Re: svn commit: r1350843 - in /ofbiz/trunk/framework/service
Locked
Re: svn commit: r1350843 - in /ofbiz/trunk/framework/service
 
|
Hans,
I have a few concerns about your recent work on seed/security data: 1) in this commit you moved data in the wrong file only to support the new mechanism; the data you moved is really "security" data, even if it is needed by the system to work properly 2) with your recent changes you have broken the contract that says that an instance with seed data only should work fine (all the data "hardcoded" in source code should be shipped as seed, and the "system" user is an example of this); see for example: OFBIZ-4936 3) you clearly didn't fully test the impact of your changes in all the scenarios and you are doing this by trial and error in several commits I am really tempted to ask you to revert all the recent work you did in this area and rediscuss with the community... what do other think about this topic? Kind regards, Jacopo On Jun 16, 2012, at 4:51 AM, [hidden email] wrote: > Author: hansbak > Date: Sat Jun 16 02:51:18 2012 > New Revision: 1350843 > > URL: http://svn.apache.org/viewvc?rev=1350843&view=rev > Log: > move service security data to seed data > > Removed: > ofbiz/trunk/framework/service/data/ServiceSecurityData.xml > Modified: > ofbiz/trunk/framework/service/data/ServiceSeedData.xml > ofbiz/trunk/framework/service/ofbiz-component.xml > > Modified: ofbiz/trunk/framework/service/data/ServiceSeedData.xml > URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/data/ServiceSeedData.xml?rev=1350843&r1=1350842&r2=1350843&view=diff > ============================================================================== > --- ofbiz/trunk/framework/service/data/ServiceSeedData.xml (original) > +++ ofbiz/trunk/framework/service/data/ServiceSeedData.xml Sat Jun 16 02:51:18 2012 > @@ -19,6 +19,11 @@ under the License. > --> > > <entity-engine-xml> > + <!-- Remote Service security --> > + <SecurityPermission description="Permission to invoke any service remotely." permissionId="SERVICE_INVOKE_ANY"/> > + <SecurityGroupPermission groupId="FULLADMIN" permissionId="SERVICE_INVOKE_ANY"/> > + <SecurityGroupPermission groupId="FLEXADMIN" permissionId="SERVICE_INVOKE_ANY"/> > + > <!-- Temporal Expression seed data --> > > <!-- Pre-define all 60 minutes --> > > Modified: ofbiz/trunk/framework/service/ofbiz-component.xml > URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/ofbiz-component.xml?rev=1350843&r1=1350842&r2=1350843&view=diff > ============================================================================== > --- ofbiz/trunk/framework/service/ofbiz-component.xml (original) > +++ ofbiz/trunk/framework/service/ofbiz-component.xml Sat Jun 16 02:51:18 2012 > @@ -31,7 +31,6 @@ under the License. > <entity-resource type="data" reader-name="seed" loader="main" location="data/ScheduledServiceData.xml"/> > <entity-resource type="data" reader-name="seed-initial" loader="main" location="data/ScheduledServices.xml"/> > <entity-resource type="data" reader-name="seed" loader="main" location="data/ServiceSeedData.xml"/> > - <entity-resource type="data" reader-name="security" loader="main" location="data/ServiceSecurityData.xml"/> > <entity-resource type="data" reader-name="demo" loader="main" location="data/ServiceDemoData.xml"/> > > <service-resource type="model" loader="main" location="servicedef/services.xml"/> > > |
Re: svn commit: r1350843 - in /ofbiz/trunk/framework/service
Administrator
|
I did not get a chance to look at any details. Please Hans, if things are broken fix them following a community consensus...
