That is true, but it's not quite that simple, or in other words there are other
things that need to have checks and filters, like an order find query, that
won't be do-able with a just service level permission checks and such.
-David
Jonathon -- Improov wrote:
Also, if you code your data retrieval functions into services, you can
use SECAs to slap on pre-checks (permissions checks).
But I thought there was something else done for this. The service engine
can call a custom-specified "permissions checking service" prior to
calling a service. So, a service "getPrivateInfo" can have a
custom-specified permissions service called "somePermissionsChecks"
attached to it.
Is that true?
Jonathon
David E Jones wrote:
Not configure per se, but the data structures are there and this sort
of thing has been done before, it's just a matter of a little
customization to filter queries and such how you want to.
-David
opablo wrote:
Hi,
We have an organization with two companies (the organization
headquarters at two different countries), each of them working
separately, but both included in the organization (so the organization
user views all data). Is there a way to configure OfBiz that a user from
a company can see only the orders from the company he/she belongs and is
not able to see the orders from the other company?
Regards,
Óscar
