You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ofbiz.apache.org by Pranay Pandey <pr...@hotwaxmedia.com> on 2009/04/22 21:20:35 UTC
Issue in Project Manager
Hello Users,
I am facing issue in project manager application, I did following:
1. Created a userLogin with PROJECTADMIN security group.
2. This user should be having all the permissions for project manager.
3. Not getting option to create a new project in https://localhost:8443/projectmgr/control/FindProject
.
I tried this by using admin profile and worked well so tried it again
by assigning FULLADMIN to the newly created user login but it didn't
work.
I tried to clear this out from the code in specialpurpose/projectmgr/
widget/Menus.xml which is behaving differently for these but couldn't
get success.
<set field="hasUpdatePermission" value="${bsh:
result =
dispatcher.runSync("projectMgrPermission",
org.ofbiz.base.util.UtilMisc.toMap("userLogin",
parameters.get("userLogin"),
"resourceDescription", "Project",
"mainAction", "UPDATE",
"projectId", projectId));
return result.get("hasPermission"); }"
type="Boolean"/>
Thanks in advance for any help.
Thanks & Regards
--
Pranay Pandey
Re: Issue in Project Manager
Posted by Ashish Vijaywargiya <as...@hotwaxmedia.com>.
Hey Pranay,
Its good that you were able to figure out the problem.
Enjoy the day ahead man :-) !
--
Ashish
Pranay Pandey wrote:
> Thanks a lot Ashish, Now I got the solution of my problem.
> You showed me the right place to hit and to understand the basic
> difference for permissions which should be given.
> Issue was because of wrong permissions given by me to the user I was
> creating. I cleared it by again reading the document: OFBiz security
> <http://docs.ofbiz.org/display/OFBTECH/OFBiz+security>
>
>
> Thanks & Regards
> --
> Pranay Pandey
>
>
> On Apr 23, 2009, at 11:59 AM, Ashish Vijaywargiya wrote:
>
>> Hello Pranay,
>>
>> Let me help you (Only concentrate on my comments that is present
>> inside code snippet taken from file ProjectPermissionServices.xml - I
>> have put false statement and some comment in that) :
>> The below code snippet is the only area which can help you to figure
>> out the problem.
>> Please discuss me in person if you are unable to figure out the issue.
>>
>>
>> <if-compare field="sec_object" value="PROJECT" operator="equals">
>> <!--log level="info" message="======ProjectMGR
>> Security===== action: ${parameters.mainAction} object: ${sec_object}
>> Id: ${parameters.projectId} resourceDescription:
>> ${parameters.resourceDescription}"/-->
>> <set field="projectId" from-field="parameters.projectId"/>
>> <set field="partyId"
>> from-field="parameters.userLogin.partyId"/>
>> <call-simple-method method-name="checkProjectMembership"/>
>> <if>
>> <condition>
>> <or>
>> <and>
>> <!-- view a project with a null id is a
>> null operation, so ok... -->
>> <if-empty field="parameters.projectIdId"/>
>> <if-compare field="parameters.mainAction"
>> value="VIEW" operator="equals"/>
>> </and>
>> <and>
>> <!-- false -->
>> <if-has-permission
>> permission="PROJECTMGR_ADMIN"/>
>> <not><if-has-permission
>> permission="PROJECTMGR_ROLE_ADMIN"/></not>
>> </and>
>> <and>
>> <!-- return false for the user you have
>> created -->
>> <!-- In case of admin it returns true
>> isMember flag returns true from method in the bottom
>> "checkProjectMembership-->
>> <!-- So we may need to add a record in
>> either WorkEffortPartyAssignment or WorkEffortPartyAssignByGroup
>> entity -->
>> <!-- This is all from my side Pranay -->
>> <if-has-permission
>> permission="PROJECTMGR_ROLE_ADMIN"/>
>> <if-compare field="isMember" value="true"
>> operator="equals"/>
>> </and>
>> <and>
>> <!-- false -->
>> <if-has-permission
>> permission="PROJECTMGR_VIEW"/>
>> <not><if-has-permission
>> permission="PROJECTMGR_ROLE_VIEW"/></not>
>> <if-compare field="parameters.mainAction"
>> value="VIEW" operator="equals"/>
>> </and>
>> <and>
>> <!-- false -->
>> <if-has-permission
>> permission="PROJECTMGR_ROLE_VIEW"/>
>> <if-compare field="isMember" value="true"
>> operator="equals"/>
>> <if-compare field="parameters.mainAction"
>> value="VIEW" operator="equals"/>
>> </and>
>> </or>
>> </condition>
>> <then>
>> <field-to-result field="hasPermission"/>
>> <return/>
>> </then>
>> <else>
>> <property-to-field resource="ProjectMgrUiLabels"
>> property="ProjectMgrNoAccessToProject" field="failMessage"/>
>
Re: Issue in Project Manager
Posted by Pranay Pandey <pr...@hotwaxmedia.com>.
