This is an automated email from the ASF dual-hosted git repository. jacopoc pushed a commit to branch release24.09 in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
commit 138175efcb7d02521f63543516a148abb31d7619 Author: Jacopo Cappellato <[email protected]> AuthorDate: Tue Jun 2 19:27:54 2026 +0200 Add unrestricted security permissions for Content Manager operations These permissions should only be granted to trusted administrative users, as they may be harmful. (cherry picked from commit a8b56aad89504a5a3e5338c5a4f32e362e639260) --- applications/datamodel/data/demo/ContentDemoData.xml | 7 +++++++ applications/datamodel/data/seed/ContentSeedData.xml | 6 ++++++ 2 files changed, 13 insertions(+) diff --git a/applications/datamodel/data/demo/ContentDemoData.xml b/applications/datamodel/data/demo/ContentDemoData.xml index bb74fc07e8..db80767004 100644 --- a/applications/datamodel/data/demo/ContentDemoData.xml +++ b/applications/datamodel/data/demo/ContentDemoData.xml @@ -19,6 +19,13 @@ under the License. --> <entity-engine-xml> <!-- Content Manager security --> + <SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="CONTENTMGR_SUPER_ADMIN"/> + <SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CONTENTMGR_SUPER_CREATE"/> + <SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CONTENTMGR_SUPER_DELETE"/> + <SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CONTENTMGR_SUPER_UPDATE"/> + <SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CONTENTMGR_SUPER_VIEW"/> + <SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="CONTENTMGR_SUPER_VIEW"/> + <SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="CONTENTMGR_ADMIN"/> <SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CONTENTMGR_CREATE"/> <SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CONTENTMGR_DELETE"/> diff --git a/applications/datamodel/data/seed/ContentSeedData.xml b/applications/datamodel/data/seed/ContentSeedData.xml index ef329b14c1..793092fdb9 100644 --- a/applications/datamodel/data/seed/ContentSeedData.xml +++ b/applications/datamodel/data/seed/ContentSeedData.xml @@ -2093,6 +2093,11 @@ ${txt} <DataResource dataResourceId="HELP_TEMPL" dataResourceTypeId="OFBIZ_FILE" objectInfo="applications/content/template/HelpTemplate.ftl" dataTemplateTypeId="FTL" statusId="CTNT_IN_PROGRESS" dataResourceName="Help template file" mimeTypeId="text/html" isPublic="Y"/> <!-- Content Manager security --> + <SecurityPermission description="View operations in the Content Manager without restrictions." permissionId="CONTENTMGR_SUPER_VIEW"/> + <SecurityPermission description="Create operations in the Content Manager without restrictions." permissionId="CONTENTMGR_SUPER_CREATE"/> + <SecurityPermission description="Update operations in the Content Manager without restrictions." permissionId="CONTENTMGR_SUPER_UPDATE"/> + <SecurityPermission description="Delete operations in the Content Manager without restrictions." permissionId="CONTENTMGR_SUPER_DELETE"/> + <SecurityPermission description="ALL operations in the Content Manager without restrictions." permissionId="CONTENTMGR_SUPER_ADMIN"/> <SecurityPermission description="View operations in the Content Manager." permissionId="CONTENTMGR_VIEW"/> <SecurityPermission description="Create operations in the Content Manager." permissionId="CONTENTMGR_CREATE"/> <SecurityPermission description="Update operations in the Content Manager." permissionId="CONTENTMGR_UPDATE"/> @@ -2106,6 +2111,7 @@ ${txt} <SecurityPermission description="Limited Delete operations in the Content Manager." permissionId="CONTENTMGR_ROLE_DELETE"/> <!-- add admin to SUPER permission group --> + <SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="SUPER" permissionId="CONTENTMGR_SUPER_ADMIN"/> <SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="SUPER" permissionId="CONTENTMGR_ADMIN"/> <DataResource dataResourceId="NOCONTENTFOUND" dataResourceTypeId="OFBIZ_FILE" dataTemplateTypeId="NONE" objectInfo="/applications/content/webapp/content/images/nocontentfound.png"
