0

I am testing PopCommerce application. I would like to use the built-in security model to limit access (of my users) to transitions - in my case I do not want all users to change a status of an invoice. On the EditInvoice.xml screen, there are transitions to various Statuses. Could you please help me with that? I am using the MoquiDevConf.xml (default one).

I do not know how to specify the Artifict Type/Pattern for the transition. This is the location of the Screen: component://SimpleScreens/screen/SimpleScreens/Accounting/Invoice/EditInvoice.xml.

Thanks in advance MR

mrovnanik
  • 123
  • 9
  • Do you want to limit access to a transition or to a particular status change? If to a particular status, which one (or ones)? The current EditInvoice screen uses a single updateStatus transition and access to that can be restricted with ArtifactAuthz deny records, but the screen would need to be changed to control particular status changes. – David E. Jones May 25 '16 at 14:14
  • I intended to limit access to a particular status change(s) not the updateStatus transition. In my case, the most important status change (or action) is Approve (change to Approved status). The other changes will not be regulated right now, but that does not mean I will not impose limitations on them in near future. – mrovnanik May 25 '16 at 21:56
  • There may be more specific framework support for this in the future, but right now this is done with explicit permission checks. See the OrderServices.approve#Order service in mantle-usl and the OrderDetail screen in SimpleScreens for an example. For invoice approve in particular I may be doing something like this in the near future, just like with order approve. – David E. Jones May 26 '16 at 20:06
  • I copied the order approving mechanism (two services) into invoices services definition file, modified the EditInvoice (new transition plus a hidden-form (aka button)). And it worked. Thx. – mrovnanik May 27 '16 at 23:07

0 Answers0