In other words to be discussed further. I note though that Jacopo has already given good arguments for a complete revert and correct rewriting... Trunk is edge but not test bed Jacques From: "Jacopo Cappellato" <[hidden email]> > Hans, > > I have a few concerns about your recent work on seed/security data: > > 1) in this commit you moved data in the wrong file only to support the new mechanism; the data you moved is really "security" > data, even if it is needed by the system to work properly > 2) with your recent changes you have broken the contract that says that an instance with seed data only should work fine (all the > data "hardcoded" in source code should be shipped as seed, and the "system" user is an example of this); see for example: > OFBIZ-4936 > 3) you clearly didn't fully test the impact of your changes in all the scenarios and you are doing this by trial and error in > several commits > > I am really tempted to ask you to revert all the recent work you did in this area and rediscuss with the community... what do > other think about this topic? > > Kind regards, > > Jacopo > > On Jun 16, 2012, at 4:51 AM, [hidden email] wrote: > >> Author: hansbak >> Date: Sat Jun 16 02:51:18 2012 >> New Revision: 1350843 >> >> URL: http://svn.apache.org/viewvc?rev=1350843&view=rev >> Log: >> move service security data to seed data >> >> Removed: >> ofbiz/trunk/framework/service/data/ServiceSecurityData.xml >> Modified: >> ofbiz/trunk/framework/service/data/ServiceSeedData.xml >> ofbiz/trunk/framework/service/ofbiz-component.xml >> >> Modified: ofbiz/trunk/framework/service/data/ServiceSeedData.xml >> URL: >> http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/data/ServiceSeedData.xml?rev=1350843&r1=1350842&r2=1350843&view=diff >> ============================================================================== >> --- ofbiz/trunk/framework/service/data/ServiceSeedData.xml (original) >> +++ ofbiz/trunk/framework/service/data/ServiceSeedData.xml Sat Jun 16 02:51:18 2012 >> @@ -19,6 +19,11 @@ under the License. >> --> >> >> <entity-engine-xml> >> + <!-- Remote Service security --> >> + <SecurityPermission description="Permission to invoke any service remotely." permissionId="SERVICE_INVOKE_ANY"/> >> + <SecurityGroupPermission groupId="FULLADMIN" permissionId="SERVICE_INVOKE_ANY"/> >> + <SecurityGroupPermission groupId="FLEXADMIN" permissionId="SERVICE_INVOKE_ANY"/> >> + >> <!-- Temporal Expression seed data --> >> >> <!-- Pre-define all 60 minutes --> >> >> Modified: ofbiz/trunk/framework/service/ofbiz-component.xml >> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/ofbiz-component.xml?rev=1350843&r1=1350842&r2=1350843&view=diff >> ============================================================================== >> --- ofbiz/trunk/framework/service/ofbiz-component.xml (original) >> +++ ofbiz/trunk/framework/service/ofbiz-component.xml Sat Jun 16 02:51:18 2012 >> @@ -31,7 +31,6 @@ under the License. >> <entity-resource type="data" reader-name="seed" loader="main" location="data/ScheduledServiceData.xml"/> >> <entity-resource type="data" reader-name="seed-initial" loader="main" location="data/ScheduledServices.xml"/> >> <entity-resource type="data" reader-name="seed" loader="main" location="data/ServiceSeedData.xml"/> >> - <entity-resource type="data" reader-name="security" loader="main" location="data/ServiceSecurityData.xml"/> >> <entity-resource type="data" reader-name="demo" loader="main" location="data/ServiceDemoData.xml"/> >> >> <service-resource type="model" loader="main" location="servicedef/services.xml"/> >> >> > > |
Re: svn commit: r1350843 - in /ofbiz/trunk/framework/service
|
In reply to this post by Jacopo Cappellato-4
Please see my other comment i send, before i could read the info below.
