Managing role access in Openbravo

The capability of Role inheritance was conceived to improve ease of use by making it simpler to manage role accesses, particularly when the business structure is created. Role inheritance comes into action when the general set-up is done and the roles are created.

Before role inheritance, every role was manually created. This is not a big issue if we have, for example, three roles, but in the case of a large organization with hundreds of roles, the effort can be considerable.

Some of the roles will share a lot of permissions with others, but all of them had to be manually created. Role inheritance makes it easier to setup roles by automating much of the process.

The key to implementing role inheritance are the “role templates“.  A role can inherit from a role template and that role will now have the permissions set in the template. A role can inherit from more than one template to create much more finely-grained roles.

The inheritable elements are the following: organizations, windows, tabs, fields, processes, forms, widgets, views, process definitions, preferences and alert recipients.

A template can be defined with access permissions to any of these elements.

Platform Openbravo Release


In this example we can see how it works: there are four different templates: Sales Role, Purchase Role, White Valley and Vall Blanca.

The two first templates give permissions to Sales Order, Sales Invoice, Purchase Order and Purchase Invoice windows, the White Valley and the Vall Blanca templates give access to White Valley Org and Vall Blanca Org respectively.

With the combination of these templates we can create different functional roles. For example, we have the WV Sales role. This role is a combination of the Sales Role template and the White Valley template. It has access permission to the White Valley organization, which is given by the White Valley template, and it also has access permission to the Sales Order and the Sales Invoice windows, given by Sales Role template.

Every inheritance from a template has a sequence number to solve possible conflicts. It can occur, for example, that a role inherits from two templates, one can be giving access to inheritable element and the other one can be restricting the same access. In this case, the behavior that will be taken into account is the one retrieved from the inheritance with the higher sequence number.

If you want to learn other capabilities or new functionalities of the latest release, read the full list of features here. If you need specialized advice contact us!


Previous post

Bank Statement Reconciliation in Openbravo: flexible and easy to use

Next post

New Release: Openbravo Commerce Suite Q2-2016 enters CS status

No Comment

Leave a reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>