OFBiz Security Setup
Last Updated 20230610
Note 20230609: Ran into a problem with using the SUPER admin account when trying to add content to a product. It errored out because the admin account is not associated with a PartyId.
This got me to thinking about best practices for the SUPER administrative permissions group. It should be created on installation, and then locked up and the userid and password only accessible by one responsible party. A business CEO, CFO or other third party should know how to open the safe or get access to the key should the IT guy become incapacitated. The SUPER account should not be used on a regular basis.
So that's when I started to think about security. Which leads to this section. The following code is most of the OOTB security groups and permissions. I have commented out the SECURITY_ groups as for the most part I don't think most employees should have this access. Need to work with security use the SUPER account. Everything else should be another user account.
Final note you should be aware of is that any user that has command line access to your server can shutdown ofbiz and enter the following command which will create a new SUPER user with the password ofbiz.
Command: gradlew loadAdminUserLogin -PuserLoginId=admin
The next steps in this section are to add the core security groups and step 2 is to add an employee with FULLADMIN group permissions.
Select
Web Tools
Select
XML Data Import
Copy
OFBiz Core Security
Paste in Complete XML document
Click on
Import Text
Goto the bottom of this page for step 2
Advanced Tip
Import data with the Web Tools as detailed in OFBiz Facility Setup .
<entity-engine-xml>
<!-- OFBiz Core security -->
<!-- Security groups -->
<SecurityGroup groupId="FULLADMIN" description="Full Admin group, has all general permissions." groupName="Full Admin"/>
<SecurityGroup groupId="FLEXADMIN" description="Flexible Admin group, has all granular permissions." groupName="Flex Admin"/>
<SecurityGroup groupId="VIEWADMIN" description="Demo Admin group, has all view permissions." groupName="View Admin"/>
<SecurityGroup groupId="BIZADMIN" description="Full Business Applications permission group, has all business app admin permissions, not technical permissions." groupName="Biz Admin"/>
<SecurityGroup groupId="IMPERSONATION" description="Permission group to impersonate user."/>
<SecurityGroup groupId="HUMANRES_ADMIN" description="This security group is for those who have full access to the human resource component." groupName="Humanres Admin"/>
<SecurityGroup groupId="HUMANRES_APPROVER" description="This security group is for those who will approve the internal job posting application." groupName="Humanres Approver"/>
<SecurityGroup groupId="HUMANRES_EMPLOYEE" description="This security group is for all the employees who want to apply for internal Job Posting." groupName="Humanres Employee"/>
<SecurityGroup description="Accounting permission for all accounting functions." groupId="ACCTG_FUNCTNL_ADMIN" groupName="Accounting Admin"/>
<SecurityGroup groupName="Security Admin" description="Security Admin group, has all permissions to modify security settings in party manager." groupId="SECURITYADMIN"/>
<SecurityGroup description="Limited Catalog Admin group, has limited catalog permissions." groupId="CATALOGADMIN_LTD" groupName="Catalog Admin (Limited)"/>
<SecurityGroup groupId="CONTENT_USER" groupName="Content User" description="Content user group; all limited content permissions."/>
<SecurityGroup description="Image Management Admin." groupId="IMAGEADMIN" groupName="Image Admin"/>
<SecurityGroup description="WorkEffort Admin group, has all workeffort permissions." groupId="WORKEFFORTADMIN" groupName="WorkEffort Admin"/>
<SecurityGroup description="Project Admin group, has update access to own projects." groupId="PROJECTADMIN"/>
<SecurityGroup description="Project User group, has read, task create/assign and timesheet create/update access to own projects." groupId="PROJECTUSER"/>
<!-- general admin tools permission -->
<SecurityPermission description="Permission to access the Stock OFBiz Manager Applications." permissionId="OFBTOOLS_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="OFBTOOLS_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="OFBTOOLS_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="OFBTOOLS_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="OFBTOOLS_VIEW"/>
<!-- Webtools security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="WEBTOOLS_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="WEBTOOLS_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="WEBTOOLS_VIEW"/>
<!-- Server Stats security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="SERVER_STATS_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="SERVER_STATS_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="SERVER_STATS_VIEW"/>
<!-- Artifact Info security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="ARTIFACT_INFO_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ARTIFACT_INFO_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="ARTIFACT_INFO_VIEW"/>
<!-- Labels Info security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="LABEL_MANAGER_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="LABEL_MANAGER_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="LABEL_MANAGER_VIEW"/>
<!-- Data File Maintenance security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="DATAFILE_MAINT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="DATAFILE_MAINT"/>
<!-- Service Maintenance security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="SERVICE_MAINT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="SERVICE_JM_LOCK"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="SERVICE_RSAS_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="SERVICE_MAINT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="SERVICE_JM_LOCK"/>
<!-- Period Maintenance security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="PERIOD_MAINT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PERIOD_MAINT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="PERIOD_MAINT"/>
<!-- Enum & Status Maintenance security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="ENUM_STATUS_MAINT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ENUM_STATUS_MAINT"/>
