Access to add and change pages is restricted. See: https://cwiki.apache.org/confluence/display/OFBIZ/Wiki+access

  • Created by Unknown User (adrianc@hlmksw.com), last modified on May 15, 2009

Access Control Scenario Three

Scenario Description

User X can use any artifact for records determined by Constraint Z.

Current Implementation Example

New Design Implementation Example

This description includes permission expressions that are in the form of ArtifactIdentifier[PermissionsList]. The expressions are illustrative - they are not intended to be some kind of "permission string." How permissions are stored and managed depends upon the Authorization Manager implementation.

The user is assigned these permissions:

Using the static artifact hierarchy

OFBiz/component/entity/EntityName[filter=ConstraintZ]

Using the dynamic artifact hierarchy

OFBiz/component/WebApp/ControllerRequest/ControllerRequestEvent/Service/EntityName[filter=ConstraintZ]
OFBiz/component/WebApp/ControllerView/WidgetScreen/Service/EntityName[filter=ConstraintZ]
(PermissionsList duplicated for every execution path that leads to the entity)

  • No labels