> SVN : 6759
>
> Two things I have noticed in relation to security.
> They may be by design
> so I'm not sure they are issues
> I have been trying to create a new security group
> (FACILITY_RESTRICT)
> which has retricted access to a subset of facilities.
> Initially I just
> wanted access to facility list (I know FACILITY_ADMIN
> etc will be needed
> to do anything of consequence)
>
> 1. To start with I created a new party and user login
> and assigned the
> FACILITY_VIEW permission. However I also had to add in
> OFBTOOLS_VIEW
> permission to get the login screen to actual get me to
> the list of
> facilities - why?
> 2. Secondly this issue took me some time to resolve
> because of cacheing.
> If I removed a permission(say OFBTOOLS_VIEW) then this
> was immediately
> checked at next login (which would be within say 10
> secs). However if I
> re-added the missing permission this would NOT be
> checked or found until
> after I emptied cache . Is this by design? (I presume
> the cache would
> reset itself in time anyway?)
>
> Daniel
>
>
>
> ___________________________________________________________
> Win a BlackBerry device from O2 with Yahoo!. Enter now. http://www.yahoo.co.uk/blackberry
>  
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users
>