The security data consist out of security data, but in there is also a part 'seed' data what always will be required even if the component security data is not loaded. I moved that in the security and service component back to seed. With this change the default is now : no access to any component instead of the default access to all components To be backwards compatible one can load all security data and the situation is then the same as before this change and nothing is broken when that is done. To make the system operate without any errors in the log with only seed/extseed we need this extra securitygroup 'SYSTEM' When the community agrees to that , i can implement that in a few hours. Regards, Hans On 06/16/2012 11:16 AM, Jacopo Cappellato wrote: > Hans, > > I have a few concerns about your recent work on seed/security data: > > 1) in this commit you moved data in the wrong file only to support the new mechanism; the data you moved is really "security" data, even if it is needed by the system to work properly > 2) with your recent changes you have broken the contract that says that an instance with seed data only should work fine (all the data "hardcoded" in source code should be shipped as seed, and the "system" user is an example of this); see for example: OFBIZ-4936 > 3) you clearly didn't fully test the impact of your changes in all the scenarios and you are doing this by trial and error in several commits > > I am really tempted to ask you to revert all the recent work you did in this area and rediscuss with the community... what do other think about this topic? > > Kind regards, > > Jacopo > > On Jun 16, 2012, at 4:51 AM, [hidden email] wrote: > >> Author: hansbak >> Date: Sat Jun 16 02:51:18 2012 >> New Revision: 1350843 >> >> URL: http://svn.apache.org/viewvc?rev=1350843&view=rev >> Log: >> move service security data to seed data >> >> Removed: >> ofbiz/trunk/framework/service/data/ServiceSecurityData.xml >> Modified: >> ofbiz/trunk/framework/service/data/ServiceSeedData.xml >> ofbiz/trunk/framework/service/ofbiz-component.xml >> >> Modified: ofbiz/trunk/framework/service/data/ServiceSeedData.xml >> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/data/ServiceSeedData.xml?rev=1350843&r1=1350842&r2=1350843&view=diff >> ============================================================================== >> --- ofbiz/trunk/framework/service/data/ServiceSeedData.xml (original) >> +++ ofbiz/trunk/framework/service/data/ServiceSeedData.xml Sat Jun 16 02:51:18 2012 >> @@ -19,6 +19,11 @@ under the License. >> --> >> >> <entity-engine-xml> >> +<!-- Remote Service security --> >> +<SecurityPermission description="Permission to invoke any service remotely." permissionId="SERVICE_INVOKE_ANY"/> >> +<SecurityGroupPermission groupId="FULLADMIN" permissionId="SERVICE_INVOKE_ANY"/> >> +<SecurityGroupPermission groupId="FLEXADMIN" permissionId="SERVICE_INVOKE_ANY"/> >> + >> <!-- Temporal Expression seed data --> >> >> <!-- Pre-define all 60 minutes --> >> >> Modified: ofbiz/trunk/framework/service/ofbiz-component.xml >> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/ofbiz-component.xml?rev=1350843&r1=1350842&r2=1350843&view=diff >> ============================================================================== >> --- ofbiz/trunk/framework/service/ofbiz-component.xml (original) >> +++ ofbiz/trunk/framework/service/ofbiz-component.xml Sat Jun 16 02:51:18 2012 >> @@ -31,7 +31,6 @@ under the License. >> <entity-resource type="data" reader-name="seed" loader="main" location="data/ScheduledServiceData.xml"/> >> <entity-resource type="data" reader-name="seed-initial" loader="main" location="data/ScheduledServices.xml"/> >> <entity-resource type="data" reader-name="seed" loader="main" location="data/ServiceSeedData.xml"/> >> -<entity-resource type="data" reader-name="security" loader="main" location="data/ServiceSecurityData.xml"/> >> <entity-resource type="data" reader-name="demo" loader="main" location="data/ServiceDemoData.xml"/> >> >> <service-resource type="model" loader="main" location="servicedef/services.xml"/> >> >> |
Re: svn commit: r1350843 - in /ofbiz/trunk/framework/service
|
|
In reply to this post by Jacopo Cappellato-4
FULLADMIN and FLEXADMIN are demo user groups, therefore they belong in demo data - not seed data.
