Hi,
I’m using cuba 7.2.4 with reporting addon7.2.4 and multi-tenancy addon 2.0.2
I 'm facing difficulties to correcly define my class
@Role(name = "app-my-role")
public class MyAccessRole extends AnnotatedRoleDefinition {
- Filter in browser screens
When I’m logged as user1 (tenant = mytenant), in browser screens, I don’t see “Add search condition” for the filter
2.- Reports:
-
I created a report ad “admin” user (==> no_tenant)
-
When I’m logged as admin, I can find it in Run Reports screen
-
When I’m logged as user1 (tenant = mytenant) I cannot find it and then run it !
Any Idea ?
I don’t know how to arganize it but I think some more documentation would be helpfull to know what are the needed rights to put in a custom RoleDefinition
class. I hadded to look at the source code of classes ReportsMinimalRoleDefinition
and MinimalRoleDefinition
but it was not enough.
Regards, Guillaume
In attachement :a zip with my project.
- user admin/admin
- user user1/admin , tenant = mytenant, role = app-my-role (class
com.company.upload.core.security.MyAccessRole
My RoleDefinition class
@Role(name = "app-my-role")
public class MyAccessRole extends AnnotatedRoleDefinition {
@ScreenAccess(screenIds = {
// custom AP[upload.zip|attachment](upload://8BLEdlWu7fPzCm9GSQ3J8AMtt2R.zip) (12.5 MB) P
"application-upload",
"upload_NewEntity.browse",
"upload_NewEntity.edit",
"settings",
// from com.haulmont.reports.role.ReportsMinimalRoleDefinition
"report$inputParameters",
"report$Report.run",
"report$showReportTable",
"report$showPivotTable",
"report$showChart",
"commonLookup",
// from com.haulmont.cuba.security.app.role.MinimalRoleDefinition
"addCondition",
"backgroundWorkProgressWindow",
"backgroundWorkWindow",
"customConditionEditor",
"customConditionFrame",
"dynamicAttributesConditionEditor",
"dynamicAttributesConditionFrame",
"editWindowActions",
"extendedEditWindowActions",
"fileUploadDialog",
"filterEditor",
"filterSelect",
"groupConditionFrame",
"layoutAnalyzer",
"mainWindow",
"main",
"loginWindow",
"login",
"notFoundScreen",
"multiuploadDialog",
"propertyConditionFrame",
"runtimePropertiesFrame",
"saveFilter",
"saveSetInFolder",
"inputDialog",
"thirdpartyLicenseWindow"
})
public ScreenPermissionsContainer screenPermissions() {
return super.screenPermissions();
}
@Override
// custom APP
@EntityAccess(entityClass = NewEntity.class, operations = {EntityOp.CREATE, EntityOp.READ, EntityOp.UPDATE, EntityOp.DELETE})
@EntityAccess(entityClass = FileDescriptor.class, operations = {EntityOp.CREATE, EntityOp.READ, EntityOp.UPDATE, EntityOp.DELETE})
// from com.haulmont.reports.role.ReportsMinimalRoleDefinition
@EntityAccess(entityClass = Report.class, operations = {EntityOp.READ})
@EntityAccess(entityClass = ReportGroup.class, operations = {EntityOp.READ})
@EntityAccess(entityClass = ReportTemplate.class, operations = {EntityOp.READ})
// from com.haulmont.cuba.security.app.role.MinimalRoleDefinition
@EntityAccess(entityClass = FilterEntity.class, operations = {EntityOp.READ})
@EntityAccess(entityClass = KeyValueEntity.class, operations = {EntityOp.READ})
@EntityAccess(entityClass = User.class, operations = {EntityOp.READ})
public EntityPermissionsContainer entityPermissions() {
return super.entityPermissions();
}
@Override
// custom APP
@EntityAttributeAccess(entityName = "*",modify = "*")
public EntityAttributePermissionsContainer entityAttributePermissions() {
return super.entityAttributePermissions();
}
@Override
// custom app
// from com.haulmont.reports.role.ReportsMinimalRoleDefinition
// from com.haulmont.cuba.security.app.role.MinimalRoleDefinition
@SpecificAccess(permissions = "cuba.gui.loginToClient")
public SpecificPermissionsContainer specificPermissions() {
return super.specificPermissions();
}
@Override
public String getLocName() {
return "My Role";
}
}