You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ofbiz.apache.org by Anil Patel <to...@gmail.com> on 2007/01/15 07:49:45 UTC

role permission checking using Security.hasRolePermission

Hi
The method defined in Security.hasRolePermission and its implementation in
OfBizSecutiry class provides useful service that we can use in
implementation of new Service Security implementation. Like we have
if-has-permission tag mini-lang, I am wondering if it be useful to have
if-has-role-permission tag, or its recommended to just call Java method from
mini-land code.

Any Ideas?

Regards
Anil Patel

Re: role permission checking using Security.hasRolePermission

Posted by "David E. Jones" <jo...@hotwaxmedia.com>.

Anil,

My opinion on those methods is not good. My take on them is that they  
were a bit of an over-simplification of what usually ends up being a  
lot more complex. So, no, I'd rather not perpetuate this.

I recommend starting with the pattern used in the  
ProductServices.xml#checkProductRelatedPermission method, and then  
perhaps based on that and preferably a number of other examples of  
"real-world" use design an operation that will be certain to slim  
down the code and make our lives easier and happier.

-David

On Jan 14, 2007, at 11:49 PM, Anil Patel wrote:

> Hi
> The method defined in Security.hasRolePermission and its  
> implementation in
> OfBizSecutiry class provides useful service that we can use in
> implementation of new Service Security implementation. Like we have
> if-has-permission tag mini-lang, I am wondering if it be useful to  
> have
> if-has-role-permission tag, or its recommended to just call Java  
> method from
> mini-land code.
>
> Any Ideas?
>
> Regards
> Anil Patel