[Erp5-users] Please help with Base Category and Security interplay

bartek bartek at erp5.pl
Thu Mar 29 09:59:05 CEST 2007 

chetankumar at vsnl.net wrote:
> Hi all
> For the Person Module portal type at manage_editRolesForm I have set
> Name:           Manager
> Role:           Assignor
> Base Category:  site
> Category:       group/groupA
>                function/functionA
> Base Category Script: ERP5Type_getSecurityCategoryMapping

No, and no. If you harcode group and function, you should put group and 
function as base categories. And base category script wouldn't matter at 
all. The ERP5Type_getSecurityCategoryMapping has a completely different 
purpose (refer to my previous emails and to wiki for explanation).

> 
> It works fine as it sets appropriate groups on the newly created objects with
> the correct combination of the site for Manager at site1 & site2 .
> 
> Now I face the next challenge:
> The person objects listed in the Person module should be as follows -
> For Manager at site1 or site2 only objects of his/her site should be visible
> even though both are Assignor for the entire module.
> 
> 1. How can I ensure the above? Do I have to make any modifications in the
> listbox definition to define a filter? If yes, then where exactly?

You can write your own list method (instead of using portal_catalog).

> 2. Is there any other way to do this filtering based on a category?

Portal catalog supports filtering by category membership.

> 3. Do I have to define the above security on the Person portal type as well or
> should security be only defined on "xxx Module"?

If you want to limit access to Person objects, you have to define 
security on Person portal type.

> 4. Workflow security only controls the actions displayed in the "Action..."
> dropdown, isn't it?

No. Workflow security controls access to the object, in all respects. In 
particular, worklow security can make an object read-only for some 
users, writeable for other, and invisible for someone else.

Bartek

> 
> Regards,
> Chetan
> _______________________________________________
> Erp5-users mailing list
> Erp5-users at erp5.org
> http://erp5.org/mailman/listinfo/erp5-users
>

More information about the Erp5-users mailing list