Thanks a lot Ashish, Now I got the solution of my problem.
You showed me the right place to hit and to understand the basic
difference for permissions which should be given.
Issue was because of wrong permissions given by me to the user I was
creating. I cleared it by again reading the document: OFBiz security
Thanks & Regards
--
Pranay Pandey
On Apr 23, 2009, at 11:59 AM, Ashish Vijaywargiya wrote:
> Hello Pranay,
>
> Let me help you (Only concentrate on my comments that is present
> inside code snippet taken from file ProjectPermissionServices.xml -
> I have put false statement and some comment in that) :
> The below code snippet is the only area which can help you to figure
> out the problem.
> Please discuss me in person if you are unable to figure out the issue.
>
>
> <if-compare field="sec_object" value="PROJECT"
> operator="equals">
> <!--log level="info" message="======ProjectMGR
> Security===== action: ${parameters.mainAction} object: $
> {sec_object} Id: ${parameters.projectId} resourceDescription: $
> {parameters.resourceDescription}"/-->
> <set field="projectId" from-field="parameters.projectId"/>
> <set field="partyId" from-
> field="parameters.userLogin.partyId"/>
> <call-simple-method method-name="checkProjectMembership"/>
> <if>
> <condition>
> <or>
> <and>
> <!-- view a project with a null id is a
> null operation, so ok... -->
> <if-empty field="parameters.projectIdId"/>
> <if-compare field="parameters.mainAction"
> value="VIEW" operator="equals"/>
> </and>
> <and>
> <!-- false -->
> <if-has-permission
> permission="PROJECTMGR_ADMIN"/>
> <not><if-has-permission
> permission="PROJECTMGR_ROLE_ADMIN"/></not>
> </and>
> <and>
> <!-- return false for the user you have
> created -->
> <!-- In case of admin it returns true
> isMember flag returns true from method in the bottom
> "checkProjectMembership-->
> <!-- So we may need to add a record in
> either WorkEffortPartyAssignment or WorkEffortPartyAssignByGroup
> entity -->
> <!-- This is all from my side Pranay -->
> <if-has-permission
> permission="PROJECTMGR_ROLE_ADMIN"/>
> <if-compare field="isMember" value="true"
> operator="equals"/>
> </and>
> <and>
> <!-- false -->
> <if-has-permission
> permission="PROJECTMGR_VIEW"/>
> <not><if-has-permission
> permission="PROJECTMGR_ROLE_VIEW"/></not>
> <if-compare field="parameters.mainAction"
> value="VIEW" operator="equals"/>
> </and>
> <and>
> <!-- false -->
> <if-has-permission
> permission="PROJECTMGR_ROLE_VIEW"/>
> <if-compare field="isMember" value="true"
> operator="equals"/>
> <if-compare field="parameters.mainAction"
> value="VIEW" operator="equals"/>
> </and>
> </or>
> </condition>
> <then>
> <field-to-result field="hasPermission"/>
> <return/>
> </then>
> <else>
> <property-to-field resource="ProjectMgrUiLabels"
> property="ProjectMgrNoAccessToProject" field="failMessage"/>
> <field-to-result field="failMessage"/>
> <field-to-result field="hasNoPermission" result-
> name="hasPermission"/>
> <return/>
> </else>
> </if>
> </if-compare>
>
> --
> Ashish
>
>
> Pranay Pandey wrote:
>> Hello Users,
>>
>> I am facing issue in project manager application, I did following:
>>
>> 1. Created a userLogin with PROJECTADMIN security group.
>> 2. This user should be having all the permissions for project
>> manager.
>> 3. Not getting option to create a new project in https://localhost:8443/projectmgr/control/FindProject
>> .
>>
>> I tried this by using admin profile and worked well so tried it
>> again by assigning FULLADMIN to the newly created user login but it
>> didn't work.
>>
>> I tried to clear this out from the code in specialpurpose/
>> projectmgr/widget/Menus.xml which is behaving differently for these
>> but couldn't get success.
