Adrian Crum wrote: > David E Jones wrote: >> On Dec 28, 2009, at 4:32 PM, Jacques Le Roux wrote: >> >>> From: "Ean Schuessler" <e...@brainfood.com> >>>> Jacques Le Roux wrote: >>>>> Thanks, I saw that but was not sure how to use it. I remember now >>>>> why I >>>>> created Java services. I needed to create a PartyGroup. So initially I >>>>> looked for a service and found createPartyGroup wich is implemented >>>>> by a >>>>> method in PartyServices.java. Then I continued in Java :/. >>>>> Now I wonder what we should do regarding your sentence <<I've >>>>> thought a >>>>> few times that maybe it's not the best idea to do so, and instead >>>>> whenever a party is implied to be in a role if they are not already >>>>> then >>>>> they should be added automatically.>> in >>>>> http://markmail.org/message/j5yprwdv3fgz3rb6 >>>> I always took this to be a security thing, that a role must be >>>> authorized before it can be used in relationships and other structures. >>> If the aplication needs to create a PartyRole, I can't see any >>> reasons to not let it do it automatically >> >> The original idea was to use this as an extra protection, ie so users >> don't describe a party's relationship with something else using a >> certain role if the party isn't really in that role. >> >> The result, however, is that it is cumbersome, a real pain, and a >> common complaint... which is why I'm for changing the default behavior. > > Maybe have it configurable in a properties file, like > requirePartyRole=true or enforcePartyRole=true.
Not the best, as existing code in ofbiz which uses this service may break if that property setting is changed. However, maybe adding a boolean flag to the service definition, defaulted to false, would help. Adding the single flag to all the callers would still be a win, rather than keeping the role creation stuff everywhere.
