You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ofbiz.apache.org by Adrian Crum <ad...@hlmksw.com> on 2007/09/13 00:49:51 UTC
Re: svn commit: r575113 - in /ofbiz/trunk/specialpurpose/assetmaint:
data/ data/AssetMaintSecurityData.xml ofbiz-component.xml script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
servicedef/secas.xml servicedef/services.xml
Did you get it to work? David is supposed to be looking at this to help me debug it.
apatel@apache.org wrote:
> Author: apatel
> Date: Wed Sep 12 15:47:44 2007
> New Revision: 575113
>
> URL: http://svn.apache.org/viewvc?rev=575113&view=rev
> Log:
> Applying patch from Adrian with some improvements. Thanks Adrian.
>
> Added:
> ofbiz/trunk/specialpurpose/assetmaint/data/
> ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml
> ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml
> Modified:
> ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml
> ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
> ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml
>
> Added: ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml
> URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml?rev=575113&view=auto
> ==============================================================================
> --- ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml (added)
> +++ ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml Wed Sep 12 15:47:44 2007
> @@ -0,0 +1,40 @@
> +<?xml version="1.0" encoding="UTF-8"?>
> +<!--
> +Licensed to the Apache Software Foundation (ASF) under one
> +or more contributor license agreements. See the NOTICE file
> +distributed with this work for additional information
> +regarding copyright ownership. The ASF licenses this file
> +to you under the Apache License, Version 2.0 (the
> +"License"); you may not use this file except in compliance
> +with the License. You may obtain a copy of the License at
> +
> +http://www.apache.org/licenses/LICENSE-2.0
> +
> +Unless required by applicable law or agreed to in writing,
> +software distributed under the License is distributed on an
> +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> +KIND, either express or implied. See the License for the
> +specific language governing permissions and limitations
> +under the License.
> +-->
> +<entity-engine-xml>
> + <!-- Asset Maintenance security -->
> + <SecurityPermission description="ALL Asset Maintenance operations." permissionId="ASSETMAINT_ADMIN"/>
> + <SecurityPermission description="Asset Maintenance View permission." permissionId="ASSETMAINT_VIEW"/>
> + <SecurityPermission description="Asset Maintenance Create operations." permissionId="ASSETMAINT_CREATE"/>
> + <SecurityPermission description="Asset Maintenance Update operations." permissionId="ASSETMAINT_UPDATE"/>
> + <SecurityPermission description="Asset Maintenance Delete operations." permissionId="ASSETMAINT_DELETE"/>
> +
> + <SecurityGroup description="Asset Maintenance Admin group, has all maintenance permissions." groupId="ASSETMAINTADMIN"/>
> + <SecurityGroup description="Asset Maintenance Technician group, has view and update." groupId="ASSETMAINTTECH"/>
> +
> + <SecurityGroupPermission groupId="ASSETMAINTADMIN" permissionId="ACCOUNTING_CREATE"/>
> + <SecurityGroupPermission groupId="ASSETMAINTADMIN" permissionId="ASSETMAINT_ADMIN"/>
> + <SecurityGroupPermission groupId="ASSETMAINTADMIN" permissionId="ASSETMAINT_VIEW"/>
> +
> + <SecurityGroupPermission groupId="ASSETMAINTTECH" permissionId="ASSETMAINT_VIEW"/>
> + <SecurityGroupPermission groupId="ASSETMAINTTECH" permissionId="ASSETMAINT_UPDATE"/>
> + <SecurityGroupPermission groupId="ASSETMAINTTECH" permissionId="ACCOUNTING_UPDATE"/>
> +
> + <SecurityGroupPermission groupId="FULLADMIN" permissionId="ASSETMAINT_ADMIN"/>
> +</entity-engine-xml>
>
> Modified: ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml
> URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml?rev=575113&r1=575112&r2=575113&view=diff
> ==============================================================================
> --- ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml (original)
> +++ ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml Wed Sep 12 15:47:44 2007
> @@ -37,13 +37,13 @@
>
> <!-- service resources: model(s), eca(s) and group definitions -->
> <service-resource type="model" loader="main" location="servicedef/services.xml"/>
> -
> + <service-resource type="eca" loader="main" location="servicedef/secas.xml"/>
>
> <webapp name="assetmaint"
> title="AssetMaint"
> server="default-server"
> location="webapp/assetmaint"
> - base-permission="OFBTOOLS"
> + base-permission="ASSETMAINT"
> mount-point="/assetmaint"
> - app-bar-display="false"/>
> + app-bar-display="true"/>
> </ofbiz-component>
>
> Modified: ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
> URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml?rev=575113&r1=575112&r2=575113&view=diff
> ==============================================================================
> --- ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml (original)
> +++ ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml Wed Sep 12 15:47:44 2007
