Hi guys,
here are some notes from my first look at JCR branch:
There are some jars which already exists in the project (with
different versions though). Is that needed?
pdfbox
slf4j-api
tika-core
tika-parsers
I see also some interfaces and classes not used at all.
HealthCheck, HealthCheckJackra
I hope you understand that any mechanism in the inherited permissions
scheme that enforces a permission check on a called service can still be
circumvented by passing the "system" or "admin" userLogin. The
additional check will be pointless.
-Adrian
On 11/23/2011 9:59 PM, Nicolas Malin wrote:
Le 23/11/2011 22:56, Adrian Crum a écrit :
I agree that there are many improvements that can be made to the
screen widgets. If you would like to submit patches against the
branch, then you are welcome to do so.
Ok thanks Adrian, I check with my team and will open jira issue for each
improveme
Le 23/11/2011 22:50, Adrian Crum a écrit :
As I mentioned in my original post, this scenario already exists by
passing the "system" or "admin" userLogin to the called service. So,
that potential already exists and is being exploited.
completely agree, and it's not always a good thing.
I especi
I agree that there are many improvements that can be made to the screen
widgets. If you would like to submit patches against the branch, then
you are welcome to do so.
-Adrian
On 11/23/2011 9:39 PM, Nicolas Malin wrote:
Oops scuse me bad english review :/
Hi Adrian,
Thanks for your screen e
As I mentioned in my original post, this scenario already exists by
passing the "system" or "admin" userLogin to the called service. So,
that potential already exists and is being exploited.
-Adrian
On 11/23/2011 9:46 PM, Nicolas Malin wrote:
Le 23/11/2011 22:19, Adrian Crum a écrit :
Why wo
Le 23/11/2011 22:19, Adrian Crum a écrit :
Why would you need to force another permission check?
As example : To sure that a other application will not call a service
with admin permission by a service with only update permission. Normally
this situation will not existed, but if it's really imp
Oops scuse me bad english review :/
Hi Adrian,
Thanks for your screen engine enhancement and the branch creation.
We have most screen engine improvements in our addons library that we
wish give them to Apache OFBiz community.
Some one are already available as jira issues, some are still addons
Hi Adrian,
Thanks for your screen engine enhancement and the branch creation.
We have most screen engine improvement on addons library that we wish
give to Apache OFBiz community.
Some one are on jira issue, some one on addons (portlet system
improvement for management screen, ...) and will fin
Le 22/11/2011 02:25, Anne a écrit :
Last week I attended the Open Source Developers Conference in Australia. I
went to a few talks that discussed using Groovy to create a DSL. At the
time, I thought it would be a great replacement for minilang. Properly
designed, it could have all the benefits of
Why would you need to force another permission check?
-Adrian
On 11/23/2011 8:54 PM, Nicolas Malin wrote:
Hi adrian,
If a explain in my words, (if I really understand you solution) :
On your first service, you declare permissions and force the inherit
authorization on sub services called.
O
Hi adrian,
If a explain in my words, (if I really understand you solution) :
On your first service, you declare permissions and force the inherit
authorization on sub services called.
On many case, your solution works fine, but for some service, I will
keep the possibility to force permission
[
https://issues.apache.org/jira/browse/OFBIZ-4573?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erwan de FERRIERES closed OFBIZ-4573.
-
Resolution: Fixed
Fix Version/s: SVN trunk
done at r1205156
Thanks Youssef
[
https://issues.apache.org/jira/browse/OFBIZ-4584?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erwan de FERRIERES closed OFBIZ-4584.
-
Resolution: Fixed
Fix Version/s: SVN trunk
done at r1205554
Thanks Youssef.
BTW, I
The benefits of the inheritable permissions approach are not a new
concept to me. Keep in mind I was the first person to suggest it.
In the absence of a complete framework rewrite, do you think this
approach would work?
-Adrian
On 11/23/2011 6:19 PM, David E Jones wrote:
Adrian,
It sounds
Adrian,
It sounds like you're starting to get the point of the run-time
inheritable permission approach that I was trying to introduce into the
project a while back. The general idea being the permission inheritance
is based on screens/services/etc calling other artifacts, ie you keep
track of a
Hi Bilgin, thank u. No not really we had some discussion here in the
ML nothing else: http://ofbiz.markmail.org/search/?q=jackrabbit
Do you look for special information?
2011/11/23 Bilgin Ibryam :
> I'm looking into it, sorry for the delay.
>
> BTW is there any discussion thread about this branch
I'm looking into it, sorry for the delay.
BTW is there any discussion thread about this branch? (I know the
confluence page)
Bilgin
On Wed, Nov 23, 2011 at 9:49 AM, Sascha Rodekamp
wrote:
> ping
>
> 2011/11/15 Bilgin Ibryam :
>> I promise to have a look this weekend and give my opinion and vot
[
https://issues.apache.org/jira/browse/OFBIZ-4583?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13155944#comment-13155944
]
Wai commented on OFBIZ-4583:
I think using groovy method of calling java methods would suffice
[
https://issues.apache.org/jira/browse/OFBIZ-4583?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Wai closed OFBIZ-4583.
--
Resolution: Not A Problem
> Specify use of static java method from screen widget and form widget
>
missing version in jira for the 2015ScreenWidgetRedesign branch (visitor
pattern implementation)
Key: OFBIZ-4590
URL: https://issues.apache.org/jira/browse/OF
[
https://issues.apache.org/jira/browse/OFBIZ-3383?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sam Hamilton closed OFBIZ-3383.
---
> Facility Inventory History Report Error
> ---
>
>
[
https://issues.apache.org/jira/browse/OFBIZ-4431?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sam Hamilton closed OFBIZ-4431.
---
> Error when deleting a product image from content
>
[
https://issues.apache.org/jira/browse/OFBIZ-4431?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sam Hamilton resolved OFBIZ-4431.
-
Resolution: Fixed
Fix Version/s: SVN trunk
Just retested this problem and its fixed so clo
[
https://issues.apache.org/jira/browse/OFBIZ-3383?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sam Hamilton resolved OFBIZ-3383.
-
Resolution: Fixed
Fix Version/s: SVN trunk
Just checked to see if this was still broken bu
ping
2011/11/15 Bilgin Ibryam :
> I promise to have a look this weekend and give my opinion and vote.
>
> I know you asked about it on dev list some time ago, but I think more
> time is needed, so at least few more committers have a look.
>
> It is a major feature, thanks for pushing hard for it S
Problem when saving a product to a shopping list
Key: OFBIZ-4589
URL: https://issues.apache.org/jira/browse/OFBIZ-4589
Project: OFBiz
Issue Type: Bug
Components: specialpurpose/ecomm
I am running into that familiar problem of handling authorization in
nested services. Example:
Application A
Invoke Service "A"
Authorized with permissions "A"
Invokes Service "C" in Application "C"
Authorized with permissions "C"
In order for a user to run Service "A", I have t
28 matches
Mail list logo