Hi Simon,
like all screens can be listed from the screen xml files, it should also
be possible to get the related security rules from the screen
implementation. Security is also implemented in the related services
what can be more difficult because related services names and operation
can differ from the data entered on the screen.....
You could replace the current security system and make it memory based
on the screenname/action -> security group and servicename/action ->
security group relationship. Still also a solution is needed for the
databased data owner security rules....which could be defined as a
special action.....
Just some thoughts......
Regards,
Hans
On 06/11/15 16:04, simon maskell wrote:
Hi
We are looking at ways of being able to show permissions on any page inside
Ofbiz, this will allow us to easily see how the security for a page is
managed. Liferay does this very well, from any page you are able to go into
edit mode and view how the page is setup from a security level.
Because the security permissions are hard coded in Ofbiz we are struggling
to find a way of doing this.
Has anyone got a solution for this or if other people see this as an issue
can we look to make a change to how Ofbiz does the permissions? I have no
ideas around this for the moment and I know it probably wont be a small
task!!!
Simon
--
View this message in context:
http://ofbiz.135035.n4.nabble.com/Security-Permission-being-Viewable-tp4674195.html
Sent from the OFBiz - Dev mailing list archive at Nabble.com.
--
Regards,
Hans Bakker
CEO, http://antwebsystems.com