> @@ -68,5 +68,27 @@
> <call-service service-name="createWorkEffortAndAssoc" in-map-name="createWorkEffortAndAssocCtx"/>
> <check-errors/>
> </simple-method>
> +
> + <!-- ==============Permission Checking Service============= -->
> + <simple-method method-name="assetMaintPermissionCheck" short-description="Asset Maintenance permission logic">
> + <if-has-permission permission="ASSETMAINT_ADMIN">
> + <set field="hasPermission" type="Boolean" value="true"/>
> + <else>
> + <if-has-permission permission="ASSETMAINT" action="_${parameters.mainAction}">
> + <set field="hasPermission" type="Boolean" value="true"/>
> + <else>
> + <set field="hasPermission" type="Boolean" value="false"/>
> + <set field="failMessage" value="Security Error: you must have one of the following permissions:
> + ACCOUNTING_${parameters.mainAction}, ACCOUNTING_ROLE_${parameters.mainAction}, ACCOUNTING_ADMIN, ASSETMAINT_${parameters.mainAction}, ASSETMAINT_ADMIN"/>
> + <field-to-result field-name="failMessage"/>
> + </else>
> + </if-has-permission>
> + </else>
> + </if-has-permission>
> + <field-to-result field-name="hasPermission"/>
> + <log level="info" message="assetMaintPermissionCheck ran"/>
> + <log level="info" message="hasPermission = ${hasPermission}"/>
> + </simple-method>
> +
> </simple-methods>
> -
> \ No newline at end of file
> +
>
> Added: ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml
> URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml?rev=575113&view=auto
> ==============================================================================
> --- ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml (added)
> +++ ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml Wed Sep 12 15:47:44 2007
> @@ -0,0 +1,30 @@
> +<?xml version="1.0" encoding="UTF-8"?>
> +<!--
> +Licensed to the Apache Software Foundation (ASF) under one
> +or more contributor license agreements. See the NOTICE file
> +distributed with this work for additional information
> +regarding copyright ownership. The ASF licenses this file
> +to you under the Apache License, Version 2.0 (the
> +"License"); you may not use this file except in compliance
> +with the License. You may obtain a copy of the License at
> +
> +http://www.apache.org/licenses/LICENSE-2.0
> +
> +Unless required by applicable law or agreed to in writing,
> +software distributed under the License is distributed on an
> +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> +KIND, either express or implied. See the License for the
> +specific language governing permissions and limitations
> +under the License.
> +-->
> +
> +<service-eca xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> + xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/service-eca.xsd">
> +
> + <!-- ECAs used to extend service permission checking -->
> + <eca service="fixedAssetPermissionCheck" event="return" run-on-failure="true" run-on-error="true">
> + <condition field-name="hasPermission" operator="equals" value="false" type="Boolean"/>
> + <action service="assetMaintPermissionCheck" mode="sync"/>
> + </eca>
> +
> +</service-eca>
>
> Modified: ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml
> URL: http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml?rev=575113&r1=575112&r2=575113&view=diff
> ==============================================================================
> --- ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml (original)
> +++ ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml Wed Sep 12 15:47:44 2007
> @@ -31,4 +31,9 @@
> <attribute type="String" mode="IN" name="facilityId" optional="false"/>
> </service>
>
> + <service name="assetMaintPermissionCheck" engine="simple"
> + location="component://assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml" invoke="assetMaintPermissionCheck">
> + <description>Asset Maintentance Permission Checking Logic</description>
> + <implements service="permissionInterface"/>
> + </service>
> </services>
>
>
>
Re: svn commit: r575113 - in /ofbiz/trunk/specialpurpose/assetmaint:
data/ data/AssetMaintSecurityData.xml ofbiz-component.xml script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
servicedef/secas.xml servicedef/services.xml
Posted by Adrian Crum <ad...@hlmksw.com>.
Anil,
The concept is to have the component use its own permissions - not the accounting permissions. So,
the AssetMaintSecurityData.xml file should NOT contain any ACCOUNTING_xxx permissions. Also, the
ASSETMAINT_ADMIN permission grants permission to ALL operations, so there is no need to combine it
with the ASSETMAINT_VIEW permission.
-Adrian
Anil K Patel wrote:
> Adrian,
> I am looking at it. Just got the basic permission data added.
>
> Regards
> Anil Patel
>
>
> Adrian Crum wrote:
>
>> Did you get it to work? David is supposed to be looking at this to
>> help me debug it.
>>
>> apatel@apache.org wrote:
>>
>>> Author: apatel
>>> Date: Wed Sep 12 15:47:44 2007
>>> New Revision: 575113
>>>
>>> URL: http://svn.apache.org/viewvc?rev=575113&view=rev
>>> Log:
>>> Applying patch from Adrian with some improvements. Thanks Adrian.
