Okay thanks for the additional detail, below is my attempt to further understand a bit, please bear with me.
If we take as an example the accounting application, you'd like to be able to make that available to some tenants but not others. At the moment in order to do that you'd need to manually remove the various ACCOUNTING_* related SecurityGroupPermission records from the tenant database after the db has been loaded with data. So if I understand correctly (I don't think I do), your proposal is to have a separate security reader which would run as part of a normal non-tenant installation but wouldn't run as part a tenant installation? How would that happen? I'm also not sure I understand how the custom hot-deploy component would load data for one tenant but not for another? Thanks Scott On 31/05/2012, at 9:16 PM, Hans Bakker wrote: > Scott, > You you are right, i am re-reading my email and it is too short. > > The problem: > 1. currently security data is part of seed and get always loaded. > 2. if the security data of a component is not loaded, makes this component > invisible. > 3. In a multi tenant environment I would like to have certain components > visible in a certain tenant and not in other tenants. > > The proposed solution: > 1. do not load security with seed data but separate, under its own data > reader name as defined in entityengine.xml and in the component related > ofbiz-component.xnl files. > 2. In order to easily load security data for a certain tenant, load that data > as part of a custom component in hot-deploy via the component:// notation in > the ofbiz-component.xml file as seeddata. > > hopefully explained a bit better this time..... > > Regards, > Hans > > > On 05/31/2012 03:50 PM, Scott Gray wrote: >> Hi Hans, >> >> I'm sorry but could you go into a little more detail about the problem and >> proposal? I'm not sure I understand well enough to even know what questions >> to ask. >> >> What would it mean to define a new entity resource reader-name? As far as I >> understand they aren't actually defined anywhere, you just use a certain >> reader(s) when starting ofbiz and those are the resources that get loaded >> based on what's in the entity-resource element's in the ofbiz-component >> files. >> >> Thanks >> Scott >> >> On 31/05/2012, at 2:13 PM, Hans Bakker wrote: >> >>> Problem: >>> >>> Currently security files are loaded as part of seed. Therefore it is >>> difficult to allow access to components differently per tenant. >>> >>> Proposal: >>> 1. create a new data-reader name 'security'. >>> 2. Be able to load specific security files in a custom component and use in >>> ofbiz-component.xml the component:// notation >>> 3. now in the custom component can be defined which components should be >>> active. >>> >>> Any opinions or suggestions? >>> >>> Regards, >>> Hans >>> >>> >
