From 1feef09b7ba74b66a66576e45fb014672e95453c Mon Sep 17 00:00:00 2001
From: stefan <stefan@57a73879-2fb5-44c3-a270-3262357dd7e2>
Date: Tue, 30 Jun 2009 01:41:11 +0000
Subject: [PATCH] Fix issue2550553.

git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/roundup/trunk@4239 57a73879-2fb5-44c3-a270-3262357dd7e2
---
 roundup/cgi/actions.py                         | 2 +-
 roundup/cgi/templating.py                      | 4 +++-
 share/roundup/templates/classic/html/page.html | 2 +-
 share/roundup/templates/classic/schema.py      | 4 +++-
 share/roundup/templates/minimal/html/page.html | 2 +-
 share/roundup/templates/minimal/schema.py      | 2 +-
 6 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/roundup/cgi/actions.py b/roundup/cgi/actions.py
index 7d875d0..eaf4c28 100755
--- a/roundup/cgi/actions.py
+++ b/roundup/cgi/actions.py
@@ -820,7 +820,7 @@ class ConfRegoAction(RegoCommon):
 
 class RegisterAction(RegoCommon, EditCommon):
     name = 'register'
-    permissionType = 'Create'
+    permissionType = 'Register'
 
     def handle(self):
         """Attempt to create a new user based on the contents of the form
diff --git a/roundup/cgi/templating.py b/roundup/cgi/templating.py
index f536774..1cae36a 100644
--- a/roundup/cgi/templating.py
+++ b/roundup/cgi/templating.py
@@ -1268,7 +1268,9 @@ class HTMLProperty(HTMLInputMixin, HTMLPermissions):
             return self._db.security.hasPermission('Edit', self._client.userid,
                 self._classname, self._name, self._nodeid)
         return self._db.security.hasPermission('Create', self._client.userid,
-            self._classname, self._name)
+            self._classname, self._name) or \
+            self._db.security.hasPermission('Register', self._client.userid,
+                                            self._classname, self._name)
 
     def is_view_ok(self):
         """ Is the user allowed to View the current class?
diff --git a/share/roundup/templates/classic/html/page.html b/share/roundup/templates/classic/html/page.html
index 8b6b601..6ca4f44 100644
--- a/share/roundup/templates/classic/html/page.html
+++ b/share/roundup/templates/classic/html/page.html
@@ -136,7 +136,7 @@ status_notresolved string:-1,1,2,3,4,5,6,7;
     <input type="hidden" name="__came_from" tal:attributes="value string:${request/base}${request/env/PATH_INFO}">
     <span tal:replace="structure request/indexargs_form" />
     <a href="user?@template=register"
-       tal:condition="python:request.user.hasPermission('Create', 'user')"
+       tal:condition="python:request.user.hasPermission('Register', 'user')"
      i18n:translate="">Register</a><br>
     <a href="user?@template=forgotten" i18n:translate="">Lost&nbsp;your&nbsp;login?</a><br>
    </p>
diff --git a/share/roundup/templates/classic/schema.py b/share/roundup/templates/classic/schema.py
index f756034..09ff255 100644
--- a/share/roundup/templates/classic/schema.py
+++ b/share/roundup/templates/classic/schema.py
@@ -47,6 +47,8 @@ user = Class(db, "user",
                 roles=String(),     # comma-separated string of Role names
                 timezone=String())
 user.setkey("username")
+db.security.addPermission(name='Register', klass='user',
+                          description='User is allowed to register new user')
 
 # FileClass automatically gets this property in addition to the Class ones:
 #   content = String()    [saved to disk in <tracker home>/db/files/]
@@ -154,7 +156,7 @@ db.security.addPermissionToRole('Anonymous', 'Web Access')
 # Assign the appropriate permissions to the anonymous user's Anonymous
 # Role. Choices here are:
 # - Allow anonymous users to register
-db.security.addPermissionToRole('Anonymous', 'Create', 'user')
+db.security.addPermissionToRole('Anonymous', 'Register', 'user')
 
 # Allow anonymous users access to view issues (and the related, linked
 # information)
diff --git a/share/roundup/templates/minimal/html/page.html b/share/roundup/templates/minimal/html/page.html
index 54e4376..3502d4d 100644
--- a/share/roundup/templates/minimal/html/page.html
+++ b/share/roundup/templates/minimal/html/page.html
@@ -135,7 +135,7 @@ status_notresolved string:-1,1,2,3,4,5,6,7;
     <input type="hidden" name="__came_from" tal:attributes="value string:${request/base}${request/env/PATH_INFO}">
     <span tal:replace="structure request/indexargs_form" />
     <a href="user?@template=register"
-       tal:condition="python:request.user.hasPermission('Create', 'user')"
+       tal:condition="python:request.user.hasPermission('Register', 'user')"
      i18n:translate="">Register</a><br>
     <a href="user?@template=forgotten" i18n:translate="">Lost&nbsp;your&nbsp;login?</a><br>
    </p>
diff --git a/share/roundup/templates/minimal/schema.py b/share/roundup/templates/minimal/schema.py
index 909c9b1..3333e55 100644
--- a/share/roundup/templates/minimal/schema.py
+++ b/share/roundup/templates/minimal/schema.py
@@ -60,6 +60,6 @@ db.security.addPermissionToRole('Anonymous', 'Email Access')
 # Assign the appropriate permissions to the anonymous user's
 # Anonymous Role. Choices here are:
 # - Allow anonymous users to register
-db.security.addPermissionToRole('Anonymous', 'Create', 'user')
+db.security.addPermissionToRole('Anonymous', 'Register', 'user')
 
 # vim: set et sts=4 sw=4 :
-- 
2.30.2