>>>
>>> Added:
>>> ofbiz/trunk/specialpurpose/assetmaint/data/
>>>
>>> ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml
>>> ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml
>>> Modified:
>>> ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml
>>>
>>> ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
>>>
>>> ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml
>>>
>>> Added:
>>> ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml
>>> URL:
>>> http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml?rev=575113&view=auto
>>>
>>> ==============================================================================
>>>
>>> ---
>>> ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml
>>> (added)
>>> +++
>>> ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml
>>> Wed Sep 12 15:47:44 2007
>>> @@ -0,0 +1,40 @@
>>> +<?xml version="1.0" encoding="UTF-8"?>
>>> +<!--
>>> +Licensed to the Apache Software Foundation (ASF) under one
>>> +or more contributor license agreements. See the NOTICE file
>>> +distributed with this work for additional information
>>> +regarding copyright ownership. The ASF licenses this file
>>> +to you under the Apache License, Version 2.0 (the
>>> +"License"); you may not use this file except in compliance
>>> +with the License. You may obtain a copy of the License at
>>> +
>>> +http://www.apache.org/licenses/LICENSE-2.0
>>> +
>>> +Unless required by applicable law or agreed to in writing,
>>> +software distributed under the License is distributed on an
>>> +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>> +KIND, either express or implied. See the License for the
>>> +specific language governing permissions and limitations
>>> +under the License.
>>> +-->
>>> +<entity-engine-xml>
>>> + <!-- Asset Maintenance security -->
>>> + <SecurityPermission description="ALL Asset Maintenance
>>> operations." permissionId="ASSETMAINT_ADMIN"/>
>>> + <SecurityPermission description="Asset Maintenance View
>>> permission." permissionId="ASSETMAINT_VIEW"/>
>>> + <SecurityPermission description="Asset Maintenance Create
>>> operations." permissionId="ASSETMAINT_CREATE"/>
>>> + <SecurityPermission description="Asset Maintenance Update
>>> operations." permissionId="ASSETMAINT_UPDATE"/>
>>> + <SecurityPermission description="Asset Maintenance Delete
>>> operations." permissionId="ASSETMAINT_DELETE"/>
>>> +
>>> + <SecurityGroup description="Asset Maintenance Admin group, has
>>> all maintenance permissions." groupId="ASSETMAINTADMIN"/>
>>> + <SecurityGroup description="Asset Maintenance Technician group,
>>> has view and update." groupId="ASSETMAINTTECH"/>
>>> +
>>> + <SecurityGroupPermission groupId="ASSETMAINTADMIN"
>>> permissionId="ACCOUNTING_CREATE"/>
>>> + <SecurityGroupPermission groupId="ASSETMAINTADMIN"
>>> permissionId="ASSETMAINT_ADMIN"/>
>>> + <SecurityGroupPermission groupId="ASSETMAINTADMIN"
>>> permissionId="ASSETMAINT_VIEW"/>
>>> +
>>> + <SecurityGroupPermission groupId="ASSETMAINTTECH"
>>> permissionId="ASSETMAINT_VIEW"/>
>>> + <SecurityGroupPermission groupId="ASSETMAINTTECH"
>>> permissionId="ASSETMAINT_UPDATE"/>
>>> + <SecurityGroupPermission groupId="ASSETMAINTTECH"
>>> permissionId="ACCOUNTING_UPDATE"/>
>>> + + <SecurityGroupPermission groupId="FULLADMIN"
>>> permissionId="ASSETMAINT_ADMIN"/>
>>> +</entity-engine-xml>
>>>
>>> Modified: ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml
>>> URL:
>>> http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml?rev=575113&r1=575112&r2=575113&view=diff
>>>
>>> ==============================================================================
>>>
>>> --- ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml (original)
>>> +++ ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml Wed Sep
>>> 12 15:47:44 2007
>>> @@ -37,13 +37,13 @@
>>>
>>> <!-- service resources: model(s), eca(s) and group definitions -->
>>> <service-resource type="model" loader="main"
>>> location="servicedef/services.xml"/>
>>> -
>>> + <service-resource type="eca" loader="main"
>>> location="servicedef/secas.xml"/>
>>>
>>> <webapp name="assetmaint"
>>> title="AssetMaint"
>>> server="default-server"
>>> location="webapp/assetmaint"
>>> - base-permission="OFBTOOLS"
>>> + base-permission="ASSETMAINT"
>>> mount-point="/assetmaint"
>>> - app-bar-display="false"/>
>>> + app-bar-display="true"/>
>>> </ofbiz-component>
>>>
>>> Modified:
>>> ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
>>>
>>> URL:
>>> http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml?rev=575113&r1=575112&r2=575113&view=diff
>>>
>>> ==============================================================================
>>>
>>> ---
>>> ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
>>> (original)
>>> +++
>>> ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
>>> Wed Sep 12 15:47:44 2007
>>> @@ -68,5 +68,27 @@
>>> <call-service service-name="createWorkEffortAndAssoc"
