Adrian, Scott,
Do you mean using secas?
Currently, I am doing it with services too, but called from simple methods.
Typical flow:
1. <request-map> has an event (simple method) that does some work
2. Event codes first calls a permissions service, which checks all kinds of DB
values, ownership tags, etc.
3. Event codes may, depending on permissions check, return with a "noperm"
response code or continue execution and finally return a "success" code.
4. <request-map> has 2 views to cater for the "success" and the "failure"
conditions. "Failure" conditions all go to a generic failure screen which
displays the error message (eg, "you do not have permissions to do that!").
Jonathon
Adrian Crum wrote:
That's a great suggestion! I just used the service-based permissions for
my calendar program and it works great!
Scott Gray wrote:
Hi Jonathon
I haven't followed it closely but this should provide some info:
https://issues.apache.org/jira/browse/OFBIZ-609
Regards
Scott
On 22/06/07, Jonathon -- Improov <[EMAIL PROTECTED]> wrote:
In Widget screens, is there a way to check access permissions based on
data?
For eg, a data row with field "ownerId" of value "MY_COMPANY" can be
accessed (viewed) by users
associated with say a company named "MY_COMPANY", but cannot be
viewed by
users associated with
say a company named "OTHER_COMPANY". Is this possible inside Widget
screens? I have a feeling this
is possible.
Jonathon
