Google Git
Sign in
apache / ofbiz / 683f89001bc3b01f268c68bb6df0dad4decb8bc7 / . / applications / party / minilang / party / PartyPermissionServices.xml
blob: a11321d8f7107f77397a74ad54443b3ad398844f [file] [log] [blame]
<?xml version="1.0" encoding="UTF-8" ?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<simple-methods xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://ofbiz.apache.org/Simple-Method" xsi:schemaLocation="http://ofbiz.apache.org/Simple-Method http://ofbiz.apache.org/dtds/simple-methods.xsd">
<!-- ============== Basic Permission Checking ============= -->
<!-- Returns hasPermission=true if user has one of the base PARTYMGR CRUD+ADMIN permissions -->
<simple-method method-name="basePermissionCheck" short-description="Party Manager base permission logic">
<set field="primaryPermission" value="PARTYMGR"/>
<call-simple-method method-name="genericBasePermissionCheck" xml-resource="component://common/minilang/permission/CommonPermissionServices.xml"/>
</simple-method>
<!-- Returns hasPermission=true if userLogin partyId equals partyId parameter -->
<simple-method method-name="partyIdPermissionCheck" short-description="Party ID Permission Check">
<if-empty field="partyId">
<set field="partyId" from-field="parameters.partyId"/>
</if-empty>
<if>
<condition>
<and>
<not><if-empty field="partyId"/></not>
<not><if-empty field="userLogin.partyId"/></not>
<if-compare-field field="partyId" to-field="userLogin.partyId" operator="equals"/>
</and>
</condition>
<then>
<set field="hasPermission" type="Boolean" value="true"/>
</then>
<else>
<set field="resourceDescription" from-field="parameters.resourceDescription"/>
<if-empty field="resourceDescription">
<property-to-field resource="CommonUiLabels" property="CommonPermissionThisOperation" field="resourceDescription"/>
</if-empty>
<property-to-field resource="PartyUiLabels" property="PartyPermissionErrorPartyId" field="failMessage"/>
<set field="hasPermission" type="Boolean" value="false"/>
<field-to-result field="failMessage"/>
</else>
</if>
<field-to-result field="hasPermission"/>
</simple-method>
<!-- Returns hasPermission=true if userLogin party equals partyId parameter OR
user has one of the base PARTYMGR CRUD+ADMIN permissions -->
<simple-method method-name="basePlusPartyIdPermissionCheck" short-description="Base Permission Plus Party ID Permission Check">
<call-simple-method method-name="basePermissionCheck"/>
<if-compare field="hasPermission" operator="not-equals" value="true">
<call-simple-method method-name="partyIdPermissionCheck"/>
</if-compare>
</simple-method>
<!-- ============== Additional Permission Checking ============= -->
<!-- Returns hasPermission=true if userLogin partyId equals partyId parameter OR
user has one of the base PARTYMGR or PARTYMGR_STS CRUD+ADMIN permissions -->
<simple-method method-name="partyStatusPermissionCheck" short-description="Party status permission logic">
<set field="hasPermission" type="Boolean" value="false"/>
<if-not-empty field="parameters.partyId">
<if-compare-field field="parameters.partyId" to-field="userLogin.partyId" operator="equals">
<set field="hasPermission" type="Boolean" value="true"/>
<field-to-result field="hasPermission"/>
</if-compare-field>
</if-not-empty>
<if-compare field="hasPermission" operator="not-equals" value="true">
<set field="altPermission" value="PARTYMGR_STS"/>
<call-simple-method method-name="basePermissionCheck"/>
</if-compare>
</simple-method>
<!-- Returns hasPermission=true if userLogin partyId equals partyId parameter OR
user has one of the base PARTYMGR or PARTYMGR_GRP CRUD+ADMIN permissions -->
<simple-method method-name="partyGroupPermissionCheck" short-description="Party group permission logic">
<set field="altPermission" value="PARTYMGR_GRP"/>
<call-simple-method method-name="basePlusPartyIdPermissionCheck"/>
</simple-method>
<!-- Returns hasPermission=true if user has one of the base PARTYMGR or PARTYMGR_SRC CRUD+ADMIN permissions -->