>>> in-map-name="createWorkEffortAndAssocCtx"/>
>>> <check-errors/>
>>> </simple-method> +
>>> + <!-- ==============Permission Checking Service============= -->
>>> + <simple-method method-name="assetMaintPermissionCheck"
>>> short-description="Asset Maintenance permission logic">
>>> + <if-has-permission permission="ASSETMAINT_ADMIN">
>>> + <set field="hasPermission" type="Boolean" value="true"/>
>>> + <else>
>>> + <if-has-permission permission="ASSETMAINT"
>>> action="_${parameters.mainAction}">
>>> + <set field="hasPermission" type="Boolean"
>>> value="true"/>
>>> + <else>
>>> + <set field="hasPermission" type="Boolean"
>>> value="false"/>
>>> + <set field="failMessage" value="Security
>>> Error: you must have one of the following permissions:
>>> + ACCOUNTING_${parameters.mainAction},
>>> ACCOUNTING_ROLE_${parameters.mainAction}, ACCOUNTING_ADMIN,
>>> ASSETMAINT_${parameters.mainAction}, ASSETMAINT_ADMIN"/>
>>> + <field-to-result field-name="failMessage"/>
>>> + </else>
>>> + </if-has-permission>
>>> + </else>
>>> + </if-has-permission>
>>> + <field-to-result field-name="hasPermission"/>
>>> + <log level="info" message="assetMaintPermissionCheck ran"/>
>>> + <log level="info" message="hasPermission = ${hasPermission}"/>
>>> + </simple-method>
>>> +
>>> </simple-methods>
>>> - \ No newline at end of file
>>> + Added: ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml
>>> URL:
>>> http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml?rev=575113&view=auto
>>>
>>> ==============================================================================
>>>
>>> --- ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml (added)
>>> +++ ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml Wed
>>> Sep 12 15:47:44 2007
>>> @@ -0,0 +1,30 @@
>>> +<?xml version="1.0" encoding="UTF-8"?>
>>> +<!--
>>> +Licensed to the Apache Software Foundation (ASF) under one
>>> +or more contributor license agreements. See the NOTICE file
>>> +distributed with this work for additional information
>>> +regarding copyright ownership. The ASF licenses this file
>>> +to you under the Apache License, Version 2.0 (the
>>> +"License"); you may not use this file except in compliance
>>> +with the License. You may obtain a copy of the License at
>>> +
>>> +http://www.apache.org/licenses/LICENSE-2.0
>>> +
>>> +Unless required by applicable law or agreed to in writing,
>>> +software distributed under the License is distributed on an
>>> +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>> +KIND, either express or implied. See the License for the
>>> +specific language governing permissions and limitations
>>> +under the License.
>>> +-->
>>> +
>>> +<service-eca xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>>> +
>>> xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/service-eca.xsd">
>>>
>>> +
>>> + <!-- ECAs used to extend service permission checking -->
>>> + <eca service="fixedAssetPermissionCheck" event="return"
>>> run-on-failure="true" run-on-error="true">
>>> + <condition field-name="hasPermission" operator="equals"
>>> value="false" type="Boolean"/>
>>> + <action service="assetMaintPermissionCheck" mode="sync"/>
>>> + </eca>
>>> +
>>> +</service-eca>
>>>
>>> Modified: ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml
>>> URL:
>>> http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml?rev=575113&r1=575112&r2=575113&view=diff
>>>
>>> ==============================================================================
>>>
>>> --- ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml
>>> (original)
>>> +++ ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml Wed
>>> Sep 12 15:47:44 2007
>>> @@ -31,4 +31,9 @@
>>> <attribute type="String" mode="IN" name="facilityId"
>>> optional="false"/>
>>> </service>
>>> + <service name="assetMaintPermissionCheck" engine="simple"
>>> +
>>> location="component://assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml"
>>> invoke="assetMaintPermissionCheck">
>>> + <description>Asset Maintentance Permission Checking
>>> Logic</description>
>>> + <implements service="permissionInterface"/>
>>> + </service>
>>> </services>
>>>
>>>
>>>
>
Re: svn commit: r575113 - in /ofbiz/trunk/specialpurpose/assetmaint:
data/ data/AssetMaintSecurityData.xml ofbiz-component.xml script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
servicedef/secas.xml servicedef/services.xml
Posted by Anil K Patel <an...@hotwaxmedia.com>.
Adrian,
I am looking at it. Just got the basic permission data added.
Regards
Anil Patel
Adrian Crum wrote:
> Did you get it to work? David is supposed to be looking at this to
> help me debug it.
>
> apatel@apache.org wrote:
>
>> Author: apatel
>> Date: Wed Sep 12 15:47:44 2007
>> New Revision: 575113
>>
>> URL: http://svn.apache.org/viewvc?rev=575113&view=rev
>> Log:
>> Applying patch from Adrian with some improvements. Thanks Adrian.
