You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ofbiz.apache.org by Anil Patel <to...@gmail.com> on 2007/01/15 07:49:45 UTC
role permission checking using Security.hasRolePermission
Hi
The method defined in Security.hasRolePermission and its implementation in
OfBizSecutiry class provides useful service that we can use in
implementation of new Service Security implementation. Like we have
if-has-permission tag mini-lang, I am wondering if it be useful to have
if-has-role-permission tag, or its recommended to just call Java method from
mini-land code.
Any Ideas?
Regards
Anil Patel
Re: role permission checking using Security.hasRolePermission
Posted by "David E. Jones" <jo...@hotwaxmedia.com>.
Anil,
My opinion on those methods is not good. My take on them is that they
were a bit of an over-simplification of what usually ends up being a
lot more complex. So, no, I'd rather not perpetuate this.
I recommend starting with the pattern used in the
ProductServices.xml#checkProductRelatedPermission method, and then
perhaps based on that and preferably a number of other examples of
"real-world" use design an operation that will be certain to slim
down the code and make our lives easier and happier.
-David
On Jan 14, 2007, at 11:49 PM, Anil Patel wrote:
> Hi
> The method defined in Security.hasRolePermission and its
> implementation in
> OfBizSecutiry class provides useful service that we can use in
> implementation of new Service Security implementation. Like we have
> if-has-permission tag mini-lang, I am wondering if it be useful to
> have
> if-has-role-permission tag, or its recommended to just call Java
> method from
> mini-land code.
>
> Any Ideas?
>
> Regards
> Anil Patel