Re: svn commit: r585432 - /ofbiz/trunk/framework/common/webcommon/includes/appbar.ftl

Wed, 17 Oct 2007 09:15:45 -0700 

Jacopo,

How was the original logic incorrect? The original logic was this:

For each application:
  Permission to use the application defaults to false
  If the user has one of the permissions in the application's base-permission 
list,
    OR if the base-permission list contains "NONE", then permission to use
    the application is true
The reason all of the applications became visible to a user with the OFBTOOLS permission is because all of the applications have the OFBTOOLS permission in their base-permission list.
My understanding is that the OFBTOOLS permission was intended to grant access to the Webtools application. I don't know why it has been included in every other application. 

-Adrian


[EMAIL PROTECTED] wrote:

Author: jacopoc
Date: Wed Oct 17 03:00:52 2007
New Revision: 585432

URL: http://svn.apache.org/viewvc?rev=585432&view=rev
Log:
Fixed incorrect logic, introduced in rev. 584400, that was causing a problem in 
the main application bar: all the applications were visible to a user with the 
OFBTOOLS permission.

Modified:
    ofbiz/trunk/framework/common/webcommon/includes/appbar.ftl

Modified: ofbiz/trunk/framework/common/webcommon/includes/appbar.ftl
URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/webcommon/includes/appbar.ftl?rev=585432&r1=585431&r2=585432&view=diff
==============================================================================
--- ofbiz/trunk/framework/common/webcommon/includes/appbar.ftl (original)
+++ ofbiz/trunk/framework/common/webcommon/includes/appbar.ftl Wed Oct 17 
03:00:52 2007
@@ -28,12 +28,12 @@
     <ul>
       <#list displayApps as display>
         <#assign thisApp = display.getContextRoot()>
-        <#assign permission = false>
+        <#assign permission = true>
         <#assign selected = false>
         <#assign permissions = display.getBasePermission()>
         <#list permissions as perm>
-          <#if (perm == "NONE" || security.hasEntityPermission(perm, "_VIEW", session) || 
security.hasEntityPermission(perm, "_ADMIN", session))>
-            <#assign permission = true>
+          <#if (perm != "NONE" && (!security.hasEntityPermission(perm, "_VIEW", session) && 
!security.hasEntityPermission(perm, "_ADMIN", session)))>
+            <#assign permission = false>
           </#if>
         </#list>
         <#if permission == true>

Reply via email to