>>
>> Added:
>> ofbiz/trunk/specialpurpose/assetmaint/data/
>>
>> ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml
>> ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml
>> Modified:
>> ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml
>>
>> ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
>>
>> ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml
>>
>> Added:
>> ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml
>> URL:
>> http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml?rev=575113&view=auto
>>
>> ==============================================================================
>>
>> ---
>> ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml
>> (added)
>> +++
>> ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml
>> Wed Sep 12 15:47:44 2007
>> @@ -0,0 +1,40 @@
>> +<?xml version="1.0" encoding="UTF-8"?>
>> +<!--
>> +Licensed to the Apache Software Foundation (ASF) under one
>> +or more contributor license agreements. See the NOTICE file
>> +distributed with this work for additional information
>> +regarding copyright ownership. The ASF licenses this file
>> +to you under the Apache License, Version 2.0 (the
>> +"License"); you may not use this file except in compliance
>> +with the License. You may obtain a copy of the License at
>> +
>> +http://www.apache.org/licenses/LICENSE-2.0
>> +
>> +Unless required by applicable law or agreed to in writing,
>> +software distributed under the License is distributed on an
>> +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> +KIND, either express or implied. See the License for the
>> +specific language governing permissions and limitations
>> +under the License.
>> +-->
>> +<entity-engine-xml>
>> + <!-- Asset Maintenance security -->
>> + <SecurityPermission description="ALL Asset Maintenance
>> operations." permissionId="ASSETMAINT_ADMIN"/>
>> + <SecurityPermission description="Asset Maintenance View
>> permission." permissionId="ASSETMAINT_VIEW"/>
>> + <SecurityPermission description="Asset Maintenance Create
>> operations." permissionId="ASSETMAINT_CREATE"/>
>> + <SecurityPermission description="Asset Maintenance Update
>> operations." permissionId="ASSETMAINT_UPDATE"/>
>> + <SecurityPermission description="Asset Maintenance Delete
>> operations." permissionId="ASSETMAINT_DELETE"/>
>> +
>> + <SecurityGroup description="Asset Maintenance Admin group, has
>> all maintenance permissions." groupId="ASSETMAINTADMIN"/>
>> + <SecurityGroup description="Asset Maintenance Technician group,
>> has view and update." groupId="ASSETMAINTTECH"/>
>> +
>> + <SecurityGroupPermission groupId="ASSETMAINTADMIN"
>> permissionId="ACCOUNTING_CREATE"/>
>> + <SecurityGroupPermission groupId="ASSETMAINTADMIN"
>> permissionId="ASSETMAINT_ADMIN"/>
>> + <SecurityGroupPermission groupId="ASSETMAINTADMIN"
>> permissionId="ASSETMAINT_VIEW"/>
>> +
>> + <SecurityGroupPermission groupId="ASSETMAINTTECH"
>> permissionId="ASSETMAINT_VIEW"/>
>> + <SecurityGroupPermission groupId="ASSETMAINTTECH"
>> permissionId="ASSETMAINT_UPDATE"/>
>> + <SecurityGroupPermission groupId="ASSETMAINTTECH"
>> permissionId="ACCOUNTING_UPDATE"/>
>> + + <SecurityGroupPermission groupId="FULLADMIN"
>> permissionId="ASSETMAINT_ADMIN"/>
>> +</entity-engine-xml>
>>
>> Modified: ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml
>> URL:
>> http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml?rev=575113&r1=575112&r2=575113&view=diff
>>
>> ==============================================================================
>>
>> --- ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml (original)
>> +++ ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml Wed Sep
>> 12 15:47:44 2007
>> @@ -37,13 +37,13 @@
>>
>> <!-- service resources: model(s), eca(s) and group definitions -->
>> <service-resource type="model" loader="main"
>> location="servicedef/services.xml"/>
>> -
>> + <service-resource type="eca" loader="main"
>> location="servicedef/secas.xml"/>
>>
>> <webapp name="assetmaint"
>> title="AssetMaint"
>> server="default-server"
>> location="webapp/assetmaint"
>> - base-permission="OFBTOOLS"
>> + base-permission="ASSETMAINT"
>> mount-point="/assetmaint"
>> - app-bar-display="false"/>
>> + app-bar-display="true"/>
>> </ofbiz-component>
>>
>> Modified:
>> ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
>>
>> URL:
>> http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml?rev=575113&r1=575112&r2=575113&view=diff
>>
>> ==============================================================================
>>
>> ---
>> ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
>> (original)
>> +++
>> ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
>> Wed Sep 12 15:47:44 2007
>> @@ -68,5 +68,27 @@
>> <call-service service-name="createWorkEffortAndAssoc"
>> in-map-name="createWorkEffortAndAssocCtx"/>
>> <check-errors/>
>> </simple-method> +
>> + <!-- ==============Permission Checking Service============= -->
