framework/security/data/SecurityData.xml - ofbiz - Git at Google

 <?xml version="1.0" encoding="UTF-8"?>
 <!--
 Licensed to the Apache Software Foundation (ASF) under one
 or more contributor license agreements.  See the NOTICE file
 distributed with this work for additional information
 regarding copyright ownership.  The ASF licenses this file
 to you under the Apache License, Version 2.0 (the
 "License"); you may not use this file except in compliance
 with the License.  You may obtain a copy of the License at

 http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing,
 software distributed under the License is distributed on an
 "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 KIND, either express or implied.  See the License for the
 specific language governing permissions and limitations
 under the License.
 -->
 <entity-engine-xml>
     <!-- OFBiz Core security -->
     <!-- Target file: framework/security/data/SecurityData.xml -->

     <!--  administrative security groups -->
     <SecurityGroup groupId="FULLADMIN" description="Full Admin group, has all general permissions."/>
     <SecurityGroup groupId="FLEXADMIN" description="Flexible Admin group, has all granular permissions."/>
     <SecurityGroup groupId="VIEWADMIN" description="Demo Admin group, has all view permissions."/>

     <!--  Security 2.0 base permissions -->
     <SecurityPermission permissionId="access" description="Base ACCESS permission"/>
     <SecurityPermission permissionId="create" description="Base CREATE permission"/>
     <SecurityPermission permissionId="read" description="Base READ permission"/>
     <SecurityPermission permissionId="update" description="Base UPDATE permission"/>
     <SecurityPermission permissionId="delete" description="Base DELETE permission"/>

     <!-- base permissions to groups -->
     <SecurityGroupPermission groupId="FULLADMIN" permissionId="access"/>
     <SecurityGroupPermission groupId="FULLADMIN" permissionId="create"/>
     <SecurityGroupPermission groupId="FULLADMIN" permissionId="read"/>
     <SecurityGroupPermission groupId="FULLADMIN" permissionId="update"/>
     <SecurityGroupPermission groupId="FULLADMIN" permissionId="delete"/>

     <SecurityGroupPermission groupId="VIEWADMIN" permissionId="access"/>
     <SecurityGroupPermission groupId="VIEWADMIN" permissionId="read"/>

     <SecurityGroup groupId="BIZADMIN" description="Full Business Applications permission group, has all business app admin permissions, not technical permissions."/>

     <!-- general admin tools permission -->
     <SecurityPermission description="Permission to access the Stock OFBiz Manager Applications." permissionId="OFBTOOLS_VIEW"/>
     <SecurityGroupPermission groupId="FULLADMIN" permissionId="OFBTOOLS_VIEW"/>
     <SecurityGroupPermission groupId="FLEXADMIN" permissionId="OFBTOOLS_VIEW"/>
     <SecurityGroupPermission groupId="VIEWADMIN" permissionId="OFBTOOLS_VIEW"/>
     <SecurityGroupPermission groupId="BIZADMIN" permissionId="OFBTOOLS_VIEW"/>

     <!-- System UserLogin Account - see additional data in SecurityExtData -->
     <UserLogin userLoginId="system" enabled="N" isSystem="Y"/>
     <UserLoginSecurityGroup groupId="FULLADMIN" userLoginId="system" fromDate="2001-01-01 12:00:00.0"/>
     <!-- Anonymous UserLogin is referenced by services in various components -->
     <UserLogin userLoginId="anonymous" enabled="N"/>

     <!-- Data needed to bootstrap the security-aware artifacts -->

     <UserLogin userLoginId="NOT_LOGGED_IN" enabled="N" isSystem="N"/>
     <UserGroup groupId="OFBIZ_USERS" description="All OFBiz users"/>

     <ArtifactPath artifactPath="ofbiz" description="The artifact path root"/>
     <ArtifactPath artifactPath="ofbiz/?/getUserPreferenceGroup" description="All Applications - getUserPreferenceGroup service"/>
     <ArtifactPath artifactPath="ofbiz/?/login" description="All Applications - Login screen"/>
     <ArtifactPath artifactPath="ofbiz/?/ServerHit" description="All Applications - Server hit"/>

     <ArtifactPermission permissionValue="access=true" description="Access granted"/>
     <ArtifactPermission permissionValue="access=false" description="Access denied"/>
     <ArtifactPermission permissionValue="admin=true" description="Admin access granted"/>
     <ArtifactPermission permissionValue="create=true" description="Create access granted"/>
     <ArtifactPermission permissionValue="create=false" description="Create access denied"/>
     <ArtifactPermission permissionValue="delete=true" description="Delete access granted"/>
     <ArtifactPermission permissionValue="delete=false" description="Delete access denied"/>
     <ArtifactPermission permissionValue="update=true" description="Update access granted"/>
     <ArtifactPermission permissionValue="update=false" description="Update access denied"/>
     <ArtifactPermission permissionValue="view=true" description="View access granted"/>
     <ArtifactPermission permissionValue="view=false" description="View access denied"/>

     <UserToArtifactPermRel userLoginId="system" artifactPath="ofbiz" permissionValue="admin=true"/>
     <UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/?/getUserPreferenceGroup" permissionValue="access=true"/>
     <UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/?/login" permissionValue="access=true"/>
     <UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/?/login" permissionValue="view=true"/>
     <UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/?/ServerHit" permissionValue="create=true"/>

     <!-- Data needed to demonstrate the security-aware artifacts. This is temporary -
     it will not be included in the project. -->
     <UserLogin userLoginId="artifact-user" enabled="Y" isSystem="N" currentPassword="{SHA}47ca69ebb4bdc9ae0adec130880165d2cc05db1a" passwordHint=""/>

