Updated documents

git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/trunk@854 57a73879-2fb5-44c3-a270-3262357dd7e2

diff --git a/CHANGES.txt b/CHANGES.txt
index c8e4fdb33744f7bf282e7973699fb5ad78a6c51a..e3b47acb2126658e4191134c142c8ab37281e820 100644 (file)
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -5,6 +5,9 @@ are given with the most recent entry first.
 Fixed:
  . #576086 ] dumb copying mistake (frontends/ZRoundup.py)
  . installation instructions now mention "python2" in "testing your python".
+ . made the unit tests run again - they were quite b0rken
+
+Feature:
  . cleaned up the indexer code:
    - it splits more words out
    - removed code we'll never use (roundup.roundup_indexer has the full
@@ -27,9 +30,10 @@ Fixed:
      set up in the dbinit.
    - new "reindex" command in roundup-admin used to force regeneration of the 
      index
- . made the unit tests run again - they were quite b0rken
  . added email display function - mangles email addrs so they're not so easily
    scraped from the web
+ . added sorting of checklist HTML display
+ . switched to using a session-based web login
 
 
 2002-06-24 0.4.2

diff --git a/TODO.txt b/TODO.txt
index 471e0827189ebfcbb998404c1c77b0f5db8dd4ec..0c893219ff71e3ac4dbb8a103d9f3382ddb83ffd 100644 (file)
--- a/TODO.txt
+++ b/TODO.txt
@@ -15,7 +15,11 @@ pending  journalling: fix the journal bloat
          related: Re-enable link backrefs from messages
                   feature request #568714
 pending  alternative user auth: at least an LDAP implementation
-pending  security overhaul: see doc/security.txt
+active   security overhaul: see doc/security.txt
+done     - switch to sessions for web authentication (RJ)
+         - authenticate over a secure connection
+         - implement and use the new logical control mechanisms
+         - use digital signatures in mailgw
 pending  fix double-submit by having new-item-submit redirect at end
 pending  split instance.open() into open() and login()
 pending  range searching of values (dates in particular)
@@ -37,7 +41,11 @@ pending  Allow multiple email addresses at one mailgw, with different default
          the mailgw as invoked in the mail delivery "aliases" file) eg:
            roundup: "|/roundup/bin/roundup-mailgw /roundup/instances/dev"
            vmbugs: "|/roundup/bin/roundup-mailgw /roundup/instances/dev component=voicemail"
-active   Have the full-text search also search certain String properties (RJ)
+pending  Quick help links on web interface next to the property labels giving
+         a description of the property. Combine with help for the actual form
+         element too, eg. how to use the nosy list edit box.
 
 ongoing  any bugs
 
+done     Have the full-text search also search certain String properties (RJ)
+

diff --git a/doc/security.txt b/doc/security.txt
index 356a24be9af11e44981346b602016e9358ee720f..2d6906ee1ae394dcc64ee485b1faf35903a85d4c 100644 (file)
--- a/doc/security.txt
+++ b/doc/security.txt
@@ -2,7 +2,7 @@
 Security Mechanisms
 ===================
 
-:Version: $Revision: 1.4 $
+:Version: $Revision: 1.5 $
 
 Current situation
 =================
@@ -234,7 +234,7 @@ The CGI interface must be changed to:
 - authenticate over a secure connection
 - use unique tokens as a result of authentication, rather than pass the user's
   real credentials (username/password) around for each request (this means
-  sessions :)
+  sessions and hence a session database)
 - use the new logical control mechanisms
 
 The mail gateway must be changed to: