[
https://issues.apache.org/jira/browse/OFBIZ-2418?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
David E. Jones closed OFBIZ-2418.
-
Resolution: Fixed
This should be fixed now, with SVN rev 771193 in the trunk and 771196 in the
r
I don't see us agreeing on anything. I'm saying each artifact is responsible
for its own security. You're saying security is defined by a process.
If you were to view a collection of artifacts - each responsible for its own
security - defining some kind of process-driven security, then that mig
[
https://issues.apache.org/jira/browse/OFBIZ-2418?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
David E. Jones reassigned OFBIZ-2418:
-
Assignee: David E. Jones
> entity-engine-transform-xml does not support component:// nota
I like to think of it more as process-driven permission vs artifact
driven permissions, because the "permission string" is defined to
match a specific process. Other than that I think we finally agreed on
something.. Ha! :)
On May 4, 2009, at 1:55 AM, Adrian Crum wrote:
--- On Sun, 5/3/0
--- On Sun, 5/3/09, Andrew Zeneski wrote:
> The question I believe now is, which is better? I
> personally think in terms of processes which is why what I
> proposed was all process based. However, artifact based may
> be more granular, but possibly too granular. If I understand
> this right, art
Hello Hans,
To see what has been changed you can see the discussion & patch attached
on the JIRA issue: https://issues.apache.org/jira/browse/OFBIZ-2404
Thanks for the confirmation & fast turn around on this ! :)
--
Ashish
Hans Bakker wrote:
Hi Ashish,
I was not aware it was changed, just c
On May 1, 2009, at 5:21 PM, Ean Schuessler wrote:
I've been looking at the price rules code that allows you to reset
the price to the promotion price under certain conditions. I have a
situation where I would like to have several different price types
configured and then set the product pr
Hi Ashish,
I was not aware it was changed, just checked and yes i am using the
latest version in the release09.04 branch
i did not see anything going wrong, so yes, it is working.
Regards,
Hans
On Mon, 2009-05-04 at 10:24 +0530, Ashish Vijaywargiya wrote:
> Hello Hans,
>
> It looks like that yo
Okay, so it seems that Adrian and I have a very similar idea. The only
major difference I see is one is artifact based and the other is
process based. In the artifact based system, each artifact needs to
register itself, and somehow the framework needs to know how to
process access control
Hello Hans,
It looks like that you are using mergefromtrunk.sh for committing this
change.
Am I right ?
On Saturday there was a problem in this file and I have fixed that
problem on the same day.
Just wanted to confirm that are you using that file for committing the
code and its working fine
entity-engine-transform-xml does not support component:// notation?
---
Key: OFBIZ-2418
URL: https://issues.apache.org/jira/browse/OFBIZ-2418
Project: OFBiz
Issue Type: Bug
Understood.
If there is any interest in the design, and we start to flesh it out, I'm sure
those scenarios could be presented and addressed.
-Adrian
--- On Sun, 5/3/09, Andrew Zeneski wrote:
> From: Andrew Zeneski
> Subject: Re: Domain Based Security ( was re: Authz...)
> To: dev@ofbiz.apa
Because no matter how we design security for the default
implementation in OFBiz there will always be some industry, or
business requirement that is not covered, there is no way we can plan
for every possible scenario. Thus, we need to make sure there are
simple ways to modify the default b
--- On Sun, 5/3/09, Andrew Zeneski wrote:
> What you are describing here is very similar to the
> process-based authorization system which I proposed, the
> main differences is in my proposal everything is defined in
> a process [permission] string where this is based on
> artifacts. I think I ne
What you are describing here is very similar to the process-based
authorization system which I proposed, the main differences is in my
proposal everything is defined in a process [permission] string where
this is based on artifacts. I think I need to understand this more, as
I don't really
Ryan,
I just updated my local copy and saw the new theme for the first time. Awesome
job! I really like it!
-Adrian
--- On Sun, 5/3/09, Ryan Foster wrote:
> From: Ryan Foster
> Subject: Re: svn commit: r770998 - in /ofbiz/branches/release09.04: ./
> themes/bizznesstime/ themes/bizznesstime
Ryan Foster wrote:
> Initially, it started out as a bug fix. We began by simply trying to
> fix all of the issues with Smoothfeather that were listed in various
> JIRA issues, but as we went along it became more and more apparent that
> although the design was good, the original markup was not. W
Initially, it started out as a bug fix. We began by simply trying to
fix all of the issues with Smoothfeather that were listed in various
JIRA issues, but as we went along it became more and more apparent
that although the design was good, the original markup was not. We
ended up having t
From: "Jacques Le Roux"
Checking artifacts info I have noticed some unrelated errors though:
2009-05-03 20:40:12,640 (http-0.0.0.0-18443-3) [ServiceArtifactInfo.java:90 :WARN ] Error getting Simple-method
[makeCommunicationEventWorkEffort] in [component://party/script/org/ofbiz/workeffort/work
Mine has salsa splattered on it - I don't know what it says.
