please find my answer in-line...
On 05/31/2012 06:20 PM, Scott Gray wrote:
Okay thanks for the additional detail, below is my attempt to further
understand a bit, please bear with me.
If we take as an example the accounting application, you'd like to be able to
make that available to some tenants but not others. At the moment in order to
do that you'd need to manually remove the various ACCOUNTING_* related
SecurityGroupPermission records from the tenant database after the db has been
loaded with data.
yes exactly that....
So if I understand correctly (I don't think I do), your proposal is to have a
separate security reader which would run as part of a normal non-tenant
installation but wouldn't run as part a tenant installation? How would that
happen? I'm also not sure I understand how the custom hot-deploy component
would load data for one tenant but not for another?
simply not load security files at all and only load the ones i want in
the hot-deploy component....
Thanks
Scott
On 31/05/2012, at 9:16 PM, Hans Bakker wrote:
Scott,
You you are right, i am re-reading my email and it is too short.
The problem:
1. currently security data is part of seed and get always loaded.
2. if the security data of a component is not loaded, makes this component
invisible.
3. In a multi tenant environment I would like to have certain components
visible in a certain tenant and not in other tenants.
The proposed solution:
1. do not load security with seed data but separate, under its own data reader
name as defined in entityengine.xml and in the component related
ofbiz-component.xnl files.
2. In order to easily load security data for a certain tenant, load that data
as part of a custom component in hot-deploy via the component:// notation in
the ofbiz-component.xml file as seeddata.
hopefully explained a bit better this time.....
Regards,
Hans
On 05/31/2012 03:50 PM, Scott Gray wrote:
Hi Hans,
I'm sorry but could you go into a little more detail about the problem and
proposal? I'm not sure I understand well enough to even know what questions to
ask.
What would it mean to define a new entity resource reader-name? As far as I
understand they aren't actually defined anywhere, you just use a certain
reader(s) when starting ofbiz and those are the resources that get loaded based
on what's in the entity-resource element's in the ofbiz-component files.
Thanks
Scott
On 31/05/2012, at 2:13 PM, Hans Bakker wrote:
Problem:
Currently security files are loaded as part of seed. Therefore it is difficult
to allow access to components differently per tenant.
Proposal:
1. create a new data-reader name 'security'.
2. Be able to load specific security files in a custom component and use in
ofbiz-component.xml the component:// notation
3. now in the custom component can be defined which components should be active.
Any opinions or suggestions?
Regards,
Hans
