Re: svn commit: r522985 - /ofbiz/trunk/applications/product/data/ProductSecurityData.xml

Sun, 29 Apr 2007 07:05:55 -0700 

I think a smaller group that has todo with prices change, then put in
Admin Group. This accomplish both.

This brings up on the best practice for Assigning permissions to logins.
Also best practice about laying out Permissions in the UI and services.

David E. Jones sent the following on 4/28/2007 9:22 AM:
> 
> Are we sure we want to do this? The point of the separate price
> maintenance permission was so that there would be a security group that
> had permission to do other stuff for the catalog/products, but NOT be
> able to change prices.
> 
> Adding that permission to the CATALOGADMIN group kind of nullifies the
> effect of the permission...
> 
> If you want a user to be able to change prices there are other security
> groups they can go in, like BIZADMIN, or perhaps we should add a small
> security group just for the additional price maintenance permission.
> 
> Before I make any changes, what are your thoughts on this Si (or anyone
> else)?
> 
> -David
> 
> 
> On Mar 27, 2007, at 10:20 AM, [EMAIL PROTECTED] wrote:
> 
>> Author: sichen
>> Date: Tue Mar 27 09:20:08 2007
>> New Revision: 522985
>>
>> URL: http://svn.apache.org/viewvc?view=rev&rev=522985
>> Log:
>> adding missing catalog price maint permission to catalog admin
>> security group
>>
>> Modified:
>>     ofbiz/trunk/applications/product/data/ProductSecurityData.xml
>>
>> Modified: ofbiz/trunk/applications/product/data/ProductSecurityData.xml
>> URL:
>> http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/data/ProductSecurityData.xml?view=diff&rev=522985&r1=522984&r2=522985
>>
>> ==============================================================================
>>
>> --- ofbiz/trunk/applications/product/data/ProductSecurityData.xml
>> (original)
>> +++ ofbiz/trunk/applications/product/data/ProductSecurityData.xml Tue
>> Mar 27 09:20:08 2007
>> @@ -41,6 +41,7 @@
>>
>>      <SecurityGroup description="Catalog Admin group, has all catalog
>> permissions." groupId="CATALOGADMIN"/>
>>      <SecurityGroupPermission groupId="CATALOGADMIN"
>> permissionId="CATALOG_ADMIN"/>
>> +    <SecurityGroupPermission groupId="CATALOGADMIN"
>> permissionId="CATALOG_PRICE_MAINT"/>
>>      <SecurityGroupPermission groupId="CATALOGADMIN"
>> permissionId="OFBTOOLS_VIEW"/>
>>
>>      <SecurityGroup description="Catalog Admin View and Purchase Allow
>> Products" groupId="CATALOGADMIN"/>
>>
>>
>

Reply via email to