![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8d761a9)
raw | patch | inline | side by side (parent: 8d761a9)
| author | richard <richard@57a73879-2fb5-44c3-a270-3262357dd7e2> | |
| Fri, 12 Mar 2004 05:36:26 +0000 (05:36 +0000) | ||
| committer | richard <richard@57a73879-2fb5-44c3-a270-3262357dd7e2> | |
| Fri, 12 Mar 2004 05:36:26 +0000 (05:36 +0000) |
git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/trunk@2146 57a73879-2fb5-44c3-a270-3262357dd7e2
diff --git a/doc/customizing.txt b/doc/customizing.txt
index 51c83b41aba42aff5d7b9b6bd532df1333c99926..e5170c32c13e25001b8a4490a8ee0546b08a2c01 100644 (file)
--- a/doc/customizing.txt
+++ b/doc/customizing.txt
Customising Roundup
===================
-:Version: $Revision: 1.118 $
+:Version: $Revision: 1.119 $
.. This document borrows from the ZopeBook section on ZPT. The original is at:
http://www.zope.org/Documentation/Books/ZopeBook/current/ZPT.stx
- Edit (everything)
- View (everything)
+Every Class you define in your tracker's schema also gets an Edit and View
+Permission of its own.
+
The default interfaces define:
- Web Registration
#
# SECURITY SETTINGS
#
- # new permissions for this schema
- for cl in ('user', ):
- db.security.addPermission(name="Edit", klass=cl,
- description="User is allowed to edit "+cl)
- db.security.addPermission(name="View", klass=cl,
- description="User is allowed to access "+cl)
-
# and give the regular users access to the web and email interface
p = db.security.getPermission('Web Access')
db.security.addPermissionToRole('User', p)
When adding a new Permission, you will need to:
-1. add it to your tracker's dbinit so it is created
+1. add it to your tracker's dbinit so it is created, using
+ ``security.addPermission``, for example::
+
+ self.security.addPermission(name="View", klass='frozzle',
+ description="User is allowed to access frozzles")
+
+ will set up a new "View" permission on the Class "frozzle".
2. enable it for the Roles that should have it (verify with
"``roundup-admin security``")
3. add it to the relevant HTML interface templates
diff --git a/doc/upgrading.txt b/doc/upgrading.txt
index 2531ce867f9d2b3d10fa411267b9c84fefe7b24b..47cd0216fea9a6ac4856507158bd5ed9dbbd388c 100644 (file)
--- a/doc/upgrading.txt
+++ b/doc/upgrading.txt
Migrating from 0.6 to 0.7
=========================
+0.7.0 Permission setup
+----------------------
+
+0.7 automatically sets up the Edit and View Permissions for all classes,
+thus you don't need to do so. Feel free to remove the code::
+
+ # Add new Permissions for this schema
+ for cl in 'issue', 'file', 'msg', 'user', 'query', 'keyword':
+ db.security.addPermission(name="Edit", klass=cl,
+ description="User is allowed to edit "+cl)
+ db.security.addPermission(name="View", klass=cl,
+ description="User is allowed to access "+cl)
+
+from your ``dbinit.py``.
+
+
+0.7.0 Permission assignments
+----------------------------
+
+Due to a change in the rendering of web widgets, permissions are now
+checked on Classes where they previously weren't (this is a good thing).
+
+You will need to add some additional Permission assignments for your
+regular users, or some displays will break. After the following in your
+tracker's ``dbinit.py``::
+
+ # Assign the access and edit Permissions for issue, file and message
+ # to regular users now
+ for cl in 'issue', 'file', 'msg', 'query', 'keyword':
+ p = db.security.getPermission('View', cl)
+ db.security.addPermissionToRole('User', p)
+ p = db.security.getPermission('Edit', cl)
+ db.security.addPermissionToRole('User', p)
+
+add::
+
+ for cl in 'priority', 'status':
+ p = db.security.getPermission('View', cl)
+ db.security.addPermissionToRole('User', p)
+
+
0.7.0 Extending the cgi interface
---------------------------------
__ customizing.html#defining-new-web-actions
__ customizing.html#using-an-external-password-validation-source
+
0.7.0 Getting the current user id
---------------------------------
index 6ea53c0e0d639ba188c7c9143db6c4f52ca44796..4d3ad98387e3298a1038f59f9f445b44cea6b642 100644 (file)
# BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
# SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
#
-#$Id: back_anydbm.py,v 1.135 2004-02-11 23:55:08 richard Exp $
+#$Id: back_anydbm.py,v 1.136 2004-03-12 05:36:26 richard Exp $
'''This module defines a backend that saves the hyperdatabase in a
database chosen by anydbm. It is guaranteed to always be available in python
versions >2.1.1 (the dumbdbm fallback in 2.1.1 and earlier has several
raise ValueError, cn
self.classes[cn] = cl
+ # add default Edit and View permissions
+ self.security.addPermission(name="Edit", klass=cn,
+ description="User is allowed to edit "+cn)
+ self.security.addPermission(name="View", klass=cn,
+ description="User is allowed to access "+cn)
+
def getclasses(self):
'''Return a list of the names of all existing classes.'''
