Authorization Manager Implementation Details
As was mentioned in the main design document, the org.ofbiz.security.Security abstract class will be converted to an interface, and the Authorization Manager methods will be added to that interface. The authorization manager implementation will be decoupled from the OFBiz framework - making it easier to use third-party authorization libraries.
The proposed new methods are:
// User methods public void createUser(GenericValue userLogin); public void updateUser(GenericValue userLogin); public void deleteUser(GenericValue userLogin); // User Group methods public String createUserGroup(String description); public void updateUserGroup(String userGroupId, String description); public void deleteUserGroup(String userGroupId); // User Group Assignment methods public String assignUserToGroup(String userLoginId, String userGroupId); public void deleteUserFromGroup(String userLoginId, String userGroupId); public String assignGroupToGroup(String childGroupId, String parentGroupId); public void deleteGroupFromGroup(String childGroupId, String parentGroupId);
All methods throw java.security.GeneralSecurityException.