Re: Adding a non existent SecurityPermission to a SecurityPermissionGroup
Yes, but how would you handle the thousand possible entities for entity permissions as outlined David? Jacques From: Bruno Busco bruno.bu...@gmail.com Hi Scott, many thanks for the pointer. This was definitively a well discussed topic. Personally I do not agree with how it it designed right now (with the no-fk) for this two reasons: 1) If a SecurityPermission has not its own entity record there will never be a description field where the user can understand (or remember) what that permission is supposed to be used for. 2) There is no check that an already defined PermissionId is not used again for a different purpose in a different part of the code. Thank you, Bruno 2011/4/13 Scott Gray scott.g...@hotwaxmedia.com http://ofbiz.135035.n4.nabble.com/security-permission-td154203.html#a154208 Regards Scott HotWax Media http://www.hotwaxmedia.com On 12/04/2011, at 10:38 PM, Bruno Busco wrote: Hi, in the https://localhost:8443/webtools/control/EditSecurityGroupPermissionsscreen , using the Add Permission (manually) to Security Group form, it is possible to add a non existent SecurityPermission to a SecurityPermissionGroup. Is this correct? Shouldn't any permission always be defined properly in the SecurityPermission entity before being referenced in a SecurityPermissionGroup? Thank you, Bruno
Adding a non existent SecurityPermission to a SecurityPermissionGroup
Hi, in the https://localhost:8443/webtools/control/EditSecurityGroupPermissionsscreen, using the Add Permission (manually) to Security Group form, it is possible to add a non existent SecurityPermission to a SecurityPermissionGroup. Is this correct? Shouldn't any permission always be defined properly in the SecurityPermission entity before being referenced in a SecurityPermissionGroup? Thank you, Bruno
Re: Adding a non existent SecurityPermission to a SecurityPermissionGroup
http://ofbiz.135035.n4.nabble.com/security-permission-td154203.html#a154208 Regards Scott HotWax Media http://www.hotwaxmedia.com On 12/04/2011, at 10:38 PM, Bruno Busco wrote: Hi, in the https://localhost:8443/webtools/control/EditSecurityGroupPermissionsscreen, using the Add Permission (manually) to Security Group form, it is possible to add a non existent SecurityPermission to a SecurityPermissionGroup. Is this correct? Shouldn't any permission always be defined properly in the SecurityPermission entity before being referenced in a SecurityPermissionGroup? Thank you, Bruno smime.p7s Description: S/MIME cryptographic signature
Re: Adding a non existent SecurityPermission to a SecurityPermissionGroup
Hi Scott, many thanks for the pointer. This was definitively a well discussed topic. Personally I do not agree with how it it designed right now (with the no-fk) for this two reasons: 1) If a SecurityPermission has not its own entity record there will never be a description field where the user can understand (or remember) what that permission is supposed to be used for. 2) There is no check that an already defined PermissionId is not used again for a different purpose in a different part of the code. Thank you, Bruno 2011/4/13 Scott Gray scott.g...@hotwaxmedia.com http://ofbiz.135035.n4.nabble.com/security-permission-td154203.html#a154208 Regards Scott HotWax Media http://www.hotwaxmedia.com On 12/04/2011, at 10:38 PM, Bruno Busco wrote: Hi, in the https://localhost:8443/webtools/control/EditSecurityGroupPermissionsscreen , using the Add Permission (manually) to Security Group form, it is possible to add a non existent SecurityPermission to a SecurityPermissionGroup. Is this correct? Shouldn't any permission always be defined properly in the SecurityPermission entity before being referenced in a SecurityPermissionGroup? Thank you, Bruno