On Jun 10, 2008, at 6:44 AM, BJ Freeman wrote:
there is no security at record level.
Actually, there is.
there may be some way in code to sort based on partyID or login.
but it would seem to be a large job.
There are tools just for this, and many parts of the data model in
OFBiz were designed with this intent. It generally involves defining a
path from the Party in question to the target/desired entity through
relationships. This is usually do-able and easy to do with a single
view entity, and if a query on that entity with the proper constraints
returns any results then you know the user/party has the permission.
See the catalog role limited permissions and how they are defined and
used in the ProductServices.xml file for an example.
-David
stamilo sent the following on 6/10/2008 5:34 AM:
hi ,
i see the question how to create permission, but i have other
question
how create permission base on record?
like this:
user a create a record recorda;
user b create a record recrodb;
i want that:
user a only can see, edit , delete that records created by
himself;
user b only can see, edit , delete that records created by
himself;
but some guy may see all the records that create by user a and
user b;
.....
:)
thx!
