OFBiz Tutorials are a free service provided by HotWax Media in order to give OFBiz users more information on how to use their software, as well as giving valuable insight as to why OFBiz is a great solution for enterprise eCommerce.
In this post I will continue to discuss user permissions for Apache OFBiz.
In my initial post on user permissions we discussed giving user permission to access a particular application as well as the various levels of permission available. Depending on the user you can allow them only to view the application, have full administrative access or levels in between (e.g. creating, updating, or deleting records etc.).
Admin permission gives a particular user full access to view, create, update and delete records in a given application.
A single user can be assigned permissions to several applications giving you the flexibility to utilize the employee across a variety of projects, giving them just the amount of permissions that they need.
There are instances where a user has admin permission, yet they are not allowed to perform certain operations within the application based on permissions in other applications. For example, you may be attempting to view a product look up screen in the "Asset Maint" app but in order to do that you also need permission in the "Catalog" application.
The solution for not having to grant permission to an entire additional application is by defining ECA (Event Condition Access) rules that will extend user permission allowing the user to view the selected files in the "Catalog" application while logged into the "Asset Maint" application (of course this can be done for any app, "Asset Maint" and "Catalog" are simply examples).
The rule is defined in a file found under the "servicedef" folder in the component directory tree.
Now, whenever the user attempts to perform a catalog related operation in the "Asset Maint" app, the "catalogpermissioncheck" will run first. If a user does not have explicit permission a "haspermission" flag will come up as false. This is a generic interface used by permission services.
With the permission modifications, the "haspermission" interface will run the check from the "Asset Maint" permissions and see that from that application, the user can view aspects of the "Catalog" application. The "haspermission" flag will come back as true.
To view pathways, go to: http://www.hotwaxmedia.com/apache-ofbiz-blog/ofbiz-tutorial-how-to-use-eca’s-to-extend-service-permission/
Enterprise eCommerce is a powerful means of business in the 21st century. The growth potential is higher than any other form of commerce and offers the ability to reach customers all over the world 24 hours a day.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment