Thanks to both of you, this actually helped me to understand this a bit further. Since this method has the auth-tag set in the service description i will let the service do the authentication, just as you suggested
On 2018/01/24 23:27:34, Nicolas Malin <[email protected]> wrote: > As simplify the permission management, I prefer to manage all > > authentication access by the SOA. So only service will manage the > > authentication.> > > So if you convert a minilang to groovy report the problematic to the > > service definition related. Otherwise normally you haven't this problem > > on groovy. Maybe I missed something, don't hesitate to send a patch with > > the problem not solved for help my mind :)> > > Nicolas> > > > On 22/01/2018 09:17, Jacques Le Roux wrote:> > > Hi Dennis,> > >> > > That's a good question! I just saw that you also put a comment in the > > > current OFBIZ-10031 patch:> > >> > > // login-required tag?> > >> > > If we refer to the available documentation we have> > >> > > "Require a user login to run this method. Defaults to "true". > > > Optional. Attribute type: constant."> > >> > > and> > >> > > "If auth=false when you hit the request, even if you're not logged in, > > > it will allow you to go through. If auth=true, when you hit the > > > request if you're not logged in it will forward you over to the login > > > page"> > >> > > The later comes from an old David's E. Jones document: the "Apache > > > OFBiz Advanced Framework - Training Video Transcription"> > >> > > Here we have 2 options> > >> > > 1. We consider it simply as a service and then login-required is not > > > needed. This is for instance what has been done for> > > getPartyAccountingPreferences in > > > http://svn.apache.org/viewvc?view=revision&revision=1796731 There the > > > default (login-required=true) was used> > > 2. It seems redundant if you look at it from a service POV. But a > > > simple method can also be used in another context and I guess that's > > > why we have> > > this apparent redundancy. So we can do only 1 if it's only used as > > > a service (I guess for a service implementation much of the time, if not> > > always) else we need to change the call (in other simple-method/s) > > > to service call/s and then do 1.> > >> > > About> > >> > > >Where does this get checked and when?> > >> > > It's checked in SimpleMethod.exec(MethodContext methodContext) But > > > given my proposition above it should not be needed to port this part.> > >> > > About auth=true when you are not in the context of an UI (jobs): > > > runShoppingListAutoReorder shows that's then userLogin is supposed to > > > be in context.> > > I did not check but I guess, if auth=true, at this stage the service > > > engine would have already rejected the call if the userLogin is not in > > > the context.> > >> > > More thoughts are welcome.> > >> > > Jacques> > >> > > Le 05/01/2018 à 14:06, Dennis Balkir a écrit :> > >> Hi Devs,> > >>> > >> at the moment I am doing some Minilang to Groovy conversions > > >> (CategoryServices to be precise) and I found a simple method > > >> (getAssociatedProductsList), which set the tag „login-required“ to > > >> false.> > >> I then checked the service-definition of this method (which it had), > > >> and there it also sets the „auth“ tag to false.> > >> I tried to find, where these tags get checked in the Engine-Codes, > > >> specifically the serviceengine.xml, SimpleServiceEngine.java, > > >> ServiceEngine.java and SimpleMethod.java, but I cannot find for sure, > > >> where the authentication gets checked.> > >>> > >> The question for me is now: Is it necessary for the simple method to > > >> have the „login-required“ tag set to false, if the service definition > > >> set "auth" to false already?> > >> Where does this get checked and when?> > >> And of course: When the set of the „login-required“ tag in the > > >> simple-method is necessary, as well as the set „auth“ tag, how do I > > >> implement the „login-required=false“ in Groovy?> > >>> > >> Thanks in advance for your help> > >>> > >> Kind regards> > >> > >> > > -- Dennis Balkir Trainee Fon +49 521 448 157-90 Fax +49 521 448 157-99 Company and Management Headquarters: ecomify GmbH, Gustav-Winkler-Str. 22, 33699 Bielefeld, Deutschland Fon: +49 521 448157-90, Fax: +49 521 448157-99, www.ecomify.de Court Registration: Amtsgericht Bielefeld HRB 41683 Chief Executive Officer: Martin Becker, Michael Brohl