<!-- Entity Maintenance security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="ENTITY_MAINT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="ENTITY_DATA_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ENTITY_MAINT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ENTITY_DATA_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ENTITY_DATA_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ENTITY_DATA_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ENTITY_DATA_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="ENTITY_DATA_VIEW"/>
<!-- UtilCache security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="UTIL_CACHE_EDIT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="UTIL_CACHE_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="UTIL_DEBUG_EDIT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="UTIL_DEBUG_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="UTIL_CACHE_EDIT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="UTIL_CACHE_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="UTIL_DEBUG_EDIT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="UTIL_DEBUG_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="UTIL_CACHE_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="UTIL_DEBUG_VIEW"/>
<!-- Remote Service security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="SERVICE_INVOKE_ANY"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="SERVICE_INVOKE_ANY"/>
<!-- Entity Sync Admin security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="ENTITY_SYNC_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ENTITY_SYNC_ADMIN"/>
<!-- Payment Processors security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PAYPROC_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PAYPROC_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PAYPROC_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="PAYPROC_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="PAYPROC_ADMIN"/>
<!-- Payment Information security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PAY_INFO_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PAY_INFO_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PAY_INFO_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PAY_INFO_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="PAY_INFO_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="PAY_INFO_ADMIN"/>
<!-- Accounting Manager security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="ACCOUNTING_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ACCOUNTING_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ACCOUNTING_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ACCOUNTING_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ACCOUNTING_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="ACCOUNTING_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="ACCOUNTING_ADMIN"/>
<!-- Manual Payment security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="MANUAL_PAYMENT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="MANUAL_PAYMENT"/>
<!-- ACCOUNTING_COMMs security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="ACCOUNTING_COMM_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ACCOUNTING_COMM_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="ACCOUNTING_COMM_VIEW"/>
<!-- Ability to print checks -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="ACCOUNTING_PRINT_CHECKS"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ACCOUNTING_PRINT_CHECKS"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="ACCOUNTING_PRINT_CHECKS"/>
<!-- Set up accounting organization preferences security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="ACCTG_PREF_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="ACCTG_PREF_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="ACCTG_PREF_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="ACCTG_PREF_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="ACCTG_PREF_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="ACCTG_FX_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="ACCTG_FX_UPDATE"/>
<!-- For general ledger accounting transactions. Note that any component that needs to post
accounting transactions should create a permission service SECA to grant
task-specific permissions to post transactions. The following permissions
should be given to accountants only, as that involves changing the books. -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="ACCTG_ATX_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ACCTG_ATX_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ACCTG_ATX_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ACCTG_ATX_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ACCTG_ATX_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="ACCTG_ATX_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="ACCTG_ATX_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="ACCTG_ATX_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="ACCTG_ATX_DELETE"/>
<!-- Security Group to manage all Accounting operations -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="ACCTG_FUNCTNL_ADMIN" permissionId="ACCOUNTING_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="ACCTG_FUNCTNL_ADMIN" permissionId="OFBTOOLS_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="ACCTG_FUNCTNL_ADMIN" permissionId="ACCTG_ATX_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="ACCTG_FUNCTNL_ADMIN" permissionId="ACCTG_FX_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="ACCTG_FUNCTNL_ADMIN" permissionId="ACCTG_PREF_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="ACCTG_FUNCTNL_ADMIN" permissionId="ACCOUNTING_PRINT_CHECKS"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="ACCTG_FUNCTNL_ADMIN" permissionId="ACCOUNTING_COMM_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="ACCTG_FUNCTNL_ADMIN" permissionId="MANUAL_PAYMENT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="ACCTG_FUNCTNL_ADMIN" permissionId="PAY_INFO_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="ACCTG_FUNCTNL_ADMIN" permissionId="PAYPROC_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="ACCTG_FUNCTNL_ADMIN" permissionId="ASSETMAINT_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="ACCTG_FUNCTNL_ADMIN" permissionId="ACCOUNTING_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="ACCTG_FUNCTNL_ADMIN" permissionId="ACCOUNTING_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="ACCTG_FUNCTNL_ADMIN" permissionId="ACCOUNTING_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="ACCTG_FUNCTNL_ADMIN" permissionId="ACCOUNTING_VIEW"/>
