diff --git a/roundup/cgi_client.py b/roundup/cgi_client.py
index 4ff818f40712cfb23dea8b87f27993727c559604..1f1c02dd35b21eb939bb0ee7e2f8267a61dcfa9d 100644 (file)
--- a/roundup/cgi_client.py
+++ b/roundup/cgi_client.py
# BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
# SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
#
-# $Id: cgi_client.py,v 1.157 2002-08-13 20:16:09 gmcm Exp $
+# $Id: cgi_client.py,v 1.162 2002-08-23 04:42:30 richard Exp $
__doc__ = """
WWW request handler (also used in the stand-alone server).
'''
security.addPermission(name="Web Registration",
description="User may register through the web")
- security.addPermission(name="Web Access",
+ p = security.addPermission(name="Web Access",
description="User may access the web interface")
+ security.addPermissionToRole('Admin', p)
# doing Role stuff through the web - make sure Admin can
p = security.addPermission(name="Web Roles",
self.pagehead(_('%(instancename)s: Index of %(classname)s')%{
'classname': cn, 'instancename': self.instance.INSTANCE_NAME})
-
+
index = htmltemplate.IndexTemplate(self, self.instance.TEMPLATES, cn)
try:
- index.render(filterspec, search_text, filter, columns, sort,
- group, show_customization=show_customization,
+ index.render(filterspec=filterspec, search_text=search_text,
+ filter=filter, columns=columns, sort=sort, group=group,
+ show_customization=show_customization,
show_nodes=show_nodes, pagesize=pagesize, startwith=startwith,
simple_search=simpleform)
except htmltemplate.MissingTemplateError:
def showuser(self, message=None, num_re=re.compile('^\d+$')):
'''Display a user page for editing. Make sure the user is allowed
- to edit this node, and also check for password changes.
+ to edit this node, and also check for password changes.
+
+ Note: permission checks for this node are handled in the template.
'''
user = self.db.user
except IndexError:
raise NotFound, 'user%s'%self.nodeid
- # ok, so we need to be able to edit everything, or be this node's
- # user
- userid = self.db.user.lookup(self.user)
- # removed check on user's permissions - this needs to be done
- # through require tags in user.item
#
# perform any editing
#
self.login()
def opendb(self, user):
- ''' Open the database - but include the definition of the sessions db.
+ ''' Open the database.
'''
# open the db if the user has changed
if not hasattr(self, 'db') or user != self.db.journaltag:
#
# $Log: not supported by cvs2svn $
+# Revision 1.161 2002/08/19 00:21:10 richard
+# removed debug prints
+#
+# Revision 1.160 2002/08/19 00:20:34 richard
+# grant web access to admin ;)
+#
+# Revision 1.159 2002/08/16 04:29:41 richard
+# bugfix
+#
+# Revision 1.158 2002/08/15 00:40:10 richard
+# cleanup
+#
+# Revision 1.157 2002/08/13 20:16:09 gmcm
+# Use a real parser for templates.
+# Rewrite htmltemplate to use the parser (hack, hack).
+# Move the "do_XXX" methods to template_funcs.py.
+# Redo the funcion tests (but not Template tests - they're hopeless).
+# Simplified query form in cgi_client.
+# Ability to delete msgs, files, queries.
+# Ability to edit the metadata on files.
+#
# Revision 1.156 2002/08/01 15:06:06 gmcm
# Use same regex to split search terms as used to index text.
# Fix to back_metakit for not changing journaltag on reopen.