<simple-method method-name="partyDatasourcePermissionCheck" short-description="Party datasource permission logic">
<set field="altPermission" value="PARTYMGR_SRC"/>
<call-simple-method method-name="basePermissionCheck"/>
</simple-method>
<!-- Returns hasPermission=true if user has one of the base PARTYMGR or PARTYMGR_ROLE CRUD+ADMIN permissions -->
<simple-method method-name="partyRolePermissionCheck" short-description="Party role permission logic">
<set field="altPermission" value="PARTYMGR_ROLE"/>
<call-simple-method method-name="basePlusPartyIdPermissionCheck"/>
</simple-method>
<!-- Returns hasPermission=true if user has one of the base PARTYMGR or PARTYMGR_REL CRUD+ADMIN permissions -->
<simple-method method-name="partyRelationshipPermissionCheck" short-description="Party relationship permission logic">
<if-empty field="parameters.partyIdFrom">
<set field="parameters.partyIdFrom" from-field="userLogin.partyId"/>
<set field="hasPermission" type="Boolean" value="true"/>
<field-to-result field="hasPermission"/>
<else>
<set field="altPermission" value="PARTYMGR_REL"/>
<call-simple-method method-name="basePermissionCheck"/>
</else>
</if-empty>
</simple-method>
<!-- Returns hasPermission=true if userLogin partyId equals partyId parameter OR
user has one of the base PARTYMGR or PARTYMGR_PCM CRUD+ADMIN permissions -->
<simple-method method-name="partyContactMechPermissionCheck" short-description="Party contact mech permission logic">
<if-empty field="parameters.partyId">
<set field="parameters.partyId" from-field="userLogin.partyId"/>
</if-empty>
<if-compare-field to-field="userLogin.partyId" field="parameters.partyId" operator="equals">
<set field="hasPermission" type="Boolean" value="true"/>
<field-to-result field="hasPermission"/>
<else>
<set field="altPermission" value="PARTYMGR_PCM"/>
<call-simple-method method-name="basePermissionCheck"/>
</else>
</if-compare-field>
</simple-method>
<!-- Accept/Decline/Cancel PartyInvitation Permission Checks -->
<simple-method method-name="accAndDecPartyInvitationPermissionCheck" short-description="Accept and Decline PartyInvitation Permission Logic">
<set field="hasPermission" type="Boolean" value="false"/>
<if-has-permission permission="PARTYMGR_UPDATE" action="_UPDATE">
<set field="hasPermission" type="Boolean" value="true"/>
<field-to-result field="hasPermission"/>
</if-has-permission>
<if-compare field="hasPermission" operator="not-equals" value="true">
<entity-one entity-name="PartyInvitation" value-field="partyInvitation"/>
<if-empty field="partyInvitation.partyId">
<if-empty field="partyInvitation.emailAddress">
<add-error>
<fail-property resource="PartyUiLabels" property="PartyInvitationNotValidError"/>
</add-error>
<else>
<set field="findPartyCtx.address" from-field="partyInvitation.emailAddress"/>
<call-service service-name="findPartyFromEmailAddress" in-map-name="findPartyCtx">
<result-to-field result-name="partyId" field="partyId"/>
</call-service>
<if-not-empty field="partyId">
<if-compare-field field="partyId" to-field="userLogin.partyId" operator="equals">
<set field="hasPermission" type="Boolean" value="true"/>
<field-to-result field="hasPermission"/>
</if-compare-field>
<else>
<add-error>
<fail-property resource="PartyUiLabels" property="PartyInvitationNotValidError"/>
</add-error>
</else>
</if-not-empty>
</else>
</if-empty>
<else>
<if-compare-field field="partyInvitation.partyId" to-field="userLogin.partyId" operator="equals">
<set field="hasPermission" type="Boolean" value="true"/>
<field-to-result field="hasPermission"/>
</if-compare-field>
</else>
</if-empty>
<check-errors/>
</if-compare>
<if-compare field="hasPermission" operator="not-equals" value="true">
<property-to-field property="PartyInvitationAccAndDecPermissionError" field="failMessage" resource="PartyUiLabels"/>
<field-to-result field="hasPermission"/>
<field-to-result field="failMessage"/>
</if-compare>
</simple-method>
