OFBiz Security from an enduser point of view

Ofbiz security can be accessed in the party component under 'security' There the security groups are listed which are the equivalent of a employee function in a company. Example are “order entry' or 'catalog admin' or 'accounting' etc. 

The security groups are created as examples only because they represent a function in your company. You may need to create new groups where combinations from several different components can be combined.

The permissions are typically organized like this:

  1. Component: the name of the component where the permission is implemented.
  2. Function: is optional. If not present it will represent all functions of the component.
  3. ROLE: is optional. If the 'ROLE' is added the permission is dependent on the entry in the EntityNameRole entity, like ProductRole, CommunicationEventRole etc.
  4. Action can be anything but the following are are mostly used:
    1. CREATE: create a new record.
    2. UPDATE: update an existing record
    3. VIEW: view all records
    4. DELETE: delete existing records
    5. ADMIN: any action allowed.

You can also access the security rules from the party → profile → userLogIn ->security screen. UserLogin's can have more than a single group with even overlapping permissions.

Only applications will appear on the main menu where the user has at least the VIEW permission.

A technical description can be found at the OFBiz wiki

If you need help developing a security scheme for your installations let us know at support@antwebsystems.com.