-Adrian
--- On Sun, 5/3/09, Jacques Le Roux wrote:
> From: Jacques Le Roux
> Subject: Re: Authz API Discussion (was re: svn commit: r770084)
> To: dev@ofbiz.apache.org
> Date: Sunday, May 3, 2009, 1:18 PM
> From: "Adam Heath"
> >
From: "David E Jones"
Wow, thanks Jacques. This is a great thing to see done.
Bah, was easy replaced all
\R
by
void
Hopefully, no worries (crossing fingers, but I'm pretty sure it's ok)
On a side note for those reading in: this change impacts a lot of stuff and
will cause problems anyw
From: "Adam Heath"
David E Jones wrote:
It looks like what I was afraid of is EXACTLY what happened. Andrew and
various others seem simply not interested in feedback being convinced of
what they have presented and not wanted to admit any appearance of
fault, which appreciating and using feedba
Adam Heath wrote:
> Have you considered doing a git or mercurial branch of all these changes?
hg clone http://hg.webslinger.org/hg/ofbiz.apache.org/
I have that machine subscribed to the commits mailing list, and it is
automatically updated whenever a commit is done to subversion. It
even has al
Inline...
Please don't revert the rest of the code. The point is that this
needs time to mature, so it should stay in there but not become the
default... not YET anyway.
I will leave the what was implemented alone for the time being.
Also, please don't be personally offended by this. J
Anil Patel wrote:
>> Part of the point (if I remember right) of putting permission logic
>> into little services was to help keep it consistent when that service
>> is called in multiple places, especially in the input processing
>> service and the output generating screen.
> How is writing "acctgI
Don't need to actually respond to any particular thing David said,
just reusing his change of subject for my email.
==
PermissionNameOrPattern Command Action Roles
--- --- -- -
/Path/To/Resource UPDATE ALLOW \
(FOO_ADMIN|FOO_UPDATE)&FOO_TRAINED
/P
Andrew Zeneski wrote:
> I must admit this is very disappointing, and not a very "community" sort
> of thing I would expect from someone who is an advocate for a
> "community". Instead, this is a very tyrannical approach to the whole
> thing and very disrespectful. So far the two people who have not
David E Jones wrote:
> It looks like what I was afraid of is EXACTLY what happened. Andrew and
> various others seem simply not interested in feedback being convinced of
> what they have presented and not wanted to admit any appearance of
> fault, which appreciating and using feedback naturally do
On May 3, 2009, at 1:36 PM, David E Jones wrote:
On May 3, 2009, at 4:57 AM, Adrian Crum wrote:
--- On Sat, 5/2/09, David E Jones
wrote:
My personal opinion on this is that the design has only
subjective improvements and most of it is a big step
backwards (easier but less flexible, for
On May 3, 2009, at 2:43 PM, Anil Patel wrote:
Inline.
On May 3, 2009, at 1:36 PM, David E Jones wrote:
On May 3, 2009, at 4:57 AM, Adrian Crum wrote:
--- On Sat, 5/2/09, David E Jones
wrote:
My personal opinion on this is that the design has only
subjective improvements and most of i
Inline.
On May 3, 2009, at 1:36 PM, David E Jones wrote:
On May 3, 2009, at 4:57 AM, Adrian Crum wrote:
--- On Sat, 5/2/09, David E Jones
wrote:
My personal opinion on this is that the design has only
subjective improvements and most of it is a big step
backwards (easier but less flexib
I fixed a similar issue in the Bluelight theme. Check the commit logs.
-Adrian
--- On Sun, 5/3/09, Jacques Le Roux (JIRA) wrote:
> From: Jacques Le Roux (JIRA)
> Subject: [jira] Commented: (OFBIZ-2312) Styling flaws in smoothfeather
> To: dev@ofbiz.apache.org
> Date: Sunday, May 3, 2009, 11:
I made BizznessTime theme the default theme (in r771074 and of course trunk
only).
But I have just found an annoying, but not blocking issue : in you are logged
of you can't login to webtools directly.
The "For something interesting make sure you are logged in, try username: admin, password: ofb
[
https://issues.apache.org/jira/browse/OFBIZ-2312?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12705432#action_12705432
]
Jacques Le Roux commented on OFBIZ-2312:
I made BizznessTime theme the default them
Just for clarification, my proposal did include a new way to write
permissions using groovy, but it also supports permissions as services
ad well as a new interface to implement very common permission
checking routines for re-usability.
This was only one part of the proposal, the main focu
Wow, thanks Jacques. This is a great thing to see done.
On a side note for those reading in: this change impacts a lot of
stuff and will cause problems anywhere that something in these script
directories is still being referred to from the classpath. Hopefully
all of those are fixed, but s
Which parts are you having trouble understanding? I'm sure someone
(probably even the original author in most cases) would be happy to
try to clarify it for you.
-David
On May 3, 2009, at 11:20 AM, Shi Yusen wrote:
Do me a favor please! Please use simple English as this is an
internatio
On May 3, 2009, at 4:57 AM, Adrian Crum wrote:
--- On Sat, 5/2/09, David E Jones wrote:
My personal opinion on this is that the design has only
subjective improvements and most of it is a big step
backwards (easier but less flexible, for the services versus
direct permission part anyway, and
Do me a favor please! Please use simple English as this is an
international community. Too many times I cannot understand long
emails. :(
If you want to discuss something complicated, please use PMC mail list.
