> Hello:
>
>  
>
> How does the security API handle something like ability to view calendar
> entries for your “team” members? I understand that one would either
> extend OFBizSecurity or implement one’s own version, but I can’t see how
> the only relevant function (hasRolePermission) would handle it. I feel
> that other functions with additional parameters may be required.
>
>  
>
> To further clarify my questions, let’s use a simple data model example.
> Assume teams are parties and team members are associated with their
> teams through PartyRelationships (partyRelationshipTypeId is
> GROUP_ROLLUP, partyIdFrom is team, partyIdTo is member). Further assume
> partyA and partyB are both part of teamOne, and they are allowed to view
> each team member’s calendar. If partyA is logged in and wants to view
> partyB’s calendar, I expect to use a class that extends OFBizSecurity to
> handle this data model along with call to something like
> hasRolePermission. But it doesn’t seem to have enough arguments. I can
> write another function but that defeats the whole purpose of security API.
>
>  
>
> I also read Data Driven Security
> (http://ofbizwiki.go-integral.com/Wiki.jsp?page=DataDrivenSecurity) in
> wiki. The entity it uses ContentPurposeOperation does not seem to be
> part of the standard security data model. As far as I can tell, there
> are only 3 entities part of this model (OrderRole, FacilityRole,
> MarketingCampaignRole). What am I missing?
>
>  
>
> Thanks in advance.
>
> Vinay Agarwal
>
>  
>
>
> ------------------------------------------------------------------------
>
>  
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users