I noticed that the Asset Maint component requires the OFBTOOLS base permission to use the component.
So, I added that permission to a test user login. The Asset Maint component appears for that user
login. When I try to perform any work, I get permissions errors because the Asset Maint component
calls services in other components - which have their own sets of permissions.
Updating a maintenance produced this error message:
"Security Error: to run updateFixedAssetMaint you must have the ACCOUNTING_UPDATE or
ACCOUNTING_ADMIN permission, or the limited ACCOUNTING_ROLE_UPDATE permission calling service
updateFixedAssetMaint in updateFixedAssetMaintAndWorkEffort"
The ACCOUNTING_ROLE_UPDATE permission doesn't exist. I added it manually to the test user login.
After logging out and back in, I still get the same error message. I added the ACCOUNTING_UPDATE
permission to the user login, and I was able to update a maintenance. Problem is, that gives me
permission to update other things in Accounting..
This is the same type of problem I ran into with Forums - the Forum feature calls Content Manager
services which require Content Manager permissions.
I've suggested separating business logic from permissions checking logic in the past, but that got a
mixed response. I could do that with the FixedAssetServices.xml file - move the embedded permissions
checking to a separate service (using the new permissions checking capability).
Any thoughts?
-Adrian