>> + <simple-method method-name="assetMaintPermissionCheck"
>> short-description="Asset Maintenance permission logic">
>> + <if-has-permission permission="ASSETMAINT_ADMIN">
>> + <set field="hasPermission" type="Boolean" value="true"/>
>> + <else>
>> + <if-has-permission permission="ASSETMAINT"
>> action="_${parameters.mainAction}">
>> + <set field="hasPermission" type="Boolean"
>> value="true"/>
>> + <else>
>> + <set field="hasPermission" type="Boolean"
>> value="false"/>
>> + <set field="failMessage" value="Security
>> Error: you must have one of the following permissions:
>> + ACCOUNTING_${parameters.mainAction},
>> ACCOUNTING_ROLE_${parameters.mainAction}, ACCOUNTING_ADMIN,
>> ASSETMAINT_${parameters.mainAction}, ASSETMAINT_ADMIN"/>
>> + <field-to-result field-name="failMessage"/>
>> + </else>
>> + </if-has-permission>
>> + </else>
>> + </if-has-permission>
>> + <field-to-result field-name="hasPermission"/>
>> + <log level="info" message="assetMaintPermissionCheck ran"/>
>> + <log level="info" message="hasPermission = ${hasPermission}"/>
>> + </simple-method>
>> +
>> </simple-methods>
>> - \ No newline at end of file
>> +
>> Added: ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml
>> URL:
>> http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml?rev=575113&view=auto
>>
>> ==============================================================================
>>
>> --- ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml (added)
>> +++ ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml Wed
>> Sep 12 15:47:44 2007
>> @@ -0,0 +1,30 @@
>> +<?xml version="1.0" encoding="UTF-8"?>
>> +<!--
>> +Licensed to the Apache Software Foundation (ASF) under one
>> +or more contributor license agreements. See the NOTICE file
>> +distributed with this work for additional information
>> +regarding copyright ownership. The ASF licenses this file
>> +to you under the Apache License, Version 2.0 (the
>> +"License"); you may not use this file except in compliance
>> +with the License. You may obtain a copy of the License at
>> +
>> +http://www.apache.org/licenses/LICENSE-2.0
>> +
>> +Unless required by applicable law or agreed to in writing,
>> +software distributed under the License is distributed on an
>> +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> +KIND, either express or implied. See the License for the
>> +specific language governing permissions and limitations
>> +under the License.
>> +-->
>> +
>> +<service-eca xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>> +
>> xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/service-eca.xsd">
>>
>> +
>> + <!-- ECAs used to extend service permission checking -->
>> + <eca service="fixedAssetPermissionCheck" event="return"
>> run-on-failure="true" run-on-error="true">
>> + <condition field-name="hasPermission" operator="equals"
>> value="false" type="Boolean"/>
>> + <action service="assetMaintPermissionCheck" mode="sync"/>
>> + </eca>
>> +
>> +</service-eca>
>>
>> Modified: ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml
>> URL:
>> http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml?rev=575113&r1=575112&r2=575113&view=diff
>>
>> ==============================================================================
>>
>> --- ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml
>> (original)
>> +++ ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml Wed
>> Sep 12 15:47:44 2007
>> @@ -31,4 +31,9 @@
>> <attribute type="String" mode="IN" name="facilityId"
>> optional="false"/>
>> </service>
>> + <service name="assetMaintPermissionCheck" engine="simple"
>> +
>> location="component://assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml"
>> invoke="assetMaintPermissionCheck">
>> + <description>Asset Maintentance Permission Checking
>> Logic</description>
>> + <implements service="permissionInterface"/>
>> + </service>
>> </services>
>>
>>
>>
Re: svn commit: r575113 - in /ofbiz/trunk/specialpurpose/assetmaint:
data/ data/AssetMaintSecurityData.xml ofbiz-component.xml script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
servicedef/secas.xml servicedef/services.xml
Posted by Adrian Crum <ad...@hlmksw.com>.
Understood.
We can leave the permissions as-is until someone has time to help me with it.
-Adrian
David E Jones wrote:
> I'm not sure what you mean by "supposed to be looking at this"... but I
> think I phrased to things to make it clear that I or someone COULD look
> at it...
>
> I'm still pushing 80-90 hour weeks so I'm afraid until things lighten up
> for me I'm mostly stuck with helping from the peanut gallery... ;)
>
> -David
Re: svn commit: r575113 - in /ofbiz/trunk/specialpurpose/assetmaint:
data/ data/AssetMaintSecurityData.xml ofbiz-component.xml script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
servicedef/secas.xml servicedef/services.xml
Posted by David E Jones <jo...@hotwaxmedia.com>.
