index 03fbeac902c44529982c65f6c85b51a1d38fb9dc..71ff79ac44a6d799f0d1685a5d066f5734343e6a 100644 (file)
# BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
# SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
#
-# $Id: dbinit.py,v 1.19 2002-07-14 02:05:54 richard Exp $
+# $Id: dbinit.py,v 1.22 2002-08-01 00:56:22 richard Exp $
import os
keyword = Class(db, "keyword",
name=String())
keyword.setkey("name")
-
+
+ query = Class(db, "query",
+ klass=String(), name=String(),
+ url=String())
+ query.setkey("name")
+
+ # Note: roles is a comma-separated string of Role names
user = Class(db, "user",
username=String(), password=Password(),
address=String(), realname=String(),
phone=String(), organisation=String(),
- alternate_addresses=String())
+ alternate_addresses=String(),
+ queries=Multilink('query'), roles=String())
user.setkey("username")
# FileClass automatically gets these properties:
assignedto=Link("user"), topic=Multilink("keyword"),
priority=Link("priority"), status=Link("status"))
+ #
+ # SECURITY SETTINGS
+ #
+ # new permissions for this schema
+ for cl in 'issue', 'file', 'msg':
+ db.security.addPermission(name="Edit", klass=cl,
+ description="User is allowed to edit "+cl)
+ db.security.addPermission(name="View", klass=cl,
+ description="User is allowed to access "+cl)
+
+ # Assign the access and edit permissions for issue, file and message
+ # to regular users now
+ for cl in 'issue', 'file', 'msg':
+ p = db.security.getPermission('View', cl)
+ db.security.addPermissionToRole('User', p)
+ p = db.security.getPermission('Edit', cl)
+ db.security.addPermissionToRole('User', p)
+ # and give the regular users access to the web and email interface
+ p = db.security.getPermission('Web Access')
+ db.security.addPermissionToRole('User', p)
+ p = db.security.getPermission('Email Access')
+ db.security.addPermissionToRole('User', p)
+
+ # Assign the appropriate permissions to the anonymous user's Anonymous
+ # Role. Choices here are:
+ # - Allow anonymous users to register through the web
+ p = db.security.getPermission('Web Registration')
+ db.security.addPermissionToRole('Anonymous', p)
+ # - Allow anonymous (new) users to register through the email gateway
+ p = db.security.getPermission('Email Registration')
+ db.security.addPermissionToRole('Anonymous', p)
+ # - Allow anonymous users access to the "issue" class of data
+ # Note: this also grants access to related information like files,
+ # messages, statuses etc that are linked to issues
+ #p = db.security.getPermission('View', 'issue')
+ #db.security.addPermissionToRole('Anonymous', p)
+ # - Allow anonymous users access to edit the "issue" class of data
+ # Note: this also grants access to create related information like
+ # files and messages etc that are linked to issues
+ #p = db.security.getPermission('Edit', 'issue')
+ #db.security.addPermissionToRole('Anonymous', p)
+
+ # oh, g'wan, let anonymous access the web interface too
+ p = db.security.getPermission('Web Access')
+ db.security.addPermissionToRole('Anonymous', p)
+
import detectors
detectors.init(db)
db = open("admin")
db.clear()
+ #
+ # INITIAL PRIORITY AND STATUS VALUES
+ #
pri = db.getclass('priority')
pri.create(name="critical", order="1")
pri.create(name="urgent", order="2")
stat.create(name="done-cbb", order="7")
stat.create(name="resolved", order="8")
+ # create the two default users
user = db.getclass('user')
- user.create(username="admin", password=adminpw,
- address=instance_config.ADMIN_EMAIL)
+ user.create(username="admin", password=adminpw,
+ address=instance_config.ADMIN_EMAIL, roles='Admin')
+ user.create(username="anonymous", roles='Anonymous')
+
db.commit()
#
# $Log: not supported by cvs2svn $
+# Revision 1.21 2002/07/26 08:26:59 richard
+# Very close now. The cgi and mailgw now use the new security API. The two
+# templates have been migrated to that setup. Lots of unit tests. Still some
+# issue in the web form for editing Roles assigned to users.
+#
+# Revision 1.20 2002/07/17 12:39:10 gmcm
+# Saving, running & editing queries.
+#
+# Revision 1.19 2002/07/14 02:05:54 richard
+# . all storage-specific code (ie. backend) is now implemented by the backends
+#
# Revision 1.18 2002/07/09 03:02:53 richard
# More indexer work:
# - all String properties may now be indexed too. Currently there's a bit of