>> <set field="hasUpdatePermission" value="${bsh:
>> result =
>> dispatcher.runSync("projectMgrPermission",
>>
>> org.ofbiz.base.util.UtilMisc.toMap("userLogin",
>> parameters.get("userLogin"),
>> "resourceDescription", "Project",
>> "mainAction", "UPDATE",
>> "projectId", projectId));
>> return result.get("hasPermission"); }"
>> type="Boolean"/>
>>
>> Thanks in advance for any help.
>>
>>
>> Thanks & Regards
>> --
>> Pranay Pandey
Re: Issue in Project Manager
Posted by Ashish Vijaywargiya <as...@hotwaxmedia.com>.
Hello Pranay,
Let me help you (Only concentrate on my comments that is present inside
code snippet taken from file ProjectPermissionServices.xml - I have put
false statement and some comment in that) :
The below code snippet is the only area which can help you to figure out
the problem.
Please discuss me in person if you are unable to figure out the issue.
<if-compare field="sec_object" value="PROJECT" operator="equals">
<!--log level="info" message="======ProjectMGR
Security===== action: ${parameters.mainAction} object: ${sec_object}
Id: ${parameters.projectId} resourceDescription:
${parameters.resourceDescription}"/-->
<set field="projectId" from-field="parameters.projectId"/>
<set field="partyId" from-field="parameters.userLogin.partyId"/>
<call-simple-method method-name="checkProjectMembership"/>
<if>
<condition>
<or>
<and>
<!-- view a project with a null id is a null
operation, so ok... -->
<if-empty field="parameters.projectIdId"/>
<if-compare field="parameters.mainAction"
value="VIEW" operator="equals"/>
</and>
<and>
<!-- false -->
<if-has-permission
permission="PROJECTMGR_ADMIN"/>
<not><if-has-permission
permission="PROJECTMGR_ROLE_ADMIN"/></not>
</and>
<and>
<!-- return false for the user you have
created -->
<!-- In case of admin it returns true
isMember flag returns true from method in the bottom
"checkProjectMembership-->
<!-- So we may need to add a record in
either WorkEffortPartyAssignment or WorkEffortPartyAssignByGroup entity -->
<!-- This is all from my side Pranay -->
<if-has-permission
permission="PROJECTMGR_ROLE_ADMIN"/>
<if-compare field="isMember" value="true"
operator="equals"/>
</and>
<and>
<!-- false -->
<if-has-permission
permission="PROJECTMGR_VIEW"/>
<not><if-has-permission
permission="PROJECTMGR_ROLE_VIEW"/></not>
<if-compare field="parameters.mainAction"
value="VIEW" operator="equals"/>
</and>
<and>
<!-- false -->
<if-has-permission
permission="PROJECTMGR_ROLE_VIEW"/>
<if-compare field="isMember" value="true"
operator="equals"/>
<if-compare field="parameters.mainAction"
value="VIEW" operator="equals"/>
</and>
</or>
</condition>
<then>
<field-to-result field="hasPermission"/>
<return/>
</then>
<else>
<property-to-field resource="ProjectMgrUiLabels"
property="ProjectMgrNoAccessToProject" field="failMessage"/>
<field-to-result field="failMessage"/>
<field-to-result field="hasNoPermission"
result-name="hasPermission"/>
<return/>
</else>
</if>
</if-compare>
--
Ashish
Pranay Pandey wrote:
> Hello Users,
>
> I am facing issue in project manager application, I did following:
>
> 1. Created a userLogin with PROJECTADMIN security group.
> 2. This user should be having all the permissions for project manager.
> 3. Not getting option to create a new project in
> https://localhost:8443/projectmgr/control/FindProject.
>
> I tried this by using admin profile and worked well so tried it again
> by assigning FULLADMIN to the newly created user login but it didn't
> work.
>
> I tried to clear this out from the code in
> specialpurpose/projectmgr/widget/Menus.xml which is behaving
> differently for these but couldn't get success.
> <set field="hasUpdatePermission" value="${bsh:
> result =
> dispatcher.runSync("projectMgrPermission",
>
> org.ofbiz.base.util.UtilMisc.toMap("userLogin",
> parameters.get("userLogin"),
> "resourceDescription", "Project",
> "mainAction", "UPDATE",
> "projectId", projectId));
> return result.get("hasPermission"); }"
> type="Boolean"/>
>
> Thanks in advance for any help.
>
>
> Thanks & Regards
> --
> Pranay Pandey