Regards,
Shi Yusen/Beijing Langhua Ltd.
Done at revision: 771090
Jacques
From: "David E Jones"
To remove the script directories from the classpath you would remove
their classpath entries from the various ofbiz-component.xml files (ie
that is where they are added to the classpath).
-David
On Apr 22, 2009, at 4:13 AM, Jacq
On May 3, 2009, at 10:13 AM, Andrew Zeneski wrote:
So, the revert was warranted because only you saw fit to revert it.
Maybe I should start looking over your code and reverting things I
don't agree with. That would surely drive a this community in the
right direction .
You may have meant
Please don't revert the rest of the code. The point is that this needs
time to mature, so it should stay in there but not become the
default... not YET anyway.
Also, please don't be personally offended by this. Just because there
are comments and feedback doesn't mean something has no mer
--- On Sat, 5/2/09, David E Jones wrote:
> My personal opinion on this is that the design has only
> subjective improvements and most of it is a big step
> backwards (easier but less flexible, for the services versus
> direct permission part anyway, and we decided long ago that
> flexibility was
I must admit this is very disappointing, and not a very "community"
sort of thing I would expect from someone who is an advocate for a
"community". Instead, this is a very tyrannical approach to the whole
thing and very disrespectful. So far the two people who have not seen
this being a gre
On Saturday 02 May 2009, BJ Freeman (JIRA) wrote:
> [
> https://issues.apache.org/jira/browse/OFBIZ-2346?page=com.atlassian.jira.pl
>ugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12705203#action
>_12705203 ]
>
> BJ Freeman commented on OFBIZ-2346:
> --
[
https://issues.apache.org/jira/browse/OFBIZ-2312?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12705425#action_12705425
]
Jacques Le Roux edited comment on OFBIZ-2312 at 5/3/09 8:54 AM:
-
[
https://issues.apache.org/jira/browse/OFBIZ-2312?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12705425#action_12705425
]
Jacques Le Roux commented on OFBIZ-2312:
Actually I did not notice at 1st glance bu
[
https://issues.apache.org/jira/browse/OFBIZ-2398?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12705342#action_12705342
]
Jacques Le Roux edited comment on OFBIZ-2398 at 5/3/09 8:49 AM:
-
I guess the real question remains how we'll end up using this versus having
pages inside of our site. Heck, do both! Thanks Jacques.
Cheers,
Tim
--
Tim Ruppert
HotWax Media
http://www.hotwaxmedia.com
o:801.649.6594
f:801.649.6595
- "Jacques Le Roux" wrote:
> Hi Ashish,
>
> The blog is
I can totally understand why people would think this is something new, but it's
literally replacing a foundation that was not solid enough to be out there for
people to use. My vote would be to make this the new smooth feather and look
for more incremental fixes in the future. The old theme ju
Hi Ashish,
The blog is available at http://blogs.apache.org/ofbiz/. It's PMC driven as we want to moderate content. But any annouce regarding
OFBiz may be examined by the OFBiz PMC.
Thanks
Jacques
From: "Jacques Le Roux"
+1 for this idea
I have just asked a blog for OFBiz following
http:
--- On Sat, 5/2/09, David E Jones wrote:
> My personal opinion on this is that the design has only
> subjective improvements and most of it is a big step
> backwards (easier but less flexible, for the services versus
> direct permission part anyway, and we decided long ago that
> flexibility was
I didn't change it so that you could get a node by index number. I changed it
because the framework handles Lists easily, and the result is less
Node-specific code.
-Adrian
--- On Sat, 5/2/09, Scott Gray wrote:
> From: Scott Gray
> Subject: Re: svn commit: r770990 - in /ofbiz/trunk/framewo
>From what I understand, the Smoothfeather theme is broken, and instead of
>fixing it, it is being replaced by a new theme. If that's the case, and the
>new theme is the default and the one that will be maintained, then we should
>probably make that change in the release too.
Yes, it looks lik
Hi Andrew,
inline...
From: "Andrew Zeneski"
Jacques,
Honestly, in my initial plan I only had 4 permissions create,read,update and
delete. Then after thinking about it, access seemed
to be a nice extra permission to limit access to applications. Read is nothing
more than what view is toda
Great movement! Exciting!
Only one question, I read your document and I'm not sure whether it's
easy to support multiple OUs of sales, for example:
access:sfa:langhua egovernment sales unit:opportunity
access:sfa:langhua ecomerce sales unit:opportunity
access:sfa:langhua chemistry sales unit:oppor
This will replace SmoothFeather which is unusable. So it can be seen as a
SmoothFeather bug fix.
Do you really want to let the R9.04 without this appealing feature ?
And this should not introduce regression if you don't use it since it's
isolated as a theme.
I hope I'm not the sole person to th
From: "David E Jones"
It sounds like that stuff needs a LOT of cleaning up before it goes into the
trunk...
Do you say that only from my message below or did you test and review the
component ?
I don't think this makes sense to put into its own component and should (like the older Axis st
58 matches
Mail list logo