<!-- Common Ext security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="COMMONEXT_PUBLMSG"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="SETUP_ADMIN"/>
<!-- Content Manager security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="CONTENTMGR_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CONTENTMGR_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CONTENTMGR_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CONTENTMGR_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CONTENTMGR_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="CONTENTMGR_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="CONTENTMGR_ADMIN"/>
<!-- Content ROLE security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="CONTENT_USER" permissionId="CONTENTMGR_ROLE_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="CONTENT_USER" permissionId="CONTENTMGR_ROLE_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="CONTENT_USER" permissionId="CONTENTMGR_ROLE_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="CONTENT_USER" permissionId="CONTENTMGR_ROLE_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="CONTENT_USER" permissionId="CONTENTMGR_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="CONTENT_USER" permissionId="OFBTOOLS_VIEW"/>
<!-- Human Resources security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="HUMANRES_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="HUMANRES_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="HUMANRES_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="HUMANRES_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="HUMANRES_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="HUMANRES_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="HUMANRES_ADMIN"/>
<!-- OFBiz Recruitment security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="HUMANRES_ADMIN" permissionId="HUMANRES_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="HUMANRES_APPROVER" permissionId="HUMANRES_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="HUMANRES_APPROVER" permissionId="HUMANRES_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="HUMANRES_APPROVER" permissionId="PARTYMGR_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="HUMANRES_APPROVER" permissionId="OFBTOOLS_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="HUMANRES_APPROVER" permissionId="HUMANRES_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="HUMANRES_APPROVER" permissionId="HUMANRES_APPROVE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="HUMANRES_EMPLOYEE" permissionId="HUMANRES_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="HUMANRES_EMPLOYEE" permissionId="HUMANRES_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="HUMANRES_EMPLOYEE" permissionId="PARTYMGR_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="HUMANRES_EMPLOYEE" permissionId="OFBTOOLS_VIEW"/>
<!-- Manufacturing Manager security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="MANUFACTURING_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="MANUFACTURING_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="MANUFACTURING_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="MANUFACTURING_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="MANUFACTURING_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="MANUFACTURING_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="MANUFACTURING_ADMIN"/>
<!-- Marketing Manager security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="MARKETING_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="MARKETING_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="MARKETING_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="MARKETING_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="MARKETING_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="MARKETING_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="MARKETING_ADMIN"/>
<!-- SFA security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="SFA_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="SFA_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="SFA_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="SFA_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="SFA_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="SFA_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="SFA_ADMIN"/>
<!-- Order Manger security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="ORDERMGR_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ORDERMGR_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ORDERMGR_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ORDERMGR_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ORDERMGR_RETURN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ORDERMGR_NOTE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ORDERMGR_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ORDERMGR_PURCHASE_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ORDERMGR_QUOTE_PRICE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="ORDERMGR_CRQ_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ORDERMGR_CRQ_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ORDERMGR_4C_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="ORDERMGR_4C_UPDATE"/>
<!-- Party Manager security -->
