Re: object instance security

[Christopher Snow <sn...@coralms.com>]

> I would like to setup entities representing projects (like those  
> created in Microsoft Project).  Each project has a different  
> project team that are responsible for maintaining the project  
> data.  Therefore, the permissions need to be fine grained so that  
> project A can only be accessed by project team X, and project B can  
> only be accessed by project team Y.  The project management office  
> (PMO) admin staff though will require access both projects.  So I  
> need INSTANCE and GROUP (standard ofbiz security) level security.
>
> I'm not really worried where the security checks take place, I was  
> just wondering how this may be done in  ofbiz.
>
> Best regards,
>
> Chris
>
> From: David E Jones <jo...@undersunconsulting.com>
> Subject: Re: object instance security
> Date: Mon, 14 Aug 2006 15:05:00 -0600
> To: ofbiz-user@incubator.apache.org
> X-Mailer: Apple Mail (2.752.2)
> X-Virus-Checked: Checked by ClamAV on apache.org
> X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N
>
>
> On Aug 14, 2006, at 4:17 AM, Christopher.Snow@vosa.gov.uk wrote:
>
> > Out of the box, does ofbiz allow for fine grained security of my
> > custom
> > entities (i.e. at the object instance level)?
> >
> > Many thanks ...
>
> Could you describe a bit more about what your intended use of this
> would be? Perhaps something like a business story?
>
> There are some entity-level permission resources in the security and
> entity engine parts of OFBiz, but they aren't used much as we
> generally go with data driven logic layer permissions more than data
> driven data layer permissions.
>
> -David
>
>
>

Re: object instance security

[Anil Patel <to...@gmail.com>]

Chris,
Please take a look at following Issue.
https://issues.apache.org/jira/browse/OFBIZ-615

Andrew is leading an Effort for Implementing security Permission management
that will satisfy the requirements specified in your emails. Very soon I
will submit patch that implements the Granting Permission using PartyGroup
membership

Regards
Anil Patel



On 2/4/07, Christopher Snow <sn...@coralms.com> wrote:
>
> Does anyone have any ideas on this requirement?  Any information that
> may point me in the right direction will be much appreciated.
>
> Many thanks,
>
> Chris
>
>
> On Fri, 2007-02-02 at 07:57 +0000, Christopher Snow wrote:
> > > I would like to setup entities representing projects (like those
> > > created in Microsoft Project).  Each project has a different
> > > project team that are responsible for maintaining the project
> > > data.  Therefore, the permissions need to be fine grained so that
> > > project A can only be accessed by project team X, and project B can
> > > only be accessed by project team Y.  The project management office
> > > (PMO) admin staff though will require access both projects.  So I
> > > need INSTANCE and GROUP (standard ofbiz security) level security.
> > >
> > > I'm not really worried where the security checks take place, I was
> > > just wondering how this may be done in  ofbiz.
> > >
> > > Best regards,
> > >
> > > Chris
> > >
> > > From: David E Jones <jo...@undersunconsulting.com>
> > > Subject: Re: object instance security
> > > Date: Mon, 14 Aug 2006 15:05:00 -0600
> > > To: ofbiz-user@incubator.apache.org
> > > X-Mailer: Apple Mail (2.752.2)
> > > X-Virus-Checked: Checked by ClamAV on apache.org
> > > X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N
> > >
> > >
> > > On Aug 14, 2006, at 4:17 AM, Christopher.Snow@vosa.gov.uk wrote:
> > >
> > > > Out of the box, does ofbiz allow for fine grained security of my
> > > > custom
> > > > entities (i.e. at the object instance level)?
> > > >
> > > > Many thanks ...
> > >
> > > Could you describe a bit more about what your intended use of this
> > > would be? Perhaps something like a business story?
> > >
> > > There are some entity-level permission resources in the security and
> > > entity engine parts of OFBiz, but they aren't used much as we
> > > generally go with data driven logic layer permissions more than data
> > > driven data layer permissions.
> > >
> > > -David
> > >
> > >
> > >
>

Re: object instance security

[Christopher Snow <sn...@coralms.com>]

Does anyone have any ideas on this requirement?  Any information that
may point me in the right direction will be much appreciated.

Many thanks,

Chris


On Fri, 2007-02-02 at 07:57 +0000, Christopher Snow wrote:
> > I would like to setup entities representing projects (like those  
> > created in Microsoft Project).  Each project has a different  
> > project team that are responsible for maintaining the project  
> > data.  Therefore, the permissions need to be fine grained so that  
> > project A can only be accessed by project team X, and project B can  
> > only be accessed by project team Y.  The project management office  
> > (PMO) admin staff though will require access both projects.  So I  
> > need INSTANCE and GROUP (standard ofbiz security) level security.
> >
> > I'm not really worried where the security checks take place, I was  
> > just wondering how this may be done in  ofbiz.
> >
> > Best regards,
> >
> > Chris
> >
> > From: David E Jones <jo...@undersunconsulting.com>
> > Subject: Re: object instance security
> > Date: Mon, 14 Aug 2006 15:05:00 -0600
> > To: ofbiz-user@incubator.apache.org
> > X-Mailer: Apple Mail (2.752.2)
> > X-Virus-Checked: Checked by ClamAV on apache.org
> > X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N
> >
> >
> > On Aug 14, 2006, at 4:17 AM, Christopher.Snow@vosa.gov.uk wrote:
> >
> > > Out of the box, does ofbiz allow for fine grained security of my
> > > custom
> > > entities (i.e. at the object instance level)?
> > >
> > > Many thanks ...
> >
> > Could you describe a bit more about what your intended use of this
> > would be? Perhaps something like a business story?
> >
> > There are some entity-level permission resources in the security and
> > entity engine parts of OFBiz, but they aren't used much as we
> > generally go with data driven logic layer permissions more than data
> > driven data layer permissions.
> >
> > -David
> >
> >
> >