![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 91b37bb)
raw | patch | inline | side by side (parent: 91b37bb)
| author | richard <richard@57a73879-2fb5-44c3-a270-3262357dd7e2> | |
| Thu, 26 Sep 2002 23:59:08 +0000 (23:59 +0000) | ||
| committer | richard <richard@57a73879-2fb5-44c3-a270-3262357dd7e2> | |
| Thu, 26 Sep 2002 23:59:08 +0000 (23:59 +0000) |
git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/trunk@1273 57a73879-2fb5-44c3-a270-3262357dd7e2
diff --git a/CHANGES.txt b/CHANGES.txt
index b83149ea0c75c171a2854ce6483acbea360d10ad..d70de865e02bc4de1a27b9730b9f461677cdb0d5 100644 (file)
--- a/CHANGES.txt
+++ b/CHANGES.txt
- added "crypt" password encoding and ability to set password with
already encrypted password through roundup-admin
- fixed the mailgw so that anonymous users may still access it
-
+- add hook to allow external password verification, overridable in the
+ tracker interfaces module
2002-09-13 0.5.0 beta2
- all backends now have a .close() method, and it's used everywhere
diff --git a/doc/customizing.txt b/doc/customizing.txt
index bb85c1c8417c2c965ccdb7d47796c0a7f359c5b4..d15973f3e77bec47135acc108299a7389685ede7 100644 (file)
--- a/doc/customizing.txt
+++ b/doc/customizing.txt
Customising Roundup
===================
-:Version: $Revision: 1.48 $
+:Version: $Revision: 1.49 $
.. This document borrows from the ZopeBook section on ZPT. The original is at:
http://www.zope.org/Documentation/Books/ZopeBook/current/ZPT.stx
your changes.
A tracker schema defines what data is stored in the tracker's database.
-The schemas shipped with Roundup turn it into a typical software bug tracker
-or help desk.
-
-XXX make sure we ship the help desk
-
Schemas are defined using Python code in the ``dbinit.py`` module of your
tracker. The "classic" schema looks like this::
Use the roundup-admin interface's create, set and retire methods to add,
alter or remove items from the classes in question.
-XXX example
+
+See "`adding a new field to the classic schema`_" for an example that requires
+database content changes.
Web Interface
This is the easiest part of the change. The category would just be a plain
string, nothing fancy. To change what is in the database you need to add
-some lines to the ``open()`` function in ``dbinit.py``::
+some lines to the ``open()`` function in ``dbinit.py`` under the comment::
+
+ # add any additional database schema configuration here
+
+add::
category = Class(db, "category", name=String())
category.setkey("name")
That is all you need to do to change the schema. The rest of the effort is
fiddling around so you can actually use the new category.
+Populating the new category class
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+If you haven't initialised the database with the roundup-admin "initialise"
+command, then you can add the following to the tracker ``dbinit.py`` in the
+``init()`` function under the comment::
+
+ # add any additional database create steps here - but only if you
+ # haven't initialised the database with the admin "initialise" command
+
+add::
+
+ category = db.getclass('category')
+ category.create(name="scipy", order="1")
+ category.create(name="chaco", order="2")
+ category.create(name="weave", order="3")
+
+If the database is initalised, the you need to use the roundup-admin tool::
+
+ % roundup-admin -i <tracker home>
+ Roundup <version> ready for input.
+ Type "help" for help.
+ roundup> create category name=scipy order=1
+ 1
+ roundup> create category name=chaco order=1
+ 2
+ roundup> create category name=weave order=1
+ 3
+ roundup> exit...
+ There are unsaved changes. Commit them (y/N)? y
+
+
Setting up security on the new objects
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/roundup/cgi/client.py b/roundup/cgi/client.py
index 6e47427baff9cdb5fe63ee88f92d1e4e26a72df0..1c5ecd114388aed524ba7482c6a813a0194be750 100644 (file)
--- a/roundup/cgi/client.py
+++ b/roundup/cgi/client.py
-# $Id: client.py,v 1.46 2002-09-26 03:45:09 richard Exp $
+# $Id: client.py,v 1.47 2002-09-26 23:59:08 richard Exp $
__doc__ = """
WWW request handler (also used in the stand-alone server).
if self.debug:
self.headers_sent = headers
- def set_cookie(self, user, password):
+ def set_cookie(self, user):
+ ''' Set up a session cookie for the user and store away the user's
+ login info against the session.
+ '''
# TODO generate a much, much stronger session key ;)
self.session = binascii.b2a_base64(repr(random.random())).strip()
self.error_message.append(_('No such user "%(name)s"')%locals())
return
- # and that the password is correct
- pw = self.db.user.get(self.userid, 'password')
- if password != pw:
+ if not self.verifyPassword(self.userid, password):
self.make_user_anonymous()
self.error_message.append(_('Incorrect password'))
return
raise Unauthorised, _("You do not have permission to login")
# set the session cookie
- self.set_cookie(self.user, password)
+ self.set_cookie(self.user)
+
+ def verifyPassword(self, userid, password):
+ ''' Verify the password that the user has supplied
+ '''
+ return password == self.db.user.get(self.userid, 'password')
def loginPermission(self):
''' Determine whether the user has permission to log in.
self.user = cl.get(self.userid, 'username')
# re-open the database for real, using the user
self.opendb(self.user)
- password = self.db.user.get(self.userid, 'password')
- self.set_cookie(self.user, password)
+
+ # update the user's session
+ if self.session:
+ self.db.sessions.set(self.session, user=self.user,
+ last_use=time.time())
+ else:
+ # new session cookie
+ self.set_cookie(self.user)
# nice message
message = _('You are now registered, welcome!')
index 778766f9933f06e08ceb3b40db181176c3fb1126..311999c54b98b052ed41db27f56c8b36926a9fac 100644 (file)
# BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
# SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
#
-# $Id: dbinit.py,v 1.29 2002-09-13 03:31:18 richard Exp $
+# $Id: dbinit.py,v 1.30 2002-09-26 23:59:08 richard Exp $
import os
klass=String(), name=String(),
url=String())
query.setkey("name")
+
+ # add any additional database schema configuration here
# Note: roles is a comma-separated string of Role names
user = Class(db, "user",
address=config.ADMIN_EMAIL, roles='Admin')
user.create(username="anonymous", roles='Anonymous')
+ # add any additional database create steps here - but only if you
+ # haven't initialised the database with the admin "initialise" command
+
db.commit()
# vim: set filetype=python ts=4 sw=4 et si
index 36c8d403989f809d9a6d4d7782843703d4586c2c..5d3e1a01d5f5b2fcf1b20e31c60bcca1e959290a 100644 (file)
# BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
# SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
#
-# $Id: dbinit.py,v 1.1 2002-09-26 04:15:07 richard Exp $
+# $Id: dbinit.py,v 1.2 2002-09-26 23:59:08 richard Exp $
import os
address=String(), alternate_addresses=String(), roles=String())
user.setkey("username")
+ # add any additional database schema configuration here
+
#
# SECURITY SETTINGS
#
address=config.ADMIN_EMAIL, roles='Admin')
user.create(username="anonymous", roles='Anonymous')
+ # add any additional database create steps here - but only if you
+ # haven't initialised the database with the admin "initialise" command
+
db.commit()
# vim: set filetype=python ts=4 sw=4 et si