OFBiz - Re: Users - Security API: What am I missing?

OFBiz › OFBiz - User

Re: Users - Security API: What am I missing?

Posted by Adrian Crum on
URL: http://ofbiz.116.s1.nabble.com/Users-Security-API-What-am-I-missing-tp139327p139341.html

No, it's best to determine what permissions the services are looking for and
assign those permissions to the user. You might need to assemble them into a
security group and assign that group to the user.

Vinay Agarwal wrote:

> That's the easy way of doing it which is essentially a custom security
> function. This poses another problem that once you have authenticated a
> userLogin to do something, other services may block that userLogin from some
> required stuff. Is changing userLogin to "system" the best way to do it?
>
> Vinay
>
> -----Original Message-----
> From: [hidden email] [mailto:[hidden email]]
> On Behalf Of Adrian Crum
> Sent: Thursday, May 18, 2006 9:35 AM
> To: OFBiz Users / Usage Discussion
> Subject: Re: [OFBiz] Users - Security API: What am I missing?
>
> It might be better to write a small routine to check for the proper
> relationships and roles.
>
>
> Vinay Agarwal wrote:
>
>>Hello:
>>
>>
>>
>>How does the security API handle something like ability to view calendar
>>entries for your "team" members? I understand that one would either
>>extend OFBizSecurity or implement one's own version, but I can't see how
>>the only relevant function (hasRolePermission) would handle it. I feel
>>that other functions with additional parameters may be required.
>>
>>
>>
>>To further clarify my questions, let's use a simple data model example.
>>Assume teams are parties and team members are associated with their
>>teams through PartyRelationships (partyRelationshipTypeId is
>>GROUP_ROLLUP, partyIdFrom is team, partyIdTo is member). Further assume
>>partyA and partyB are both part of teamOne, and they are allowed to view
>>each team member's calendar. If partyA is logged in and wants to view
>>partyB's calendar, I expect to use a class that extends OFBizSecurity to
>>handle this data model along with call to something like
>>hasRolePermission. But it doesn't seem to have enough arguments. I can
>>write another function but that defeats the whole purpose of security API.
>>
>>
>>
>>I also read Data Driven Security
>>(http://ofbizwiki.go-integral.com/Wiki.jsp?page=DataDrivenSecurity) in
>>wiki. The entity it uses ContentPurposeOperation does not seem to be
>>part of the standard security data model. As far as I can tell, there
>>are only 3 entities part of this model (OrderRole, FacilityRole,
>>MarketingCampaignRole). What am I missing?
>>
>>
>>
>>Thanks in advance.
>>
>>Vinay Agarwal
>>
>>
>>
>>
>>------------------------------------------------------------------------
>>
>>
>>_______________________________________________
>>Users mailing list
>>[hidden email]
>>http://lists.ofbiz.org/mailman/listinfo/users
>
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users
>

_______________________________________________
Users mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/users