if __debug__:
index 92191c04280fb612fd6142b362ae3ccafea6d015..055782ea49c4fcbd66095d1ead40ab5765347c0c 100755 (executable)
-# $Id: back_metakit.py,v 1.60 2004-02-23 17:19:09 wc2so1 Exp $
+# $Id: back_metakit.py,v 1.61 2004-03-12 05:36:26 richard Exp $
'''Metakit backend for Roundup, originally by Gordon McMillan.
Known Current Bugs:
self.classes[cl.classname] = cl
if self.tables.find(name=cl.classname) < 0:
self.tables.append(name=cl.classname)
+
+ # add default Edit and View permissions
+ self.security.addPermission(name="Edit", klass=cl.classname,
+ description="User is allowed to edit "+cl.classname)
+ self.security.addPermission(name="View", klass=cl.classname,
+ description="User is allowed to access "+cl.classname)
+
def addjournal(self, tablenm, nodeid, action, params, creator=None,
creation=None):
''' Journal the Action
index 352220f247a64a01bb4240e3d8397cc30a6f6786..40b0d248575c38308346394d4ca7bb9595012854 100644 (file)
-# $Id: rdbms_common.py,v 1.77 2004-03-12 04:08:59 richard Exp $
+# $Id: rdbms_common.py,v 1.78 2004-03-12 05:36:26 richard Exp $
''' Relational database (SQL) backend common code.
Basics:
raise ValueError, cn
self.classes[cn] = cl
+ # add default Edit and View permissions
+ self.security.addPermission(name="Edit", klass=cn,
+ description="User is allowed to edit "+cn)
+ self.security.addPermission(name="View", klass=cn,
+ description="User is allowed to access "+cn)
+
def getclasses(self):
''' Return a list of the names of all existing classes.
'''
index 83e938686fb5045d1524e71e2a64b69e17088792..9ed40405861e8c233335ca9668328f1d1aa7f1a2 100644 (file)
# BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
# SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
#
-# $Id: dbinit.py,v 1.3 2004-01-19 23:57:47 richard Exp $
+# $Id: dbinit.py,v 1.4 2004-03-12 05:36:26 richard Exp $
import os
#
# See the configuration and customisation document for information
# about security setup.
- # Add new Permissions for this schema
- for cl in 'issue', 'file', 'msg', 'user', 'query', 'keyword':
- db.security.addPermission(name="Edit", klass=cl,
- description="User is allowed to edit "+cl)
- db.security.addPermission(name="View", klass=cl,
- description="User is allowed to access "+cl)
-
# Assign the access and edit Permissions for issue, file and message
# to regular users now
for cl in 'issue', 'file', 'msg', 'query', 'keyword':
db.security.addPermissionToRole('User', p)
p = db.security.getPermission('Edit', cl)
db.security.addPermissionToRole('User', p)
+ for cl in 'priority', 'status':
+ p = db.security.getPermission('View', cl)
# and give the regular users access to the web and email interface
p = db.security.getPermission('Web Access')
index b1fb6a4b4675f119b5ac2386bd16b0772aefdb61..2b1a63fc03edddeade9fc94509dfbd04c93e22ee 100644 (file)
# BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
# SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
#
-# $Id: dbinit.py,v 1.1 2003-04-17 03:27:27 richard Exp $
+# $Id: dbinit.py,v 1.2 2004-03-12 05:36:26 richard Exp $
import os
#
# SECURITY SETTINGS
#
- # new permissions for this schema
- for cl in ('user', ):
- db.security.addPermission(name="Edit", klass=cl,
- description="User is allowed to edit "+cl)
- db.security.addPermission(name="View", klass=cl,
- description="User is allowed to access "+cl)
-
# and give the regular users access to the web and email interface
p = db.security.getPermission('Web Access')
db.security.addPermissionToRole('User', p)