Access to add and change pages is restricted. See: https://cwiki.apache.org/confluence/display/OFBIZ/Wiki+access

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Access Control Scenario Three

Scenario Description

User X can use any artifact for records determined by Constraint Z.

Current Implementation Example

New Design Implementation Example

This description includes permission expressions that are in the form of ArtifactIdentifier[PermissionsList]. The expressions are illustrative - they are not intended to be some kind of "permission string." How permissions are stored and managed depends upon the Authorization Manager implementation.

The user is assigned these permissions:

Using the static artifact hierarchy

OFBiz/component/entity/EntityName[filter=ConstraintZ]

Using the dynamic artifact hierarchy

OFBiz/component/WebApp/ControllerRequest/ControllerRequestEvent/Service/EntityName[filter=ConstraintZ]
OFBiz/component/WebApp/ControllerView/WidgetScreen/Service/EntityName[filter=ConstraintZ]
(PermissionsList duplicated for every execution path that leads to the entity)

  • No labels