-Adrian On 6/16/2012 3:51 AM, [hidden email] wrote: > Author: hansbak > Date: Sat Jun 16 02:51:18 2012 > New Revision: 1350843 > > URL: http://svn.apache.org/viewvc?rev=1350843&view=rev > Log: > move service security data to seed data > > Removed: > ofbiz/trunk/framework/service/data/ServiceSecurityData.xml > Modified: > ofbiz/trunk/framework/service/data/ServiceSeedData.xml > ofbiz/trunk/framework/service/ofbiz-component.xml > > Modified: ofbiz/trunk/framework/service/data/ServiceSeedData.xml > URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/data/ServiceSeedData.xml?rev=1350843&r1=1350842&r2=1350843&view=diff > ============================================================================== > --- ofbiz/trunk/framework/service/data/ServiceSeedData.xml (original) > +++ ofbiz/trunk/framework/service/data/ServiceSeedData.xml Sat Jun 16 02:51:18 2012 > @@ -19,6 +19,11 @@ under the License. > --> > > <entity-engine-xml> > +<!-- Remote Service security --> > +<SecurityPermission description="Permission to invoke any service remotely." permissionId="SERVICE_INVOKE_ANY"/> > +<SecurityGroupPermission groupId="FULLADMIN" permissionId="SERVICE_INVOKE_ANY"/> > +<SecurityGroupPermission groupId="FLEXADMIN" permissionId="SERVICE_INVOKE_ANY"/> > + > <!-- Temporal Expression seed data --> > > <!-- Pre-define all 60 minutes --> > > Modified: ofbiz/trunk/framework/service/ofbiz-component.xml > URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/ofbiz-component.xml?rev=1350843&r1=1350842&r2=1350843&view=diff > ============================================================================== > --- ofbiz/trunk/framework/service/ofbiz-component.xml (original) > +++ ofbiz/trunk/framework/service/ofbiz-component.xml Sat Jun 16 02:51:18 2012 > @@ -31,7 +31,6 @@ under the License. > <entity-resource type="data" reader-name="seed" loader="main" location="data/ScheduledServiceData.xml"/> > <entity-resource type="data" reader-name="seed-initial" loader="main" location="data/ScheduledServices.xml"/> > <entity-resource type="data" reader-name="seed" loader="main" location="data/ServiceSeedData.xml"/> > -<entity-resource type="data" reader-name="security" loader="main" location="data/ServiceSecurityData.xml"/> > <entity-resource type="data" reader-name="demo" loader="main" location="data/ServiceDemoData.xml"/> > > <service-resource type="model" loader="main" location="servicedef/services.xml"/> > > |
Re: svn commit: r1350843 - in /ofbiz/trunk/framework/service
|
|
In reply to this post by Jacopo Cappellato-4
It would have been nice if we could have discussed the need and design a
solution. When Hans proposed this idea, I said I didn't like the implementation, and Scott said he couldn't understand the use case. A few days later the changes were committed. So, we really didn't get a chance to participate in a discussion about it. -Adrian On 6/16/2012 5:16 AM, Jacopo Cappellato wrote: > Hans, > > I have a few concerns about your recent work on seed/security data: > > 1) in this commit you moved data in the wrong file only to support the new mechanism; the data you moved is really "security" data, even if it is needed by the system to work properly > 2) with your recent changes you have broken the contract that says that an instance with seed data only should work fine (all the data "hardcoded" in source code should be shipped as seed, and the "system" user is an example of this); see for example: OFBIZ-4936 > 3) you clearly didn't fully test the impact of your changes in all the scenarios and you are doing this by trial and error in several commits > > I am really tempted to ask you to revert all the recent work you did in this area and rediscuss with the community... what do other think about this topic? > > Kind regards, > > Jacopo > > On Jun 16, 2012, at 4:51 AM, [hidden email] wrote: > >> Author: hansbak >> Date: Sat Jun 16 02:51:18 2012 >> New Revision: 1350843 >> >> URL: http://svn.apache.org/viewvc?rev=1350843&view=rev >> Log: >> move service security data to seed data >> >> Removed: >> ofbiz/trunk/framework/service/data/ServiceSecurityData.xml >> Modified: >> ofbiz/trunk/framework/service/data/ServiceSeedData.xml >> ofbiz/trunk/framework/service/ofbiz-component.xml >> >> Modified: ofbiz/trunk/framework/service/data/ServiceSeedData.xml >> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/data/ServiceSeedData.xml?rev=1350843&r1=1350842&r2=1350843&view=diff >> ============================================================================== >> --- ofbiz/trunk/framework/service/data/ServiceSeedData.xml (original) >> +++ ofbiz/trunk/framework/service/data/ServiceSeedData.xml Sat Jun 16 02:51:18 2012 >> @@ -19,6 +19,11 @@ under the License. >> --> >> >> <entity-engine-xml> >> +<!