Versions Compared

Old Version 23

changes.mady.by.user Unknown User (pandeypranay.1)

Saved on

compared with

New Version 24

changes.mady.by.user Unknown User (pandeypranay.1)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note : Important point to note here is that the person 'Mr. THE PRIVILEGED ADMINISTRATOR' has a partyid admin has multiple logins as listed in the
User Name(s) form.
Step : 4 - We interested in the admin user login so click on the 'Security Groups' button and confirm that the use 'admin' is part of the 'FULLADMIN' group. The Groups that the user belongs to is shown in the bottom list form Drill down on the FULLADMIN.
Step : 5 - Click on the Permissions tab. This tab shows all the permissions for the FULLADMIN security group. Navigate between the permissions till you find the OFBTOOLS permissions.
'OFBTOOLS_VIEW Permission to access the Stock OFBiz Manager Applications.' This confirms that the userlogin 'admin' has the permission 'OFBTOOLS'
Step : 6 - Take a moment  to review the entity model as it relates to users and permissions. The arrow represents the many side of the relationship.

An really important reading at this moment is at : OFBiz Security
 

Creating the web app:

Step - 1 : Create a "webapp" directory in the practice component (hot-deploy/practice/webapp).
This directory contains all the webapp related files for the component we are creating.

...

These requests are needed to add in your controller only when you have not included any of the other component controller which consist of these requests. So if you have already included common-controller.xml file then you don't need to explicitly do these entries in your controller.    
and the same view we have in place can be used for which we have entry in common-controller.xml file we can also have our own:

Code Block
     <view-map name="login" type="screen" page="component://common/widget/CommonScreens.xml#login"/>




Step - 2 :  Make changes in requests in controller.xml file make auth="true" means now these requests needs authentication.
             This is first security level which you have implemented. you request should look like :

Code Block
    <request-map uri="main">
               <security https="true" auth="true"/>
               <response name="success" type="view" value="main"/>
               <response name="error" type="view" value="main"/>
       </request-map> 
map>




Now run your application and observe the difference. you can login by user name : admin and pwd: ofbiz

...

           This new feature enables you to just define the services by mentioning the operation you want to perform.Basically just set the engine attribute to "entity-auto" and the   invoke attribute to "create", "update", or "delete".
like you can take a look in the following code from services.xml of example component:  

Code Block
<service name="createExample" default-entity-name="Example" engine="entity-auto" invoke="create" auth="true">
        <description>Create a Example</description>
        <permission-service service-name="exampleGenericPermission" main-action="CREATE"/>
        <auto-attributes include="pk" mode="OUT" optional="false"/>
        <auto-attributes include="nonpk" mode="IN" optional="true"/>
        <override name="exampleTypeId" optional="false"/>
        <override name="statusId" optional="false"/>
        <override name="exampleName" optional="false"/>
    </service>

...