[ https://issues.apache.org/jira/browse/OFBIZ-3632?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Vikas Mayur updated OFBIZ-3632: ------------------------------- Attachment: permission.patch > Extending the service model to specify more complex permissions using > permission service > ---------------------------------------------------------------------------------------- > > Key: OFBIZ-3632 > URL: https://issues.apache.org/jira/browse/OFBIZ-3632 > Project: OFBiz > Issue Type: Improvement > Components: framework, product > Reporter: Vikas Mayur > Priority: Minor > Fix For: SVN trunk > > Attachments: permission.patch > > > At present <permission-service> in the service definition allows only one > permission service. I have extended the <required-permissions> tag to > specify more then one permission services by doing an AND/OR operation. > For instance the following code in service definition > {code} > <required-permissions join-type="AND"> > <permission-service service-name="facilityGenericPermission" > main-action="CREATE"/> > <permission-service service-name="facilityGenericPermission" > main-action="UPDATE"/> > </required-permissions> > {code} > will replace the following code in service implementation. > {code} > <check-permission permission="FACILITY" action="_CREATE"> > <fail-message message="Security Error: to run > setShipmentSettingsFromPrimaryOrder you must have the FACILITY_CREATE or > FACILITY_ADMIN permission"/> > </check-permission> > <check-permission permission="FACILITY" action="_UPDATE"> > <fail-message message="Security Error: to run > setShipmentSettingsFromPrimaryOrder you must have the FACILITY_UPDATE or > FACILITY_ADMIN permission"/> > </check-permission> > {code} > Similarly the code > {code} > <required-permissions join-type="OR"> > <permission-service service-name="facilityGenericPermission" > main-action="CREATE"/> > <permission-service service-name="facilityGenericPermission" > main-action="UPDATE"/> > </required-permissions> > {code} > will replace > {code} > <check-permission permission="FACILITY" action="_CREATE"> > <alt-permission permission="FACILITY" action="_UPDATE"/> > <fail-message message="Security Error: to run createShipmentItem you must > have the FACILITY_CREATE, FACILITY_UPDATE or FACILITY_ADMIN permission"/> > </check-permission> > <check-errors/> > {code} > The patch also contains additional changes where the permission service is > defined in the service definition. > EDITS: Added missing ending \{code\} tag for the last code snippet -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.