| <?xml version="1.0" encoding="UTF-8"?> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, |
| software distributed under the License is distributed on an |
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| KIND, either express or implied. See the License for the |
| specific language governing permissions and limitations |
| under the License. |
| --> |
| <entity-engine-xml> |
| <!-- OFBiz Core security --> |
| <!-- Target file: framework/security/data/SecurityData.xml --> |
| |
| <!-- administrative security groups --> |
| <SecurityGroup groupId="FULLADMIN" description="Full Admin group, has all general permissions."/> |
| <SecurityGroup groupId="FLEXADMIN" description="Flexible Admin group, has all granular permissions."/> |
| <SecurityGroup groupId="VIEWADMIN" description="Demo Admin group, has all view permissions."/> |
| |
| <!-- Security 2.0 base permissions --> |
| <SecurityPermission permissionId="access" description="Base ACCESS permission"/> |
| <SecurityPermission permissionId="create" description="Base CREATE permission"/> |
| <SecurityPermission permissionId="read" description="Base READ permission"/> |
| <SecurityPermission permissionId="update" description="Base UPDATE permission"/> |
| <SecurityPermission permissionId="delete" description="Base DELETE permission"/> |
| |
| <!-- base permissions to groups --> |
| <SecurityGroupPermission groupId="FULLADMIN" permissionId="access"/> |
| <SecurityGroupPermission groupId="FULLADMIN" permissionId="create"/> |
| <SecurityGroupPermission groupId="FULLADMIN" permissionId="read"/> |
| <SecurityGroupPermission groupId="FULLADMIN" permissionId="update"/> |
| <SecurityGroupPermission groupId="FULLADMIN" permissionId="delete"/> |
| |
| <SecurityGroupPermission groupId="VIEWADMIN" permissionId="access"/> |
| <SecurityGroupPermission groupId="VIEWADMIN" permissionId="read"/> |
| |
| <SecurityGroup groupId="BIZADMIN" description="Full Business Applications permission group, has all business app admin permissions, not technical permissions."/> |
| |
| <!-- general admin tools permission --> |
| <SecurityPermission description="Permission to access the Stock OFBiz Manager Applications." permissionId="OFBTOOLS_VIEW"/> |
| <SecurityGroupPermission groupId="FULLADMIN" permissionId="OFBTOOLS_VIEW"/> |
| <SecurityGroupPermission groupId="FLEXADMIN" permissionId="OFBTOOLS_VIEW"/> |
| <SecurityGroupPermission groupId="VIEWADMIN" permissionId="OFBTOOLS_VIEW"/> |
| <SecurityGroupPermission groupId="BIZADMIN" permissionId="OFBTOOLS_VIEW"/> |
| |
| <!-- System UserLogin Account - see additional data in SecurityExtData --> |
| <UserLogin userLoginId="system" enabled="N" isSystem="Y"/> |
| <UserLoginSecurityGroup groupId="FULLADMIN" userLoginId="system" fromDate="2001-01-01 12:00:00.0"/> |
| <!-- Anonymous UserLogin is referenced by services in various components --> |
| <UserLogin userLoginId="anonymous" enabled="N"/> |
| |
| <!-- Data needed to bootstrap the security-aware artifacts --> |
| |
| <UserLogin userLoginId="NOT_LOGGED_IN" enabled="N" isSystem="N"/> |
| <UserGroup groupId="OFBIZ_USERS" description="All OFBiz users"/> |
| |
| <ArtifactPath artifactPath="ofbiz" description="The artifact path root"/> |
| <ArtifactPath artifactPath="ofbiz/?/getUserPreferenceGroup" description="All Applications - getUserPreferenceGroup service"/> |
| <ArtifactPath artifactPath="ofbiz/?/login" description="All Applications - Login screen"/> |
| <ArtifactPath artifactPath="ofbiz/?/ServerHit" description="All Applications - Server hit"/> |
| |
| <ArtifactPermission permissionValue="access=true" description="Access granted"/> |
| <ArtifactPermission permissionValue="access=false" description="Access denied"/> |
| <ArtifactPermission permissionValue="admin=true" description="Admin access granted"/> |
| <ArtifactPermission permissionValue="create=true" description="Create access granted"/> |
| <ArtifactPermission permissionValue="create=false" description="Create access denied"/> |
| <ArtifactPermission permissionValue="delete=true" description="Delete access granted"/> |
| <ArtifactPermission permissionValue="delete=false" description="Delete access denied"/> |
| <ArtifactPermission permissionValue="update=true" description="Update access granted"/> |
| <ArtifactPermission permissionValue="update=false" description="Update access denied"/> |
| <ArtifactPermission permissionValue="view=true" description="View access granted"/> |
| <ArtifactPermission permissionValue="view=false" description="View access denied"/> |
| |
| <UserToArtifactPermRel userLoginId="system" artifactPath="ofbiz" permissionValue="admin=true"/> |
| <UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/?/getUserPreferenceGroup" permissionValue="access=true"/> |
| <UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/?/login" permissionValue="access=true"/> |
| <UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/?/login" permissionValue="view=true"/> |
| <UserToArtifactPermRel userLoginId="NOT_LOGGED_IN" artifactPath="ofbiz/?/ServerHit" permissionValue="create=true"/> |
| |
| <!-- Data needed to demonstrate the security-aware artifacts. This is temporary - |
| it will not be included in the project. --> |
| <UserLogin userLoginId="artifact-user" enabled="Y" isSystem="N" currentPassword="{SHA}47ca69ebb4bdc9ae0adec130880165d2cc05db1a" passwordHint=""/> |
| |
| </entity-engine-xml> |