Add AD_Role.IsClientAdministrator ?
50 views
Skip to first unread message
Nicolas Micoud
Mar 2, 2022, 6:18:44 AM3/2/22
to iDempiere
Hi,
After seeing https://idempiere.atlassian.net/browse/IDEMPIERE-5210 and how you identify an administrator role (role.getName().toLowerCase().contains("admin")) via https://github.com/bxservice/de.bayen.freibier/blob/f6df98ecdb7e02629ee65020d57aa5476ab87f55/de.bayen.freibier/src/de/bayen/freibier/model/FreiBierEventHandler.java#L27, I think it would be useful to have a "real" way to identify an administrator (at tenant level).
ATM the moment, a tenant administrator role is just a role (but I cannot identify using the name as it will be 'amministratore' in Italian, and there is no 'admin' in it).
Moreover, I don't want those role to have the AccessAdvanced = Y - is just for us (at TGI).
Here's my current requirement (but I think that could apply to several situations): be able to identify a role which is an administrator.
We have a table which stores credentials for an extranet.
I added a process to show passwords (idea is that everyone can see its own password and Advanced/Support can see all passwords).
But I would like tenants to be autonomous, so tenant administrators can see all passwords too.
Current logic is
@AD_User_ID@ = @#AD_User_ID@ | @#ShowAdvanced@ = Y | @#AD_Role_Type@ = SS
New logic would be :
@AD_User_ID@ = @#AD_User_ID@ | @#ShowAdvanced@ = Y | @#AD_Role_Type@ = SS | @#IsClientAdministrator@ = Y
nb: ATM, there is a MUser.isAdministrator() method which returs true if the user has access to System role.
wdyt?
Thanks,
Nicolas
After seeing https://idempiere.atlassian.net/browse/IDEMPIERE-5210 and how you identify an administrator role (role.getName().toLowerCase().contains("admin")) via https://github.com/bxservice/de.bayen.freibier/blob/f6df98ecdb7e02629ee65020d57aa5476ab87f55/de.bayen.freibier/src/de/bayen/freibier/model/FreiBierEventHandler.java#L27, I think it would be useful to have a "real" way to identify an administrator (at tenant level).
ATM the moment, a tenant administrator role is just a role (but I cannot identify using the name as it will be 'amministratore' in Italian, and there is no 'admin' in it).
Moreover, I don't want those role to have the AccessAdvanced = Y - is just for us (at TGI).
Here's my current requirement (but I think that could apply to several situations): be able to identify a role which is an administrator.
We have a table which stores credentials for an extranet.
I added a process to show passwords (idea is that everyone can see its own password and Advanced/Support can see all passwords).
But I would like tenants to be autonomous, so tenant administrators can see all passwords too.
Current logic is
@AD_User_ID@ = @#AD_User_ID@ | @#ShowAdvanced@ = Y | @#AD_Role_Type@ = SS
New logic would be :
@AD_User_ID@ = @#AD_User_ID@ | @#ShowAdvanced@ = Y | @#AD_Role_Type@ = SS | @#IsClientAdministrator@ = Y
nb: ATM, there is a MUser.isAdministrator() method which returs true if the user has access to System role.
wdyt?
Thanks,
Nicolas
Carlos Antonio Ruiz Gomez
Mar 2, 2022, 7:36:38 AM3/2/22
to idem...@googlegroups.com
Hi Nicolas, I don't see clearly a case
applicable for core, but it sounds useful for implementations.
And it seems like a small
non-disruptive change there.
It sounds OK.
Regards,
Carlos Ruiz
El 2/3/22 a las 12:18, Nicolas Micoud
escribió:
Nicolas --
Nicolas Micoud
Mar 2, 2022, 9:52:04 AM3/2/22
to iDempiere
Reply all
Reply to author
Forward
0 new messages