<SecurityGroup groupName="Party Admin" description="Party Admin group, has all party permissions." groupId="PARTYADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="PARTYADMIN" permissionId="PARTYMGR_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="PARTYADMIN" permissionId="OFBTOOLS_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="PARTYMGR_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_NOTE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_STS_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_GRP_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_REL_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_REL_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_ROLE_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_ROLE_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_PCM_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_PCM_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_PCM_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_SRC_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_CME_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_CME_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PARTYMGR_CME_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="PARTYMGR_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="PARTYMGR_NOTE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="PARTYMGR_ADMIN"/>
<!-- Security Management security -->
<!-- I have commented out these users from any security at all so there is only "1" SUPER user with security access to the system. -->
<!--<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="SECURITY_ADMIN"/> -->
<!--<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="SECURITY_CREATE"/> -->
<!--<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="SECURITY_DELETE"/> -->
<!--<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="SECURITY_UPDATE"/> -->
<!--<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="SECURITY_VIEW"/> -->
<!--<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="SECURITY_VIEW"/> -->
<!--<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="SECURITYADMIN" permissionId="SECURITY_ADMIN"/> -->
<!-- Catalog Manager security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="CATALOGADMIN_LTD" permissionId="CATALOG_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="CATALOGADMIN_LTD" permissionId="CATALOG_ROLE_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="CATALOGADMIN_LTD" permissionId="CATALOG_ROLE_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="CATALOGADMIN_LTD" permissionId="CATALOG_ROLE_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="CATALOGADMIN_LTD" permissionId="OFBTOOLS_VIEW"/>
<SecurityGroup description="Catalog Admin group, has all catalog permissions." groupId="CATALOGADMIN" groupName="Catalog Admin"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="CATALOGADMIN" permissionId="CATALOG_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="CATALOGADMIN" permissionId="CATALOG_PRICE_MAINT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="CATALOGADMIN" permissionId="OFBTOOLS_VIEW"/>
<!-- NOTE DEJ20070810 where did this come from? has duplicate ID of that above: <SecurityGroup description="Catalog Admin View and Purchase Allow Products" groupId="CATALOGADMIN"/> -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CATALOG_VIEW_ALLOW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CATALOG_PURCHASE_ALLOW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="CATALOG_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="CATALOG_PRICE_MAINT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="CATALOG_VIEW_ALLOW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="CATALOG_PURCHASE_ALLOW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CATALOG_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CATALOG_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CATALOG_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CATALOG_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CATALOG_PRICE_MAINT"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CATALOG_VIEW_ALLOW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="CATALOG_PURCHASE_ALLOW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="CATALOG_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="CATALOG_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="CATALOG_PRICE_MAINT"/>
<!-- Image Management security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="IMAGEADMIN" permissionId="IMAGE_MANAGEMENT_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="IMAGEADMIN" permissionId="IMAGE_MANAGEMENT_APPROVE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="IMAGEADMIN" permissionId="IMAGE_MANAGEMENT_UPLOAD"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="IMAGE_MANAGEMENT_ADMIN"/>
<SecurityGroup description="Image Management Approve" groupId="IMAGEAPPROVE" groupName="Image Approve"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="IMAGEAPPROVE" permissionId="IMAGE_MANAGEMENT_APPROVE"/>
<SecurityGroup description="Image Management Upload." groupId="IMAGEUPLOAD" groupName="Image Load"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="IMAGEUPLOAD" permissionId="IMAGE_MANAGEMENT_UPLOAD"/>
<!-- Facility Security Group Demo Data -->
<!-- Facility Manager security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="FACILITY_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="FACILITY_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="FACILITY_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="FACILITY_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="FACILITY_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="FACILITY_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="FACILITY_ADMIN"/>
<!-- Work Effort security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="WORKEFFORTMGR_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="WORKEFFORTMGR_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="WORKEFFORTMGR_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="WORKEFFORTMGR_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="WORKEFFORTMGR_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="WORKEFFORTMGR_ROLE_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="WORKEFFORTMGR_ROLE_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="WORKEFFORTMGR_ROLE_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="WORKEFFORTMGR_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="WORKEFFORTMGR_ADMIN"/>