-- Remote Service security --> >> +<SecurityPermission description="Permission to invoke any service remotely." permissionId="SERVICE_INVOKE_ANY"/> >> +<SecurityGroupPermission groupId="FULLADMIN" permissionId="SERVICE_INVOKE_ANY"/> >> +<SecurityGroupPermission groupId="FLEXADMIN" permissionId="SERVICE_INVOKE_ANY"/> >> + >> <!-- Temporal Expression seed data --> >> >> <!-- Pre-define all 60 minutes --> >> >> Modified: ofbiz/trunk/framework/service/ofbiz-component.xml >> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/ofbiz-component.xml?rev=1350843&r1=1350842&r2=1350843&view=diff >> ============================================================================== >> --- ofbiz/trunk/framework/service/ofbiz-component.xml (original) >> +++ ofbiz/trunk/framework/service/ofbiz-component.xml Sat Jun 16 02:51:18 2012 >> @@ -31,7 +31,6 @@ under the License. >> <entity-resource type="data" reader-name="seed" loader="main" location="data/ScheduledServiceData.xml"/> >> <entity-resource type="data" reader-name="seed-initial" loader="main" location="data/ScheduledServices.xml"/> >> <entity-resource type="data" reader-name="seed" loader="main" location="data/ServiceSeedData.xml"/> >> -<entity-resource type="data" reader-name="security" loader="main" location="data/ServiceSecurityData.xml"/> >> <entity-resource type="data" reader-name="demo" loader="main" location="data/ServiceDemoData.xml"/> >> >> <service-resource type="model" loader="main" location="servicedef/services.xml"/> >> >> |
Re: svn commit: r1350843 - in /ofbiz/trunk/framework/service
|
|
In reply to this post by Adrian Crum-3
Currently not, they are in the security.xml seed file now renamed to
SecuritySeed.xml Regards. Hans On 06/16/2012 03:40 PM, Adrian Crum wrote: > FULLADMIN and FLEXADMIN are demo user groups, therefore they belong in > demo data - not seed data. > > -Adrian > > > On 6/16/2012 3:51 AM, [hidden email] wrote: >> Author: hansbak >> Date: Sat Jun 16 02:51:18 2012 >> New Revision: 1350843 >> >> URL: http://svn.apache.org/viewvc?rev=1350843&view=rev >> Log: >> move service security data to seed data >> >> Removed: >> ofbiz/trunk/framework/service/data/ServiceSecurityData.xml >> Modified: >> ofbiz/trunk/framework/service/data/ServiceSeedData.xml >> ofbiz/trunk/framework/service/ofbiz-component.xml >> >> Modified: ofbiz/trunk/framework/service/data/ServiceSeedData.xml >> URL: >> http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/data/ServiceSeedData.xml?rev=1350843&r1=1350842&r2=1350843&view=diff >> ============================================================================== >> >> --- ofbiz/trunk/framework/service/data/ServiceSeedData.xml (original) >> +++ ofbiz/trunk/framework/service/data/ServiceSeedData.xml Sat Jun 16 >> 02:51:18 2012 >> @@ -19,6 +19,11 @@ under the License. >> --> >> >> <entity-engine-xml> >> +<!-- Remote Service security --> >> +<SecurityPermission description="Permission to invoke any service >> remotely." permissionId="SERVICE_INVOKE_ANY"/> >> +<SecurityGroupPermission groupId="FULLADMIN" >> permissionId="SERVICE_INVOKE_ANY"/> >> +<SecurityGroupPermission groupId="FLEXADMIN" >> permissionId="SERVICE_INVOKE_ANY"/> >> + >> <!-- Temporal Expression seed data --> >> >> <!