This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
The following commit(s) were added to refs/heads/trunk by this push:
new 2a1438a Improved: Product Prices - VIEW permissions (OFBIZ-12489)
(#442)
2a1438a is described below
commit 2a1438acc72a7c8474da75b48d8f22e2623e1fb4
Author: Pierre Smits <[email protected]>
AuthorDate: Thu Jan 20 11:56:03 2022 +0100
Improved: Product Prices - VIEW permissions (OFBIZ-12489) (#442)
* Improved: Product Prices - VIEW permissions (OFBIZ-12489)
Currently, a user with only 'VIEW' permissions, as demonstrated in trunk
demo with userId = auditor, accessing the product prices screen, sees editable
fields and/or triggers (to requests) reserved for users with 'CREATE' or
'UPDATE' permissions.
See (test with):
https://localhost:8443/catalog/control/EditProductPrices?productId=WG-9943
Modified:
- ProductScreens.xml - restructured for working with permissions
- ProductForms.xml - added grid ProductPrices for users with VIEW
permissions
* Improved: Product Prices - VIEW permissions (OFBIZ-12489)
Currently, a user with only 'VIEW' permissions, as demonstrated in trunk
demo with userId = auditor, accessing the product prices screen, sees editable
fields and/or triggers (to requests) reserved for users with 'CREATE' or
'UPDATE' permissions.
See (test with):
https://localhost:8443/catalog/control/EditProductPrices?productId=WG-9943
modified: ProductForms.xml
added display type to fields
---
.../product/widget/catalog/ProductForms.xml | 20 +++++++++++++
.../product/widget/catalog/ProductScreens.xml | 33 ++++++++++++++++------
2 files changed, 44 insertions(+), 9 deletions(-)
diff --git a/applications/product/widget/catalog/ProductForms.xml
b/applications/product/widget/catalog/ProductForms.xml
index 573c08b..da80f02 100644
--- a/applications/product/widget/catalog/ProductForms.xml
+++ b/applications/product/widget/catalog/ProductForms.xml
@@ -470,6 +470,26 @@ under the License.
</hyperlink>
</field>
</grid>
+
+ <grid name="ProductPrices" list-name="productPrices"
paginate-target="EditProductPrices" separate-columns="true"
+ odd-row-style="alternate-row" default-table-style="basic-table">
+ <auto-fields-entity entity-name="ProductPrice"
default-field-type="display"/>
+ <field name="productId"><hidden/></field>
+ <field name="productPriceTypeId"
title="${uiLabelMap.CommonType}"><display-entity
entity-name="ProductPriceType"/></field>
+ <field name="productPricePurposeId"
title="${uiLabelMap.CommonPurpose}"><display-entity
entity-name="ProductPricePurpose"/></field>
+ <field name="currencyUomId" title="${uiLabelMap.CommonCurrency}"
><display/></field>
+ <field name="productStoreGroupId"
title="${uiLabelMap.CommonGroup}"><display-entity
entity-name="ProductStoreGroup" description="${productStoreGroupName}"/></field>
+ <field name="price" title="${uiLabelMap.CommonPrice}"
widget-area-style="align-right" title-area-style="align-right"><display
type="accounting-number"/></field>
+ <field name="fromDate" title="${uiLabelMap.CommonFrom}"><display
type="date-time"/></field>
+ <field name="thruDate" title="${uiLabelMap.CommonThru}"><display
type="date-time"/></field>
+ <field name="viewHistoryLink" title=" " widget-style="buttontext">
+ <hyperlink description="${uiLabelMap.ProductHistory}"
target="ProductPriceHistory" also-hidden="false">
+ <parameter param-name="productId"/>
+ <parameter param-name="productPriceTypeId"/>
+ <parameter param-name="fromDate"/>
+ </hyperlink>
+ </field>
+ </grid>
<form name="AddProductPaymentMethodType" type="single"
target="createProductPaymentMethodType" title=""
header-row-style="header-row" default-table-style="basic-table">
<auto-fields-service service-name="createProductPaymentMethodType"/>
diff --git a/applications/product/widget/catalog/ProductScreens.xml
b/applications/product/widget/catalog/ProductScreens.xml
index 8373c4b..fb78de8 100644
--- a/applications/product/widget/catalog/ProductScreens.xml
+++ b/applications/product/widget/catalog/ProductScreens.xml
@@ -167,7 +167,6 @@ under the License.
<set field="titleProperty" value="PageTitleEditProductPrices"/>
<set field="tabButtonItem" value="EditProductPrices"/>
<set field="labelTitleProperty" value="ProductPrices"/>
-
<entity-and entity-name="ProductPrice" list="productPrices">
<field-map field-name="productId"
from-field="parameters.productId"/>
<order-by field-name="productStoreGroupId"/>
@@ -176,19 +175,35 @@ under the License.
<order-by field-name="currencyUomId"/>
<order-by field-name="fromDate"/>
</entity-and>
-
<property-to-field field="defaultCurrencyUomId"
resource="general" property="currency.uom.id.default" default="USD"/>
</actions>
<widgets>
<decorator-screen name="CommonProductDecorator"
location="${parameters.productDecoratorLocation}">
<decorator-section name="body">
- <screenlet
title="${uiLabelMap.PageTitleEditProductPrices}">
- <include-grid name="UpdateProductPrice"
location="component://product/widget/catalog/ProductForms.xml"/>
- </screenlet>
- <screenlet
title="${uiLabelMap.PageTitleAddProductPrices}">
- <label style="h3"
text="${uiLabelMap.ProductPricesWarning}"/>
- <include-form name="AddProductPrice"
location="component://product/widget/catalog/ProductForms.xml"/>
- </screenlet>
+ <section>
+ <condition>
+ <and>
+ <or>
+ <if-has-permission
permission="CATALOG" action="_CREATE"/>
+ <if-has-permission
permission="CATALOG" action="_UPDATE"/>
+ </or>
+ </and>
+ </condition>
+ <widgets>
+ <screenlet
title="${uiLabelMap.PageTitleEditProductPrices}">
+ <include-grid name="UpdateProductPrice"
location="component://product/widget/catalog/ProductForms.xml"/>
+ </screenlet>
+ <screenlet
title="${uiLabelMap.PageTitleAddProductPrices}">
+ <label style="h3"
text="${uiLabelMap.ProductPricesWarning}"/>
+ <include-form name="AddProductPrice"
location="component://product/widget/catalog/ProductForms.xml"/>
+ </screenlet>
+ </widgets>
+ <fail-widgets>
+ <screenlet id="ProductPrices">
+ <include-grid name="ProductPrices"
location="component://product/widget/catalog/ProductForms.xml"/>
+ </screenlet>
+ </fail-widgets>
+ </section>
</decorator-section>
</decorator-screen>
</widgets>
