[ http://issues.apache.org/jira/browse/OFBIZ-118?page=comments#action_12423898 ] Adrian Crum commented on OFBIZ-118: -----------------------------------
We implemented something along those lines here. Different roles within our company are allowed to view only parties who are in certain other roles. Example: Employee in role PurchasingAgent can only view parties/party groups who are in the role of Supplier. Same goes for employee in role SalesPerson can only view parties/party groups that have the role Dealer or Consumer. We had to use custom data entry screens and a small java service to implement this. In addition, we implemented a concept called an Organization Context. The idea is similar to popular accounting packages that have you log in to a company. Once logged in, you only see the data for that company. In our implementation, the user logs into an Organization Context and the data presentation is narrowed down even further. So, the employee in the role PurchasingAgent can only view parties/party groups who are in the role of Supplier AND only those Suppliers who are members of the Organization Context the user logged into. Having something along those lines built into OFBiz would be great, but I see where each deployment would have its own set of rules. I'm not sure how much of it can be accomodated "out of the box." > Roles and Security for Display of data. > --------------------------------------- > > Key: OFBIZ-118 > URL: http://issues.apache.org/jira/browse/OFBIZ-118 > Project: OFBiz (The Open for Business Project) > Issue Type: Improvement > Components: accounting, content, ecommerce, humanres, manufacturing, > marketing, order, party, product, workeffort > Affects Versions: SVN trunk > Reporter: BJ Freeman > > There is a need to be able to block viewing info except that info that may > pertain to that login (partyID) > The is not taking into consideration Admin or Managers levels. > for instance you have employees who should not be able to see each others > profiles, payroll information, and/or time sheets, as a few examples. > another area, if an communication event is set to private, no one but the > party ID associated with the email address should be able to see them. > So this is a discussion about how to best implement this. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
