Access to add and change pages is restricted. See: https://cwiki.apache.org/confluence/display/OFBIZ/Wiki+access

  • Created by Unknown User (adrianc@hlmksw.com), last modified on May 15, 2009

Access Control Scenario Five

Scenario Description

Artifact Y can be used by any user only for records determined by Constraint Z.

Current Implementation Example

New Design Implementation Example

This description includes permission expressions that are in the form of ArtifactIdentifier[PermissionsList]. The expressions are illustrative - they are not intended to be some kind of "permission string." How permissions are stored and managed depends upon the Authorization Manager implementation.

User group "OFBiz Users" is assigned the following permissions:

Using the static artifact hierarchy

OFBiz/component/entity/EntityName[filter=ConstraintZ]

Using the dynamic artifact hierarchy

OFBiz/component/WebApp/ControllerRequest/ControllerRequestEvent/Service/EntityName[filter=ConstraintZ]
OFBiz/component/WebApp/ControllerView/WidgetScreen/Service/EntityName[filter=ConstraintZ]
(PermissionsList duplicated for every execution path that leads to the entity)

  • No labels