-- Pre-define all 60 minutes --> >> >> Modified: ofbiz/trunk/framework/service/ofbiz-component.xml >> URL: >> http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/ofbiz-component.xml?rev=1350843&r1=1350842&r2=1350843&view=diff >> ============================================================================== >> >> --- ofbiz/trunk/framework/service/ofbiz-component.xml (original) >> +++ ofbiz/trunk/framework/service/ofbiz-component.xml Sat Jun 16 >> 02:51:18 2012 >> @@ -31,7 +31,6 @@ under the License. >> <entity-resource type="data" reader-name="seed" loader="main" >> location="data/ScheduledServiceData.xml"/> >> <entity-resource type="data" reader-name="seed-initial" loader="main" >> location="data/ScheduledServices.xml"/> >> <entity-resource type="data" reader-name="seed" loader="main" >> location="data/ServiceSeedData.xml"/> >> -<entity-resource type="data" reader-name="security" loader="main" >> location="data/ServiceSecurityData.xml"/> >> <entity-resource type="data" reader-name="demo" loader="main" >> location="data/ServiceDemoData.xml"/> >> >> <service-resource type="model" loader="main" >> location="servicedef/services.xml"/> >> >> |
Re: svn commit: r1350843 - in /ofbiz/trunk/framework/service
|
|
In reply to this post by Adrian Crum-3
It was discussed until may 31st, after that no messages for almost a
week, i started to commit it the 6th of june. After that no comments until june 13 of which most I fixed june 15 Hans On 06/16/2012 03:43 PM, Adrian Crum wrote: > It would have been nice if we could have discussed the need and design > a solution. > > When Hans proposed this idea, I said I didn't like the implementation, > and Scott said he couldn't understand the use case. A few days later > the changes were committed. So, we really didn't get a chance to > participate in a discussion about it. > > -Adrian > > On 6/16/2012 5:16 AM, Jacopo Cappellato wrote: >> Hans, >> >> I have a few concerns about your recent work on seed/security data: >> >> 1) in this commit you moved data in the wrong file only to support >> the new mechanism; the data you moved is really "security" data, even >> if it is needed by the system to work properly >> 2) with your recent changes you have broken the contract that says >> that an instance with seed data only should work fine (all the data >> "hardcoded" in source code should be shipped as seed, and the >> "system" user is an example of this); see for example: OFBIZ-4936 >> 3) you clearly didn't fully test the impact of your changes in all >> the scenarios and you are doing this by trial and error in several >> commits >> >> I am really tempted to ask you to revert all the recent work you did >> in this area and rediscuss with the community... what do other think >> about this topic? >> >> Kind regards, >> >> Jacopo >> >> On Jun 16, 2012, at 4:51 AM, [hidden email] wrote: >> >>> Author: hansbak >>> Date: Sat Jun 16 02:51:18 2012 >>> New Revision: 1350843 >>> >>> URL: http://svn.apache.org/viewvc?rev=1350843&view=rev >>> Log: >>> move service security data to seed data >>> >>> Removed: >>> ofbiz/trunk/framework/service/data/ServiceSecurityData.xml >>> Modified: >>> ofbiz/trunk/framework/service/data/ServiceSeedData.xml >>> ofbiz/trunk/framework/service/ofbiz-component.xml >>> >>> Modified: ofbiz/trunk/framework/service/data/ServiceSeedData.xml >>> URL: >>> http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/data/ServiceSeedData.xml?rev=1350843&r1=1350842&r2=1350843&view=diff >>> ============================================================================== >>> >>> --- ofbiz/trunk/framework/service/data/ServiceSeedData.xml (original) >>> +++ ofbiz/trunk/framework/service/data/ServiceSeedData.xml Sat Jun >>> 16 02:51:18 2012 >>> @@ -19,6 +19,11 @@ under the License. >>> --> >>> >>> <entity-engine-xml> >>> +<!-- Remote Service security --> >>> +<SecurityPermission description="Permission to invoke any service >>> remotely." permissionId="SERVICE_INVOKE_ANY"/> >>> +<SecurityGroupPermission groupId="FULLADMIN" >>> permissionId="SERVICE_INVOKE_ANY"/> >>> +<SecurityGroupPermission groupId="FLEXADMIN" >>> permissionId="SERVICE_INVOKE_ANY"/> >>> + >>> <!-- Temporal Expression seed data --> >>> >>> <!