose/mypage/widget/MyPageMenus.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/mypage/widget/MyPageMenus.xml?rev=685746&r1=685745&r2=685746&view=diff ============================================================================== --- ofbiz/trunk/specialpurpose/mypage/widget/MyPageMenus.xml (original) +++ ofbiz/trunk/specialpurpose/mypage/widget/MyPageMenus.xml Wed Aug 13 18:56:28 2008 @@ -92,7 +92,7 @@ </menu-item> <menu-item name="preferences" title="${uiLabelMap.CommonPreferences}" align-style="opposed"> <condition> - <not><if-empty field-name="userLogin"/></not> + <if-has-permission permission="MYPAGE_EMPLOYEE"/> </condition> <link target="preferences"/> </menu-item> |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |