Order history read access users from same organization.

-
Order history read access users from same organization.

Read only access to users belonging to same organization and Organization Participant role for order history related databeans, the XML policies below is from the reference link below but they have an issue where on the role Buyer (buy-side) role name so that's fixed.
Buyer(buy-side) roles needs to defined on the organization using Org admin console.
if there is an hierarchy of organizations and the bottom organization is the parent organization for the users. All roles have to be defined to Organizations from Top-Down.
Add the xml fragments below to resource_acpolicies.xml and run ACPLoad.
Add new policy to allow participants to display the order beans for others in the organization:
Relation group: This defines all roles in this case Buyer(buy-side) to BuyingOrganizationalEntity

     <RelationGroup Name="Buyer (buy-side)->BuyerOrganizationalEntity" OwnerID="RootOrganization">
        <RelationCondition><![CDATA[
        <profile>
        <openCondition name="RELATIONSHIP_CHAIN">
        <parameter name="ROLE" value="Buyer (buy-side)"/>
        <parameter name="RELATIONSHIP"
        value="BuyingOrganizationalEntity"/>
        </openCondition>
        </profile>
        ]]></RelationCondition>
    </RelationGroup>
   
 Create a new Policy and use the RelationGroupName created above to the ResourceGroup, OrderDatabeanResourceGroup and ActionGroup, DisplayDatabeanActionGroup

        <Policy Name="ParticipantsOfOrgDisplayOrderDatabeanResourceGroup"
            OwnerID="RootOrganization"
            UserGroup="AllUsers"
            ActionGroupName="DisplayDatabeanActionGroup"
            ResourceGroupName="OrderDatabeanResourceGroup"
            RelationGroupName="ParticipantOf->BuyerOrganizationalEntity"
            PolicyType="groupableStandard">
    </Policy>
    <Policy Name="BuyersOfOrgDisplayOrderDatabeanResourceGroup"
            OwnerID="RootOrganization"
            UserGroup="AllUsers"
            ActionGroupName="DisplayDatabeanActionGroup"
            ResourceGroupName="OrderDatabeanResourceGroup"
            RelationGroupName="Buyer (buy-side)->BuyerOrganizationalEntity"
            PolicyType="groupableStandard">
    </Policy>
     
  Subscribe organizations to the new Access Control policies:         
     <PolicyGroup Name="B2BPolicyGroup" OwnerID="RootOrganization">
        <PolicyGroupPolicy
        Name="ParticipantsOfOrgDisplayOrderDatabeanResourceGroup"
        PolicyOwnerID="RootOrganization" />
        <PolicyGroupPolicy Name=
        "BuyersOfOrgDisplayOrderDatabeanResourceGroup"
        PolicyOwnerID="RootOrganization" />
    </PolicyGroup>   

Once the ACPLoad is run, you can validate using a SQL query.
select * from acpolicy where policyname like 'BuyersOfOrgDisplayOrderDatabeanResourceGroup'
select * from acpolicy where policyname like 'ParticipantsOfOrgDisplayOrderDatabeanResourceGroup'

References:
http://www.ibm.com/developerworks/websphere/library/techarticles/0908_callaghan/0908_callaghan1.html
http://www.ibm.com/developerworks/websphere/library/techarticles/0805_callaghan/0805_callaghan.html


Comments

Post a Comment

Popular posts from this blog

Websphere Commerce Data Load using CSV \Websphere Commerce Data Load using XML

-
Websphere Commerce Data Load using CSV \Websphere Commerce Data Load using XML Data can be loaded into WCS tables using data load utility. Data load utility works in the steps as mentioned below. 1.Data Reader The data reader reads the input file, and transforms the input into a data object. Data objects are typically map objects. Eg: CSV data reader \XML Data Reader 2.Business Object Builder The business object builder instantiates the business object and populates it from the data in the data object. Eg:The table object builder 3. Business Object Mediator The business object mediator converts the business object into physical object. The table object mediator is always used with the table object builder. Eg: table-based mediator 4. Data Writer The data writer writes the physical object into the database. This tutorial uses the default data writer to write the generated physical o...
Read more

Websphere Commerce Catalog Subsystem

-
  Websphere Commerce Catalog Subsystem The Catalog Subsystem contains all logic and data relevant to an online catalog, including catalog groups (or categories), catalog entries, and any associations or relationships among them.    Master Catalog It is the single catalog that contains all products, items, relationships, and standard prices for everything that is for sale in your store. Every store in the Web Sphere Commerce system must have a master catalog. It is possible to share the master catalog across stores. Master Catalog Restrictions 1)The master catalog must be a proper tree, which means that there are no cycles. e.g.The parent category "Women" has a subcategory "WomenDress". It is important that WomenDress and any of WomenDress's subcategories like tops,jeans etc are not the parent category of "Women" category. 2)A catalog entry or category cannot belong to multiple parent categories in the master...
Read more

Calculation Framework in Websphere Commerce.

-
  OrderCalculateCmd OrderCalculateCmd invokes the Promotion engine. PromotionEngineOrderCalculateCmdImpl implements OrderCalculateCmd class. OrderCalculateCmd is invoked when we add, delete, update or merge item/s in cart. This command calculates the order  total based on the sequence in which calculationUsageId is passed into the command. WebSphere Commerce provides the below predefined calculation usages: Calusage_id    Description -1                         Discount -2                         Shipping -3                         Sales Tax -4          ...
Read more