OFBiz Security from an enduser point of view
Ofbiz security can be accessed in the party component under 'security' There the security groups are listed which are the equivalent of a employee function in a company. Example are “order entry' or 'catalog admin' or 'accounting' etc.
The security groups are created as examples only because they represent a function in your company. You may need to create new groups where combinations from several different components can be combined.
The permissions are typically organized like this:
Component_Function_ROLE_Action
- Component: the name of the component where the permission is implemented.
- Function: is optional. If not present it will represent all functions of the component.
- ROLE: is optional. If the 'ROLE' is added the permission is dependent on the entry in the EntityNameRole entity, like ProductRole, CommunicationEventRole etc.
- Action can be anything but the following are are mostly used:
- CREATE: create a new record.
- UPDATE: update an existing record
- VIEW: view all records
- DELETE: delete existing records
- ADMIN: any action allowed.
You can also access the security rules from the party → profile → userLogIn ->security screen. UserLogin's can have more than a single group with even overlapping permissions.
Only applications will appear on the main menu where the user has at least the VIEW permission.
A technical description can be found at the OFBiz wiki
If you need help developing a security scheme for your installations let us know at support@antwebsystems.com.