![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e020ff9)
raw | patch | inline | side by side (parent: e020ff9)
| author | richard <richard@57a73879-2fb5-44c3-a270-3262357dd7e2> | |
| Mon, 7 Dec 2009 05:13:27 +0000 (05:13 +0000) | ||
| committer | richard <richard@57a73879-2fb5-44c3-a270-3262357dd7e2> | |
| Mon, 7 Dec 2009 05:13:27 +0000 (05:13 +0000) |
the user is editing an existing db node. If not then check Create.
Fix some tests that were broken by the new assertions, the Create ->
Register change and finally for the new "not registered" message.
git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/roundup/trunk@4405 57a73879-2fb5-44c3-a270-3262357dd7e2
Fix some tests that were broken by the new assertions, the Create ->
Register change and finally for the new "not registered" message.
git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/roundup/trunk@4405 57a73879-2fb5-44c3-a270-3262357dd7e2
| CHANGES.txt | patch | blob | history | |
| roundup/mailgw.py | patch | blob | history | |
| test/db_test_base.py | patch | blob | history | |
| test/test_mailgw.py | patch | blob | history |
diff --git a/CHANGES.txt b/CHANGES.txt
index 566383a1b8bd579e9d293da8076c191c847f2c70..37f6709bd15a99074eaca6b086a979d5ed2886f7 100644 (file)
--- a/CHANGES.txt
+++ b/CHANGES.txt
This file contains the changes to the Roundup system over time. The entries
are given with the most recent entry first.
-2009-XX-XX 1.4.XX (rXXXX)
+2009-12-XX 1.4.11 (rXXXX)
Features:
- Generic class editor may now restore retired items (thanks Ralf Hemmecke)
diff --git a/roundup/mailgw.py b/roundup/mailgw.py
index c9de63ae34d9b31af8c511ffdf936d7f2ae4c3e5..fb7b6a2e3ee796065580c80a38e2e8cf8ea7f080 100644 (file)
--- a/roundup/mailgw.py
+++ b/roundup/mailgw.py
#
# handle the attachments
#
- if properties.has_key('files'):
- files = []
+ files = []
+ if attachments and properties.has_key('files'):
for (name, mime_type, data) in attachments:
if not self.db.security.hasPermission('Create', author, 'file'):
raise Unauthorized, _(
pass
else:
files.append(fileid)
- # attach the files to the issue
- if not self.db.security.hasPermission('Edit', author,
+ # allowed to attach the files to an existing node?
+ if nodeid and not self.db.security.hasPermission('Edit', author,
classname, 'files'):
raise Unauthorized, _(
'You are not permitted to add files to %(classname)s.'
Mail message was rejected by a detector.
%(error)s
""") % locals()
- # attach the message to the node
- if not self.db.security.hasPermission('Edit', author,
+ # allowed to attach the message to the existing node?
+ if nodeid and not self.db.security.hasPermission('Edit', author,
classname, 'messages'):
raise Unauthorized, _(
'You are not permitted to add messages to %(classname)s.'
if not props.has_key(prop) :
props[prop] = issue_props[prop]
- # Check permissions for each property
- for prop in props.keys():
- if not self.db.security.hasPermission('Edit', author,
- classname, prop):
- raise Unauthorized, _('You are not permitted to edit '
- 'property %(prop)s of class %(classname)s.') % locals()
-
if nodeid:
+ # Check permissions for each property
+ for prop in props.keys():
+ if not self.db.security.hasPermission('Edit', author,
+ classname, prop):
+ raise Unauthorized, _('You are not permitted to edit '
+ 'property %(prop)s of class %(classname)s.') % locals()
cl.set(nodeid, **props)
else:
+ # Check permissions for each property
+ for prop in props.keys():
+ if not self.db.security.hasPermission('Create', author,
+ classname, prop):
+ raise Unauthorized, _('You are not permitted to set '
+ 'property %(prop)s of class %(classname)s.') % locals()
nodeid = cl.create(**props)
except (TypeError, IndexError, ValueError, exceptions.Reject), message:
raise MailUsageError, _("""
diff --git a/test/db_test_base.py b/test/db_test_base.py
index d5cada9fb4d3819bcc0aebde4a7242fa1c4e5fae..356fb7e56ef19e248b19a7898188394570dbf2cb 100644 (file)
--- a/test/db_test_base.py
+++ b/test/db_test_base.py
priority.create(name="bug", order="1")
db.commit()
+ # nosy tests require this
+ db.security.addPermissionToRole('User', 'View', 'msg')
+
class MyTestCase(unittest.TestCase):
def tearDown(self):
if hasattr(self, 'db'):
diff --git a/test/test_mailgw.py b/test/test_mailgw.py
index d763fb98701dccf40f699ff34b493a0d6bacb8aa..251b47cde591f84dbf720ffbf94d4ad2dd305be5 100644 (file)
--- a/test/test_mailgw.py
+++ b/test/test_mailgw.py
# Add Web Access role to anonymous, and try again to make sure
# we get a "please register at:" message this time.
p = [
- db.security.getPermission('Create', 'user'),
+ db.security.getPermission('Register', 'user'),
db.security.getPermission('Web Access', None),
]
db.security.role['anonymous'].permissions=p
''' set up callback for db open '''
# now with the permission
p = [
- db.security.getPermission('Create', 'user'),
+ db.security.getPermission('Register', 'user'),
db.security.getPermission('Email Access', None),
]
db.security.role['anonymous'].permissions=p
m.sort()
self.assertNotEqual(l, m)
- def testNewUserAuthorHighBit(self):
+ def testNewUserAuthorEncodedName(self):
l = set(self.db.user.list())
# From: name has Euro symbol in it
message = '''Content-Type: text/plain;
def hook (db, **kw):
''' set up callback for db open '''
p = [
- db.security.getPermission('Create', 'user'),
+ db.security.getPermission('Register', 'user'),
db.security.getPermission('Email Access', None),
+ db.security.getPermission('Create', 'issue'),
+ db.security.getPermission('Create', 'msg'),
]
- db.security.role['anonymous'].permissions=p
+ db.security.role['anonymous'].permissions = p
self.instance.schema_hook = hook
self._handle_mail(message)
m = set(self.db.user.list())
-You are not a registered user.
+You are not a registered user. Please register at:
+
+http://tracker.example/cgi-bin/roundup.cgi/bugs/user?template=register
+
+...before sending mail to the tracker.
Unknown address: nonexisting@bork.bork.bork