I'm not sure what you mean by "supposed to be looking at this"... but I think I phrased to things to make it clear that I or someone COULD look at it...
I'm still pushing 80-90 hour weeks so I'm afraid until things lighten up for me I'm mostly stuck with helping from the peanut gallery... ;)
-David
Adrian Crum wrote:
> Did you get it to work? David is supposed to be looking at this to help
> me debug it.
>
> apatel@apache.org wrote:
>
>> Author: apatel
>> Date: Wed Sep 12 15:47:44 2007
>> New Revision: 575113
>>
>> URL: http://svn.apache.org/viewvc?rev=575113&view=rev
>> Log:
>> Applying patch from Adrian with some improvements. Thanks Adrian.
>>
>> Added:
>> ofbiz/trunk/specialpurpose/assetmaint/data/
>> ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml
>> ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml
>> Modified:
>> ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml
>>
>> ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
>>
>> ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml
>>
>> Added:
>> ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml
>> URL:
>> http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml?rev=575113&view=auto
>>
>> ==============================================================================
>>
>> ---
>> ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml
>> (added)
>> +++
>> ofbiz/trunk/specialpurpose/assetmaint/data/AssetMaintSecurityData.xml
>> Wed Sep 12 15:47:44 2007
>> @@ -0,0 +1,40 @@
>> +<?xml version="1.0" encoding="UTF-8"?>
>> +<!--
>> +Licensed to the Apache Software Foundation (ASF) under one
>> +or more contributor license agreements. See the NOTICE file
>> +distributed with this work for additional information
>> +regarding copyright ownership. The ASF licenses this file
>> +to you under the Apache License, Version 2.0 (the
>> +"License"); you may not use this file except in compliance
>> +with the License. You may obtain a copy of the License at
>> +
>> +http://www.apache.org/licenses/LICENSE-2.0
>> +
>> +Unless required by applicable law or agreed to in writing,
>> +software distributed under the License is distributed on an
>> +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> +KIND, either express or implied. See the License for the
>> +specific language governing permissions and limitations
>> +under the License.
>> +-->
>> +<entity-engine-xml>
>> + <!-- Asset Maintenance security -->
>> + <SecurityPermission description="ALL Asset Maintenance
>> operations." permissionId="ASSETMAINT_ADMIN"/>
>> + <SecurityPermission description="Asset Maintenance View
>> permission." permissionId="ASSETMAINT_VIEW"/>
>> + <SecurityPermission description="Asset Maintenance Create
>> operations." permissionId="ASSETMAINT_CREATE"/>
>> + <SecurityPermission description="Asset Maintenance Update
>> operations." permissionId="ASSETMAINT_UPDATE"/>
>> + <SecurityPermission description="Asset Maintenance Delete
>> operations." permissionId="ASSETMAINT_DELETE"/>
>> +
>> + <SecurityGroup description="Asset Maintenance Admin group, has
>> all maintenance permissions." groupId="ASSETMAINTADMIN"/>
>> + <SecurityGroup description="Asset Maintenance Technician group,
>> has view and update." groupId="ASSETMAINTTECH"/>
>> +
>> + <SecurityGroupPermission groupId="ASSETMAINTADMIN"
>> permissionId="ACCOUNTING_CREATE"/>
>> + <SecurityGroupPermission groupId="ASSETMAINTADMIN"
>> permissionId="ASSETMAINT_ADMIN"/>
>> + <SecurityGroupPermission groupId="ASSETMAINTADMIN"
>> permissionId="ASSETMAINT_VIEW"/>
>> +
>> + <SecurityGroupPermission groupId="ASSETMAINTTECH"
>> permissionId="ASSETMAINT_VIEW"/>
>> + <SecurityGroupPermission groupId="ASSETMAINTTECH"
>> permissionId="ASSETMAINT_UPDATE"/>
>> + <SecurityGroupPermission groupId="ASSETMAINTTECH"
>> permissionId="ACCOUNTING_UPDATE"/>
>> + + <SecurityGroupPermission groupId="FULLADMIN"
>> permissionId="ASSETMAINT_ADMIN"/>
>> +</entity-engine-xml>
>>
>> Modified: ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml
>> URL:
>> http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml?rev=575113&r1=575112&r2=575113&view=diff
>>
>> ==============================================================================
>>
>> --- ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml (original)
>> +++ ofbiz/trunk/specialpurpose/assetmaint/ofbiz-component.xml Wed Sep
>> 12 15:47:44 2007
>> @@ -37,13 +37,13 @@
>>
>> <!-- service resources: model(s), eca(s) and group definitions -->
>> <service-resource type="model" loader="main"
>> location="servicedef/services.xml"/>
>> -
>> + <service-resource type="eca" loader="main"
>> location="servicedef/secas.xml"/>
>>
>> <webapp name="assetmaint"
>> title="AssetMaint"
>> server="default-server"
>> location="webapp/assetmaint"
>> - base-permission="OFBTOOLS"
