Hi,
I am walking through the PortalPage system and found something I would like
to discuss about:
1) each PortalPage has now a <field name="securityGroupId"
type="id"></field>. Shouldn't it be a simple securityPermissionId instead of
securityGroupId so that more than one securityGroup can have access to the
PortalPage?
The standard pattern should be to have a single permission for single
operation/resource access and than have this permission grouped with other
and assigned to a Party. Shouldn't it?
2) each PortalPortlet has now a <field name="securityServiceName"
type="long-varchar"></field>. At the moment the services used in the OOTB
(portalPermissionIsEmployee, portalPermissionIsCustomer,
projectMgrRequestPermission), simply check respectively for
MYPORTAL_EMPLOYEE, MYPORTAL_CUSTOMER, PROJECTMGR_ADMIN. Only
projectMgrPermission service is a more complicate service.
Could we have also a securityPermissionId field that can be used instead of
securityServiceName when it is a simple permission that needs to be checked?
3) What is the purpose of securityMainAction ?
Thank you for sharing about this.
I am reviewing the PortalPage system improving the "include-portal-page"
widget and those items are somehow related. I hope to commit my work this
week end.
-Bruno
<entity entity-name="PortalPage" package-name="org.ofbiz.common.portal"
title="Defines a Portal Page"
default-resource-name="CommonPortalEntityLabels">
<field name="portalPageId" type="id-ne"></field>
<field name="portalPageName" type="name"></field>
<field name="description" type="description"></field>
<field name="ownerUserLoginId" type="id"></field>
<field name="originalPortalPageId" type="id"><description>The system
portal page this page is derived from</description></field>
<field name="parentPortalPageId" type="id"><description>the parent
this page is belonging to, normally the startpage of the portal page
group</description></field>
<field name="sequenceNum" type="numeric"></field>
<field name="securityGroupId" type="id"></field>
<prim-key field="portalPageId"/>
<relation type="one" fk-name="PortPage_PARENT" title="Parent"
rel-entity-name="PortalPage">
<key-map field-name="parentPortalPageId"
rel-field-name="portalPageId"/>
</relation>
<relation type="one" fk-name="PORTPAGE_SECGRP"
rel-entity-name="SecurityGroup">
<key-map field-name="securityGroupId" rel-field-name="groupId"/>
</relation>
</entity>
