You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ofbiz.apache.org by Anil Patel <to...@gmail.com> on 2007/01/03 00:07:43 UTC
Parameterize serviceName in error message for permission error.
Hi,
Checking to see if there is possible better way to do this. Every time we do
permission check for CRUD operation we end up defining new message resource
file. Only thing that changes is name of service.
Is there a known solution, where we can parameterize the service name and
use just one message all these CRUD operation?
Regards
Anil Patel
Re: Parameterize serviceName in error message for permission error.
Posted by David E Jones <jo...@undersunconsulting.com>.
That's a different issue, sounds like the one from your other email
earlier today.
Having a permission extension like "_ROLE_PARTY" is weird, I'm not
sure _what_ that is for. It looks like a variation on the "role
limited permissions" that are an established pattern in OFBiz. The
best example of them is probably the checkProductRelatedPermission
simple-method in the ProductServices.xml file. On line 511 you'll see
where it uses "CATALOG_ROLE" as the prefix instead of "CATALOG".
When doing role-limited permissions the "_ROLE" appendage should
always be a suffix to the "permission", and not a prefix to the
"action" side of the permission. I have seen this confused before and
I think it's a bad practice because it breaks the normal suffix set
("_CREATE", "_UPDATE", "_DELETE", "_VIEW", "_ADMIN").
The basic idea is that if you have something like a "CATALOG_ROLE"
permission base instead of the "CATALOG" permission base, then you
have to be connected to the item in question either in a
predetermined role, or in any role, depending on how things are coded
(ie it's a convention, not a set of hard rules).
-David
On Jan 2, 2007, at 7:40 PM, Anil Patel wrote:
> If we were to go by this, In example component, we look for _CREATE or
> _DELETE permission on the component in different CRUD services and
> not at
> the entity level like _ROLE_PARTY
>
> is this right?
>
> Regards
> Anil
>
> On 1/2/07, David E Jones <jo...@undersunconsulting.com> wrote:
>>
>>
>> Yes, there is a solution to this.
>>
>> As with various things rather than trying to universally implement
>> best practices due to practicality the best practice is demonstrated
>> in the example component. You can see what you need in the
>> ExampleServices.xml, and in the corresponding label properties file
>> if I remember right.
>>
>> -David
>>
>>
>> On Jan 2, 2007, at 4:07 PM, Anil Patel wrote:
>>
>> > Hi,
>> > Checking to see if there is possible better way to do this. Every
>> > time we do
>> > permission check for CRUD operation we end up defining new message
>> > resource
>> > file. Only thing that changes is name of service.
>> >
>> > Is there a known solution, where we can parameterize the service
>> > name and
>> > use just one message all these CRUD operation?
>> >
>> > Regards
>> > Anil Patel
>>
>>
Re: Parameterize serviceName in error message for permission error.
Posted by Anil Patel <to...@gmail.com>.
If we were to go by this, In example component, we look for _CREATE or
_DELETE permission on the component in different CRUD services and not at
the entity level like _ROLE_PARTY
is this right?
Regards
Anil
On 1/2/07, David E Jones <jo...@undersunconsulting.com> wrote:
>
>
> Yes, there is a solution to this.
>
> As with various things rather than trying to universally implement
> best practices due to practicality the best practice is demonstrated
> in the example component. You can see what you need in the
> ExampleServices.xml, and in the corresponding label properties file
> if I remember right.
>
> -David
>
>
> On Jan 2, 2007, at 4:07 PM, Anil Patel wrote:
>
> > Hi,
> > Checking to see if there is possible better way to do this. Every
> > time we do
> > permission check for CRUD operation we end up defining new message
> > resource
> > file. Only thing that changes is name of service.
> >
> > Is there a known solution, where we can parameterize the service
> > name and
> > use just one message all these CRUD operation?
> >
> > Regards
> > Anil Patel
>
>
Re: Parameterize serviceName in error message for permission error.
Posted by David E Jones <jo...@undersunconsulting.com>.
Yes, there is a solution to this.
As with various things rather than trying to universally implement
best practices due to practicality the best practice is demonstrated
in the example component. You can see what you need in the
ExampleServices.xml, and in the corresponding label properties file
if I remember right.
-David
On Jan 2, 2007, at 4:07 PM, Anil Patel wrote:
> Hi,
> Checking to see if there is possible better way to do this. Every
> time we do
> permission check for CRUD operation we end up defining new message
> resource
> file. Only thing that changes is name of service.
>
> Is there a known solution, where we can parameterize the service
> name and
> use just one message all these CRUD operation?
>
> Regards
> Anil Patel