>> + base-permission="ASSETMAINT"
>> mount-point="/assetmaint"
>> - app-bar-display="false"/>
>> + app-bar-display="true"/>
>> </ofbiz-component>
>>
>> Modified:
>> ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
>>
>> URL:
>> http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml?rev=575113&r1=575112&r2=575113&view=diff
>>
>> ==============================================================================
>>
>> ---
>> ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
>> (original)
>> +++
>> ofbiz/trunk/specialpurpose/assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml
>> Wed Sep 12 15:47:44 2007
>> @@ -68,5 +68,27 @@
>> <call-service service-name="createWorkEffortAndAssoc"
>> in-map-name="createWorkEffortAndAssocCtx"/>
>> <check-errors/>
>> </simple-method> +
>> + <!-- ==============Permission Checking Service============= -->
>> + <simple-method method-name="assetMaintPermissionCheck"
>> short-description="Asset Maintenance permission logic">
>> + <if-has-permission permission="ASSETMAINT_ADMIN">
>> + <set field="hasPermission" type="Boolean" value="true"/>
>> + <else>
>> + <if-has-permission permission="ASSETMAINT"
>> action="_${parameters.mainAction}">
>> + <set field="hasPermission" type="Boolean"
>> value="true"/>
>> + <else>
>> + <set field="hasPermission" type="Boolean"
>> value="false"/>
>> + <set field="failMessage" value="Security
>> Error: you must have one of the following permissions:
>> + ACCOUNTING_${parameters.mainAction},
>> ACCOUNTING_ROLE_${parameters.mainAction}, ACCOUNTING_ADMIN,
>> ASSETMAINT_${parameters.mainAction}, ASSETMAINT_ADMIN"/>
>> + <field-to-result field-name="failMessage"/>
>> + </else>
>> + </if-has-permission>
>> + </else>
>> + </if-has-permission>
>> + <field-to-result field-name="hasPermission"/>
>> + <log level="info" message="assetMaintPermissionCheck ran"/>
>> + <log level="info" message="hasPermission = ${hasPermission}"/>
>> + </simple-method>
>> +
>> </simple-methods>
>> - \ No newline at end of file
>> +
>> Added: ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml
>> URL:
>> http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml?rev=575113&view=auto
>>
>> ==============================================================================
>>
>> --- ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml (added)
>> +++ ofbiz/trunk/specialpurpose/assetmaint/servicedef/secas.xml Wed Sep
>> 12 15:47:44 2007
>> @@ -0,0 +1,30 @@
>> +<?xml version="1.0" encoding="UTF-8"?>
>> +<!--
>> +Licensed to the Apache Software Foundation (ASF) under one
>> +or more contributor license agreements. See the NOTICE file
>> +distributed with this work for additional information
>> +regarding copyright ownership. The ASF licenses this file
>> +to you under the Apache License, Version 2.0 (the
>> +"License"); you may not use this file except in compliance
>> +with the License. You may obtain a copy of the License at
>> +
>> +http://www.apache.org/licenses/LICENSE-2.0
>> +
>> +Unless required by applicable law or agreed to in writing,
>> +software distributed under the License is distributed on an
>> +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> +KIND, either express or implied. See the License for the
>> +specific language governing permissions and limitations
>> +under the License.
>> +-->
>> +
>> +<service-eca xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>> +
>> xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/service-eca.xsd">
>>
>> +
>> + <!-- ECAs used to extend service permission checking -->
>> + <eca service="fixedAssetPermissionCheck" event="return"
>> run-on-failure="true" run-on-error="true">
>> + <condition field-name="hasPermission" operator="equals"
>> value="false" type="Boolean"/>
>> + <action service="assetMaintPermissionCheck" mode="sync"/>
>> + </eca>
>> +
>> +</service-eca>
>>
>> Modified: ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml
>> URL:
>> http://svn.apache.org/viewvc/ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml?rev=575113&r1=575112&r2=575113&view=diff
>>
>> ==============================================================================
>>
>> --- ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml
>> (original)
>> +++ ofbiz/trunk/specialpurpose/assetmaint/servicedef/services.xml Wed
>> Sep 12 15:47:44 2007
>> @@ -31,4 +31,9 @@
>> <attribute type="String" mode="IN" name="facilityId"
>> optional="false"/>
>> </service>
>> + <service name="assetMaintPermissionCheck" engine="simple"
>> +
>> location="component://assetmaint/script/org/ofbiz/assetmaint/FixedAssetMaintEvents.xml"
>> invoke="assetMaintPermissionCheck">
>> + <description>Asset Maintentance Permission Checking
>> Logic</description>
>> + <implements service="permissionInterface"/>
>> + </service>
>> </services>
>>
>>
>>