How to disable the
access control policy:
1. Open wc-server.xml which is located in
WCDE_ENT70\workspace\WC\xml\config\wc-server.xml
2. Search for
"<Instance" tag
3. Add
AccessControlUnitTest="true immediately after "<Instance "
4. Save the file
5. Restart the server
After implementing
this steps the server will not throw
"User does not have authority to execute Command/View"
How to disable access
control check in Commands:
If you want to
disable access control policy for a controller command then call
setAccCheck(false) before calling execute.
This method is set by
the web controller to indicate whether an access control check is required for
this command.
For e.g
OrderCreateCmd
orderCreateCmd=
(OrderCreateCmd )
CommandFactory.createCommand(OrderCreateCmd .NAME, getStoreId())
orderCreateCmd.setAccCheck(false);
orderCreateCmd.execute();
accessControlCheck():
This method performs
a command level access control check for this command. The default
implementation invokes the access control manager to perform the check.This
method returns true
if the user has
authority and false otherwise.
getResources()
This method is used
to implement resource-level access control. It returns a vector of
resource-action pairs upon which the command intends to act. If nothing is
returned, no resource-level access control is performed.In order to Skip
Resource level Access control in a
Controller Command do as below. But it is not recommended.
public AccessVector
getResources() {
return null;
}
checkIsAllowed()
This method
determines whether a user can perform a specified action on a certain resource.
This method is called by the command to perform a resource level access control
check in addition to the resources returned by the getResources() method.