<SecurityGroup groupId="WORKEFFORT_USER" description="WorkEffort user group; all limited workeffort permissions." groupName="WorkEffort User"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="WORKEFFORT_USER" permissionId="WORKEFFORTMGR_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="WORKEFFORT_USER" permissionId="WORKEFFORTMGR_ROLE_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="WORKEFFORT_USER" permissionId="WORKEFFORTMGR_ROLE_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="WORKEFFORT_USER" permissionId="WORKEFFORTMGR_ROLE_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="WORKEFFORT_USER" permissionId="WORKEFFORTMGR_ROLE_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="WORKEFFORT_USER" permissionId="OFBTOOLS_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="WORKEFFORTADMIN" permissionId="WORKEFFORTMGR_ADMIN"/>
<!-- WedbPOS security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="MYPORTALBASE_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="WEBPOS_ADMIN"/>
<!-- Project Manager security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="PROJECTMGR_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="PROJECTMGR_ADMIN"/>
<!-- Scrum security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="SCRUM_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="SCRUM_READ"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="SCRUM_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="SCRUM_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="SCRUM_BILLING_ADMIN"/>
<!--BI security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="BI_ADMIN"/>
<!-- eBay component security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="EBAY_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="EBAY_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="EBAY_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="EBAY_VIEW"/>
<!-- Example security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="EXAMPLE_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="EXAMPLE_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="EXAMPLE_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="EXAMPLE_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="EXAMPLE_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="EXAMPLE_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="EXAMPLE_ADMIN"/>
<!-- MyPortal security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="MYPORTALBASE_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="MYPORTALBASE_ADMIN"/>
<!-- Asset Maintenance security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="ASSETMAINT_ADMIN"/>
<!-- Common Services security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="COMMON_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="COMMON_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="COMMON_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="COMMON_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="VISUALTHEME_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="VISUALTHEME_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="VISUALTHEME_DELETE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PORTALPAGE_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="VISUALTHEME_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="COMMON_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="PORTALPAGE_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="COMMON_VIEW"/>
<!-- User preferences security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="USERPREF_ADMIN"/>
<!-- Temporal expression security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="TEMPEXPR_ADMIN"/>
<!-- Impersonation security -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="IMPERSONATE_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="IMPERSONATION" permissionId="IMPERSONATE_ADMIN"/>
<!-- <SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="IMPERSONATION" permissionId="SECURITY_VIEW"/> -->
<!-- Project Manager security -->
<!-- add permission to general groups -->
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="PROJECTMGR_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FULLADMIN" permissionId="PROJECTMGR_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PROJECTMGR_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="FLEXADMIN" permissionId="PROJECTMGR_ROLE_TIMESHEET_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="PROJECTMGR_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="VIEWADMIN" permissionId="PROJECTMGR_ROLE_TIMESHEET_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="PROJECTMGR_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="BIZADMIN" permissionId="PROJECTMGR_ROLE_TIMESHEET_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="PROJECTADMIN" permissionId="PROJECTMGR_ROLE_ADMIN"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="PROJECTADMIN" permissionId="PROJECTMGR_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="PROJECTADMIN" permissionId="PROJECTMGR_TIMESHEET_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="PROJECTADMIN" permissionId="PROJECTMGR_TIMESHEET_UPDATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="PROJECTUSER" permissionId="PROJECTMGR_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="PROJECTUSER" permissionId="PROJECTMGR_ROLE_VIEW"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="PROJECTUSER" permissionId="PROJECTMGR_ROLE_TASK_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="PROJECTUSER" permissionId="PROJECTMGR_ROLE_TIMESHEET_CREATE"/>
<SecurityGroupPermission fromDate="2001-05-13 12:00:00.0" groupId="PROJECTUSER" permissionId="PROJECTMGR_ROLE_TIMESHEET_UPDATE"/>
</entity-engine-xml>
Select
Party
Click on
Create Employee
Fill out all * boxes and 1 telephone number.
States are not selectable until Country is selected.
Click on
Save
Note: Security Question and Security Answer. Looks like it has something to do with when a user creates an account from the website side. You can see discussion on it in MarkLogic. It appears that it will be removed.
https://ofbiz.markmail.org/search/?q=%22Security+Question%22#query:%22Security%20Question%22+page:1+mid:2dhc4al4adwgvl7z+state:results
Click on
Security Groups
Select FULLADMIN Full Admin
Click
Add
The FULLADMIN group is now active
Click
Logout
Log back in using the AdminDave account and password you entered.
From Party Menu
Click on
Search
Click on
AdminDave
Notice there is no Security Groups
Select Party
Select Parties
Click on
Security
Notice no permissions.
As of this date I think I have thought it through. We will find out in coming sessions. Remember that I am documenting what I am learning in real time.
