You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ofbiz.apache.org by opablo <os...@opentrends.net> on 2007/08/16 13:02:35 UTC
Permissions setup
Hi,
We have an organization with two companies (the organization
headquarters at two different countries), each of them working
separately, but both included in the organization (so the organization
user views all data). Is there a way to configure OfBiz that a user from
a company can see only the orders from the company he/she belongs and is
not able to see the orders from the other company?
Regards,
Óscar
Re: Permissions setup
Posted by David E Jones <jo...@hotwaxmedia.com>.
That is true, but it's not quite that simple, or in other words there are other things that need to have checks and filters, like an order find query, that won't be do-able with a just service level permission checks and such.
-David
Jonathon -- Improov wrote:
> Also, if you code your data retrieval functions into services, you can
> use SECAs to slap on pre-checks (permissions checks).
>
> But I thought there was something else done for this. The service engine
> can call a custom-specified "permissions checking service" prior to
> calling a service. So, a service "getPrivateInfo" can have a
> custom-specified permissions service called "somePermissionsChecks"
> attached to it.
>
> Is that true?
>
> Jonathon
>
> David E Jones wrote:
>>
>> Not configure per se, but the data structures are there and this sort
>> of thing has been done before, it's just a matter of a little
>> customization to filter queries and such how you want to.
>>
>> -David
>>
>>
>> opablo wrote:
>>> Hi,
>>>
>>> We have an organization with two companies (the organization
>>> headquarters at two different countries), each of them working
>>> separately, but both included in the organization (so the organization
>>> user views all data). Is there a way to configure OfBiz that a user from
>>> a company can see only the orders from the company he/she belongs and is
>>> not able to see the orders from the other company?
>>>
>>> Regards,
>>>
>>> Óscar
>>>
>>
>>
>
Re: Permissions setup
Posted by Jonathon -- Improov <jo...@improov.com>.
Also, if you code your data retrieval functions into services, you can use SECAs to slap on
pre-checks (permissions checks).
But I thought there was something else done for this. The service engine can call a
custom-specified "permissions checking service" prior to calling a service. So, a service
"getPrivateInfo" can have a custom-specified permissions service called "somePermissionsChecks"
attached to it.
Is that true?
Jonathon
David E Jones wrote:
>
> Not configure per se, but the data structures are there and this sort of
> thing has been done before, it's just a matter of a little customization
> to filter queries and such how you want to.
>
> -David
>
>
> opablo wrote:
>> Hi,
>>
>> We have an organization with two companies (the organization
>> headquarters at two different countries), each of them working
>> separately, but both included in the organization (so the organization
>> user views all data). Is there a way to configure OfBiz that a user from
>> a company can see only the orders from the company he/she belongs and is
>> not able to see the orders from the other company?
>>
>> Regards,
>>
>> Óscar
>>
>
>
Re: Permissions setup
Posted by David E Jones <jo...@hotwaxmedia.com>.
Not configure per se, but the data structures are there and this sort of thing has been done before, it's just a matter of a little customization to filter queries and such how you want to.
-David
opablo wrote:
> Hi,
>
> We have an organization with two companies (the organization
> headquarters at two different countries), each of them working
> separately, but both included in the organization (so the organization
> user views all data). Is there a way to configure OfBiz that a user from
> a company can see only the orders from the company he/she belongs and is
> not able to see the orders from the other company?
>
> Regards,
>
> Óscar
>