-- Pre-define all 60 minutes --> >>> >>> Modified: ofbiz/trunk/framework/service/ofbiz-component.xml >>> URL: >>> http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/ofbiz-component.xml?rev=1350843&r1=1350842&r2=1350843&view=diff >>> ============================================================================== >>> >>> --- ofbiz/trunk/framework/service/ofbiz-component.xml (original) >>> +++ ofbiz/trunk/framework/service/ofbiz-component.xml Sat Jun 16 >>> 02:51:18 2012 >>> @@ -31,7 +31,6 @@ under the License. >>> <entity-resource type="data" reader-name="seed" loader="main" >>> location="data/ScheduledServiceData.xml"/> >>> <entity-resource type="data" reader-name="seed-initial" >>> loader="main" location="data/ScheduledServices.xml"/> >>> <entity-resource type="data" reader-name="seed" loader="main" >>> location="data/ServiceSeedData.xml"/> >>> -<entity-resource type="data" reader-name="security" loader="main" >>> location="data/ServiceSecurityData.xml"/> >>> <entity-resource type="data" reader-name="demo" loader="main" >>> location="data/ServiceDemoData.xml"/> >>> >>> <service-resource type="model" loader="main" >>> location="servicedef/services.xml"/> >>> >>> |
Re: svn commit: r1350843 - in /ofbiz/trunk/framework/service
|
|
In reply to this post by hans_bakker
My mistake, the FULLADMIN and FLEXADMIN security groups are seed data,
but the assignment of demo users to those groups is demo data. I apologize for the confusion. -Adrian On 6/16/2012 10:20 AM, Hans Bakker wrote: > Currently not, they are in the security.xml seed file now renamed to > SecuritySeed.xml > > Regards. > Hans > > On 06/16/2012 03:40 PM, Adrian Crum wrote: >> FULLADMIN and FLEXADMIN are demo user groups, therefore they belong >> in demo data - not seed data. >> >> -Adrian >> >> >> On 6/16/2012 3:51 AM, [hidden email] wrote: >>> Author: hansbak >>> Date: Sat Jun 16 02:51:18 2012 >>> New Revision: 1350843 >>> >>> URL: http://svn.apache.org/viewvc?rev=1350843&view=rev >>> Log: >>> move service security data to seed data >>> >>> Removed: >>> ofbiz/trunk/framework/service/data/ServiceSecurityData.xml >>> Modified: >>> ofbiz/trunk/framework/service/data/ServiceSeedData.xml >>> ofbiz/trunk/framework/service/ofbiz-component.xml >>> >>> Modified: ofbiz/trunk/framework/service/data/ServiceSeedData.xml >>> URL: >>> http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/data/ServiceSeedData.xml?rev=1350843&r1=1350842&r2=1350843&view=diff >>> ============================================================================== >>> >>> --- ofbiz/trunk/framework/service/data/ServiceSeedData.xml (original) >>> +++ ofbiz/trunk/framework/service/data/ServiceSeedData.xml Sat Jun >>> 16 02:51:18 2012 >>> @@ -19,6 +19,11 @@ under the License. >>> --> >>> >>> <entity-engine-xml> >>> +<!-- Remote Service security --> >>> +<SecurityPermission description="Permission to invoke any service >>> remotely." permissionId="SERVICE_INVOKE_ANY"/> >>> +<SecurityGroupPermission groupId="FULLADMIN" >>> permissionId="SERVICE_INVOKE_ANY"/> >>> +<SecurityGroupPermission groupId="FLEXADMIN" >>> permissionId="SERVICE_INVOKE_ANY"/> >>> + >>> <!-- Temporal Expression seed data --> >>> >>> <!-- Pre-define all 60 minutes --> >>> >>> Modified: ofbiz/trunk/framework/service/ofbiz-component.xml >>> URL: >>> http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/ofbiz-component.xml?rev=1350843&r1=1350842&r2=1350843&view=diff >>> ============================================================================== >>> >>> --- ofbiz/trunk/framework/service/ofbiz-component.xml (original) >>> +++ ofbiz/trunk/framework/service/ofbiz-component.xml Sat Jun 16 >>> 02:51:18 2012 >>> @@ -31,7 +31,6 @@ under the License. >>> <entity-resource type="data" reader-name="seed" loader="main" >>> location="data/ScheduledServiceData.xml"/> >>> <entity-resource type="data" reader-name="seed-initial" >>> loader="main" location="data/ScheduledServices.xml"/> >>> <entity-resource type="data" reader-name="seed" loader="main" >>> location="data/ServiceSeedData.xml"/> >>> -<entity-resource type="data" reader-name="security" loader="main" >>> location="data/ServiceSecurityData.xml"/> >>> <entity-resource type="data" reader-name="demo" loader="main" >>> location="data/ServiceDemoData.xml"/> >>> >>> <service-resource type="model" loader="main" >>> location="servicedef/services.xml"/> >>> >>> > |
«
Return to OFBiz - Dev
|
1 view|%1 views
| Free forum by Nabble | Edit this page |