It seems to me that Security Administration is used for OFBiz users, whereas Party Administration
isn't - since a party isn't necessarily a user.
David E Jones wrote:
Yeah, I'm pretty sure this was intentional. Security admin privileges
should be very explicit and not part of any general group.
I think the intention of the PARTYADMIN group was for general party
administration, but NOT the security administration side of parties.
We should discuss this, but I think the most flexible and secure would
be to remove this and create a SECURITYADMIN group that has this
permission for easy application when needed.
-David
[EMAIL PROTECTED] wrote:
Author: sichen
Date: Tue Jul 31 15:09:15 2007
New Revision: 561569
URL: http://svn.apache.org/viewvc?view=rev&rev=561569
Log:
Not sure if this is intentional or a bug, so here's my fix. The
PARTYADMIN user actually could not set security permissions for any of
the users, and there was no SECURITY permission group that I could find
Modified:
ofbiz/trunk/applications/party/data/PartySecurityData.xml
Modified: ofbiz/trunk/applications/party/data/PartySecurityData.xml
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/data/PartySecurityData.xml?view=diff&rev=561569&r1=561568&r2=561569
==============================================================================
--- ofbiz/trunk/applications/party/data/PartySecurityData.xml (original)
+++ ofbiz/trunk/applications/party/data/PartySecurityData.xml Tue Jul
31 15:09:15 2007
@@ -84,4 +84,7 @@
<SecurityGroupPermission groupId="FLEXADMIN"
permissionId="SECURITY_UPDATE"/>
<SecurityGroupPermission groupId="FLEXADMIN"
permissionId="SECURITY_VIEW"/>
<SecurityGroupPermission groupId="VIEWADMIN"
permissionId="SECURITY_VIEW"/>
+
+ <SecurityGroupPermission groupId="PARTYADMIN"
permissionId="SECURITY_ADMIN"/>
+
</entity-engine-xml>
