Re: svn commit: r585432 - /ofbiz/trunk/framework/common/webcommon/includes/appbar.ftl

Wed, 17 Oct 2007 22:10:23 -0700 

Adrian,
Last I saw, if the base permission lists more than 1 item, then a userlogin will require ALL the items on that list. 

Pretty strange, yeah. But that's how I saw it work.

Jonathon

Adrian Crum wrote:

Jacopo,

How was the original logic incorrect? The original logic was this:

For each application:
  Permission to use the application defaults to false

  If the user has one of the permissions in the application's 
base-permission list,

    OR if the base-permission list contains "NONE", then permission to use
    the application is true


The reason all of the applications became visible to a user with the 
OFBTOOLS permission is because all of the applications have the OFBTOOLS 
permission in their base-permission list.



My understanding is that the OFBTOOLS permission was intended to grant 
access to the Webtools application. I don't know why it has been 
included in every other application.


-Adrian


[EMAIL PROTECTED] wrote:

Author: jacopoc
Date: Wed Oct 17 03:00:52 2007
New Revision: 585432

URL: http://svn.apache.org/viewvc?rev=585432&view=rev
Log:

Fixed incorrect logic, introduced in rev. 584400, that was causing a 
problem in the main application bar: all the applications were visible 
to a user with the OFBTOOLS permission.


Modified:
    ofbiz/trunk/framework/common/webcommon/includes/appbar.ftl

Modified: ofbiz/trunk/framework/common/webcommon/includes/appbar.ftl

URL: 
http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/webcommon/includes/appbar.ftl?rev=585432&r1=585431&r2=585432&view=diff 

============================================================================== 


--- ofbiz/trunk/framework/common/webcommon/includes/appbar.ftl (original)

+++ ofbiz/trunk/framework/common/webcommon/includes/appbar.ftl Wed Oct 
17 03:00:52 2007

@@ -28,12 +28,12 @@
     <ul>
       <#list displayApps as display>
         <#assign thisApp = display.getContextRoot()>
-        <#assign permission = false>
+        <#assign permission = true>
         <#assign selected = false>
         <#assign permissions = display.getBasePermission()>
         <#list permissions as perm>

-          <#if (perm == "NONE" || security.hasEntityPermission(perm, 
"_VIEW", session) || security.hasEntityPermission(perm, "_ADMIN", 
session))>

-            <#assign permission = true>

+          <#if (perm != "NONE" && 
(!security.hasEntityPermission(perm, "_VIEW", session) && 
!security.hasEntityPermission(perm, "_ADMIN", session)))>

+            <#assign permission = false>
           </#if>
         </#list>
         <#if permission == true>































					Reply via email to