<simple-method method-name="cancelPartyInvitationPermissionCheck" short-description="Cancel PartyInvitation Permission Logic">
<set field="hasPermission" type="Boolean" value="false"/>
<if-has-permission permission="PARTYMGR_UPDATE" action="_UPDATE">
<set field="hasPermission" type="Boolean" value="true"/>
<field-to-result field="hasPermission"/>
</if-has-permission>
<if-compare field="hasPermission" operator="not-equals" value="true">
<entity-one entity-name="PartyInvitation" value-field="partyInvitation"/>
<if-not-empty field="partyInvitation.partyIdFrom">
<if-compare-field field="partyInvitation.partyIdFrom" to-field="userLogin.partyId" operator="equals">
<set field="hasPermission" type="Boolean" value="true"/>
<field-to-result field="hasPermission"/>
</if-compare-field>
</if-not-empty>
<if-compare field="hasPermission" operator="not-equals" value="true">
<if-empty field="partyInvitation.partyId">
<if-empty field="partyInvitation.emailAddress">
<add-error>
<fail-property resource="PartyUiLabels" property="PartyInvitationNotValidError"/>
</add-error>
<else>
<set field="findPartyCtx.address" from-field="partyInvitation.emailAddress"/>
<call-service service-name="findPartyFromEmailAddress" in-map-name="findPartyCtx">
<result-to-field result-name="partyId" field="partyId"/>
</call-service>
<if-not-empty field="partyId">
<if-compare-field field="partyId" to-field="userLogin.partyId" operator="equals">
<set field="hasPermission" type="Boolean" value="true"/>
<field-to-result field="hasPermission"/>
</if-compare-field>
<else>
<add-error>
<fail-property resource="PartyUiLabels" property="PartyInvitationNotValidError"/>
</add-error>
</else>
</if-not-empty>
</else>
</if-empty>
<else>
<if-compare-field field="partyInvitation.partyId" to-field="userLogin.partyId" operator="equals">
<set field="hasPermission" type="Boolean" value="true"/>
<field-to-result field="hasPermission"/>
</if-compare-field>
</else>
</if-empty>
<check-errors/>
</if-compare>
</if-compare>
<if-compare field="hasPermission" operator="not-equals" value="true">
<property-to-field property="PartyInvitationCancelPermissionError" field="failMessage" resource="PartyUiLabels"/>
<field-to-result field="hasPermission"/>
<field-to-result field="failMessage"/>
</if-compare>
</simple-method>
<!-- Returns hasPermission=true if userLogin partyId equals partyIdFrom parameter OR
partyIdTo parameter OR user has one of the base PARTYMGR or PARTYMGR_CME CRUD+ADMIN permissions -->
<simple-method method-name="partyCommunicationEventPermissionCheck" short-description="Communication Event permission logic">
<if>
<condition>
<and>
<if-compare operator="equals" value="EMAIL_COMMUNICATION" field="parameters.communicationEventTypeId"/>
<if-compare operator="equals" value="CREATE" field="action"/>
</and>
</condition>
<then>
<set field="altPermission" value="PARTYMGR_CME-EMAIL"/>
<call-simple-method method-name="basePermissionCheck"/>
</then>
<else-if>
<condition>
<and>
<if-compare operator="equals" value="COMMENT_NOTE" field="parameters.communicationEventTypeId"/>
<if-compare operator="equals" value="CREATE" field="action"/>
</and>
</condition>
<then>
<set field="altPermission" value="PARTYMGR_CME-NOTE"/>
<call-simple-method method-name="basePermissionCheck"/>
</then>
</else-if>
<else-if>
<condition>
<and>
<if-compare-field field="parameters.partyIdFrom" to-field="userLogin.partyId" operator="not-equals"/>
<if-compare-field field="parameters.partyIdTo" to-field="userLogin.partyId" operator="not-equals"/>
<if-compare-field field="parameters.partyId" to-field="userLogin.partyId" operator="not-equals"/><!-- update role -->
</and>
</condition>
<then>
<set field="altPermission" value="PARTYMGR_CME"/>
<call-simple-method method-name="basePermissionCheck"/>
</then>
</else-if>
<else>
<set field="hasPermission" type="Boolean" value="true"/>
<field-to-result field="hasPermission"/>
</else>
</if>
</simple-method>
</simple-methods>