Hi Suraj,
I don't see how you could check permissions for an anonymous user.
Maybe by giving anonymous users specific permissions in the context of
ecommerce?
But does it makes sense, I'm not sure. Then maybe as mentioned Rishi we should
fix services like CreateShoppingList
BTW did you cross any issues with anonymous users or is that only you thinking?
Jacques
Le 01/12/2017 à 09:41, Suraj Khurana a écrit :
Thanks everyone for your inputs.
Yes, there are similar occurrences where permission service is defined and
service is used in case of an anonymous user as well.
Example: *CreateShoppingList* and related services
I was presuming we can execute any service as permission service
irrespective of taking *userLogin *into consideration. Please correct me if
I am wrong or missing something.
--
Thanks and Regards,
*Suraj Khurana* | Sr. Enterprise Software Engineer
*HotWax Commerce* by *HotWax Systems*
Plot no. 80, Scheme no. 78, Vijay Nagar, Indore, M.P. India 452010
On Wed, Nov 29, 2017 at 7:35 PM, Rishi Solanki <rishisolan...@gmail.com>
wrote:
If an service implements and do checks for the permissions then it must
have the auth set as true. If any occurrences found then it should be by
mistake and service definition should be fix to match.
So I think the behavior we have is correct, whenever we want to check the
permission it should have the user in context.
Suraj, Any scenario you have in mind where we only require permission
service without user?
Rishi Solanki
Sr Manager, Enterprise Software Development
HotWax Systems Pvt. Ltd.
Direct: +91-9893287847
http://www.hotwaxsystems.com
www.hotwax.co
On Wed, Nov 29, 2017 at 1:39 PM, Scott Gray <scott.g...@hotwaxsystems.com>
wrote:
auth="false" and a permission service are completely incompatible
scenarios. In what situation could you possibly have no userLogin and
successfully run a permission service?
What would you expect to happen instead of the current behavior?
Regards
Scott
On 3 November 2017 at 17:35, Suraj Khurana <suraj.khurana@hotwaxsystems.
com>
wrote:
Hello team,
I noticed that in any service definition if auth is set to false and
permission service is also the service definition, it overrides the
auth
parameter to true by itself.
For quick reference, it is written at *createPermission* method of
*ModelServiceReader* class.
Can someone please elaborate this behavior. IMO, this should not
happen.
--
Thanks and Regards,
*Suraj Khurana* | Sr. Enterprise Software Engineer
*HotWax* *Commerce* by *HotWax Systems*
Plot no. 80, Scheme no. 78, Vijay Nagar, Indore, M.P. India 452010
