Hello Alexander, It looks like you need to explore Role Based Permission in OFBiz. Following document can be helpful to you:
https://cwiki.apache.org/confluence/x/NIBr Additionally following links can be referred: https://www.hotwaxsystems.com/hotwax-blog/ofbiz/ofbiz-tutorials/ofbiz-tutorial-how-to-setup-permission-for-a-new-user-to-access-an-application https://medium.com/@anchitjindal91/ofbiz-security-groups-permissions-63af179355d0 -- Kind Regards, Ashish Vijaywargiya Vice President of Operations *HotWax Systems* *Enterprise open source experts* http://www.hotwaxsystems.com On Fri, Mar 7, 2025 at 3:28 PM Alexander Bolgarin < [email protected]> wrote: > > > > Dear OFBiz Community, > > > > > > Kindly ask to help with Permission check questions. I’m seeking > > clarification on how permission checks work for entities in OFBiz and > would > > appreciate any insights or pointers to relevant documentation. Below are > > some specific scenarios I’m trying to understand: > > > > 1. Restricting User A to Purchase Orders Only > > I’d like to restrict User A so they can only work with purchase > > orders. This would require the permission check to examine the > > ORDER_HEADER entity, specifically the ORDER_TYPE_ID field. If it > > equals "PURCHASE_ORDER", the user should be allowed to create, edit, > > or delete the order; if it equals "SALES_ORDER", these actions should > > be prohibited. Based on the demo data, it seems this is achievable > with > > standard functionality. Can someone confirm how this is typically > > implemented? > > 2. Granular Permissions Across Parties > > Is it possible to configure permissions so User A can: > > - Create purchase orders for Party "Company1" (an internal > > organization). > > - Create sales orders for Party "Company2". > > If so, how would this be set up? > > 3. Restricting Accountant to Specific GL Account Types > > Can I allow an accountant to use GL Accounts in GL Transactions, but > > only for accounts where GL_ACCOUNT_TYPE_ID is either "Customer" or > > "Supplier"? Is there a way to limit access to just these types and > > exclude all others? > > > > Lastly, is there a resource (e.g., documentation, wiki, or code comments) > > that explains how security checks work in OFBiz? I’d love to dive deeper > > into the mechanics of permissions and entity-level access control. > > Thanks in advance for your help! > > > > Best regards, > > Alexander > > >