 </entity-engine-xml>
	<?xml version="1.0" encoding="UTF-8"?>
	<!--
	Licensed to the Apache Software Foundation (ASF) under one
	or more contributor license agreements. See the NOTICE file
	distributed with this work for additional information
	regarding copyright ownership. The ASF licenses this file
	to you under the Apache License, Version 2.0 (the
	"License"); you may not use this file except in compliance
	with the License. You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing,
	software distributed under the License is distributed on an
	"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	KIND, either express or implied. See the License for the
	specific language governing permissions and limitations
	under the License.
	-->
	<entity-engine-xml>
	<!-- OFBiz Core security -->
	<!-- Target file: framework/security/data/SecurityData.xml -->

	<!-- administrative security groups -->
	<SecurityGroup groupId="FULLADMIN" description="Full Admin group, has all general permissions."/>
	<SecurityGroup groupId="FLEXADMIN" description="Flexible Admin group, has all granular permissions."/>
	<SecurityGroup groupId="VIEWADMIN" description="Demo Admin group, has all view permissions."/>

	<!-- Security 2.0 base permissions -->
	<SecurityPermission permissionId="access" description="Base ACCESS permission"/>
	<SecurityPermission permissionId="create" description="Base CREATE permission"/>
	<SecurityPermission permissionId="read" description="Base READ permission"/>
	<SecurityPermission permissionId="update" description="Base UPDATE permission"/>
	<SecurityPermission permissionId="delete" description="Base DELETE permission"/>

	<!-- base permissions to groups -->
	<SecurityGroupPermission groupId="FULLADMIN" permissionId="access"/>
	<SecurityGroupPermission groupId="FULLADMIN" permissionId="create"/>
	<SecurityGroupPermission groupId="FULLADMIN" permissionId="read"/>
	<SecurityGroupPermission groupId="FULLADMIN" permissionId="update"/>
	<SecurityGroupPermission groupId="FULLADMIN" permissionId="delete"/>

	<SecurityGroupPermission groupId="VIEWADMIN" permissionId="access"/>
	<SecurityGroupPermission groupId="VIEWADMIN" permissionId="read"/>

	<SecurityGroup groupId="BIZADMIN" description="Full Business Applications permission group, has all business app admin permissions, not technical permissions."/>

	<!-- general admin tools permission -->
	<SecurityPermission description="Permission to access the Stock OFBiz Manager Applications." permissionId="OFBTOOLS_VIEW"/>
	<SecurityGroupPermission groupId="FULLADMIN" permissionId="OFBTOOLS_VIEW"/>
	<SecurityGroupPermission groupId="FLEXADMIN" permissionId="OFBTOOLS_VIEW"/>
	<SecurityGroupPermission groupId="VIEWADMIN" permissionId="OFBTOOLS_VIEW"/>
	<SecurityGroupPermission groupId="BIZADMIN" permissionId="OFBTOOLS_VIEW"/>

	<!-- System UserLogin Account - see additional data in SecurityExtData -->
	<UserLogin userLoginId="system" enabled="N" isSystem="Y"/>
	<UserLoginSecurityGroup groupId="FULLADMIN" userLoginId="system" fromDate="2001-01-01 12:00:00.0"/>
	<!-- Anonymous UserLogin is referenced by services in various components -->
	<UserLogin userLoginId="anonymous" enabled="N"/>

	<!-- Data needed to bootstrap the security-aware artifacts -->

	<UserLogin userLoginId="NOT_LOGGED_IN" enabled="N" isSystem="N"/>
	<UserGroup groupId="OFBIZ_USERS" description="All OFBiz users"/>

	<ArtifactPath artifactPath="ofbiz" description="The artifact path root"/>
	<ArtifactPath artifactPath="ofbiz/?/getUserPreferenceGroup" description="All Applications - getUserPreferenceGroup service"/>
	<ArtifactPath artifactPath="ofbiz/?/login" description="All Applications - Login screen"/>
	<ArtifactPath artifactPath="ofbiz/?/ServerHit" description="All Applications - Server hit"/>

	<ArtifactPermission permissionValue="access=true" description="Access granted"/>
	<ArtifactPermission permissionValue="access=false" description="Access denied"/>
	<ArtifactPermission permissionValue="admin=true" description="Admin access granted"/>
	<ArtifactPermission permissionValue="create=true" description="Create access granted"/>
	<ArtifactPermission permissionValue="create=false" description="Create access denied"/>
	<ArtifactPermission permissionValue="delete=true" description="Delete access granted"/>
	<ArtifactPermission permissionValue="delete=false" description="Delete access denied"/>
	<ArtifactPermission permissionValue="update=true" description="Update access granted"/>
	<ArtifactPermission permissionValue="update=false" description="Update access denied"/>
	<ArtifactPermission permissionValue="view=true" description="View access granted"/>
	<ArtifactPermission permissionValue="view=false" description="View access denied"/>

	<UserToArtifactPermRel userLoginId="system" artifactPath="ofbiz" permissionValue="admin=true"/>
	<UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/?/getUserPreferenceGroup" permissionValue="access=true"/>
	<UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/?/login" permissionValue="access=true"/>
	<UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/?/login" permissionValue="view=true"/>
	<UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/?/ServerHit" permissionValue="create=true"/>

	<!-- Data needed to demonstrate the security-aware artifacts. This is temporary -
	it will not be included in the project. -->
	<UserLogin userLoginId="artifact-user" enabled="Y" isSystem="N" currentPassword="{SHA}47ca69ebb4bdc9ae0adec130880165d2cc05db1a" passwordHint=""/>

	</entity-engine-xml>