[jira] Created: (OFBIZ-3632) Extending the service model to specify more complex permissions using permission service

Thu, 01 Apr 2010 05:20:55 -0700 

Extending the service model to specify more complex permissions using 
permission service
----------------------------------------------------------------------------------------

                 Key: OFBIZ-3632
                 URL: https://issues.apache.org/jira/browse/OFBIZ-3632
             Project: OFBiz
          Issue Type: Improvement
          Components: framework, product
            Reporter: Vikas Mayur
            Priority: Minor
             Fix For: SVN trunk


At present <permission-service> in the service definition allows only one 
permission service. I have extended the  <required-permissions> tag to specify 
more then one permission services by doing an AND/OR operation.

For instance the following code in service definition 
{code}
<required-permissions join-type="AND">
    <permission-service service-name="facilityGenericPermission" 
main-action="CREATE"/>
    <permission-service service-name="facilityGenericPermission" 
main-action="UPDATE"/>
</required-permissions>
{code}

will replace the following code in service implementation.

{code}
<check-permission permission="FACILITY" action="_CREATE">
    <fail-message message="Security Error: to run 
setShipmentSettingsFromPrimaryOrder you must have the FACILITY_CREATE or 
FACILITY_ADMIN permission"/>
</check-permission>
<check-permission permission="FACILITY" action="_UPDATE">
    <fail-message message="Security Error: to run 
setShipmentSettingsFromPrimaryOrder you must have the FACILITY_UPDATE or 
FACILITY_ADMIN permission"/>
</check-permission>
{code}

Similarly the code

{code}
<required-permissions join-type="OR">
    <permission-service service-name="facilityGenericPermission" 
main-action="CREATE"/>
    <permission-service service-name="facilityGenericPermission" 
main-action="UPDATE"/>
</required-permissions>
{code}

will replace

{code}
<check-permission permission="FACILITY" action="_CREATE">
    <alt-permission permission="FACILITY" action="_UPDATE"/>
    <fail-message message="Security Error: to run createShipmentItem you must 
have the FACILITY_CREATE, FACILITY_UPDATE or FACILITY_ADMIN permission"/>
</check-permission>
<check-errors/>

The patch also contains additional changes where the permission service is 
defined in the service definition.


-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to