Hey Adrian, hm i don't think so, because the hasUpdatePermission is always true for the PROJECTADMIN, but the PROJECTADMIN should not be able to create new projects. Only a user with a permission PROJECT_ADMIN (i.e. FULLADMIN) can create new Projects. That's why i insert the second permission check. What do you think?
2011/4/1 Adrian Crum <[email protected]> > Shouldn't that permission check be included in the logic that assigns > hasUpdatePermission? > > -Adrian > > On 4/1/2011 5:23 AM, [email protected] wrote: > >> Author: sascharodekamp >> Date: Fri Apr 1 12:23:12 2011 >> New Revision: 1087680 >> >> URL: http://svn.apache.org/viewvc?rev=1087680&view=rev >> Log: >> BUG - PROJECTADMIN cannot create projects in projectmgr ( >> https://issues.apache.org/jira/browse/OFBIZ-3201). >> >> I add a new permission check to the ProjectMenu.xml to check weather the >> user have PROJECTMGR_ADMIN rights or not. If not he should not be able to >> create new Projects. >> That means that users which are in the security group PROJECTADMIN aren't >> allowed to create new projects by default. Because they are responsable for >> there own projects and not for creating new once. Maybe the name of the >> Permission group is a little bit confusing. The PROJECTADMIN is not the >> admin from the project module he is more a Project manager (an admin for his >> own projects). >> >> Modified: >> ofbiz/trunk/specialpurpose/projectmgr/widget/ProjectMenus.xml >> >> Modified: ofbiz/trunk/specialpurpose/projectmgr/widget/ProjectMenus.xml >> URL: >> http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/projectmgr/widget/ProjectMenus.xml?rev=1087680&r1=1087679&r2=1087680&view=diff >> >> ============================================================================== >> --- ofbiz/trunk/specialpurpose/projectmgr/widget/ProjectMenus.xml >> (original) >> +++ ofbiz/trunk/specialpurpose/projectmgr/widget/ProjectMenus.xml Fri Apr >> 1 12:23:12 2011 >> @@ -233,6 +233,7 @@ >> <condition> >> <and> >> <if-compare field="hasUpdatePermission" >> operator="equals" value="true"/> >> +<if-has-permission permission="PROJECTMGR" action="_ADMIN"/> >> </and> >> </condition> >> <link target="EditProject"/> >> >> >> -- Sascha Rodekamp Lynx-Consulting GmbH Johanniskirchplatz 6 D-33615 Bielefeld http://www.lynx.de
