From: richard Date: Mon, 7 Dec 2009 00:16:33 +0000 (+0000) Subject: - Add documentation for migrating to the Register permission and X-Git-Url: https://git.tokkee.org/?p=roundup.git;a=commitdiff_plain;h=9b5a477a8a107293e2b83ac3545eb4d2c5ed8f16 - Add documentation for migrating to the Register permission and fix mailgw to use Register permission, fixes issue2550599 git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/roundup/trunk@4399 57a73879-2fb5-44c3-a270-3262357dd7e2 --- diff --git a/CHANGES.txt b/CHANGES.txt index cfe434a..910448e 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -31,6 +31,8 @@ Fixes: - Handle OPTIONS http request method in wsgi handler, fixes issue2550587. Thanks to Thomas Arendsen Hein for reporting and to Intevation for funding the fix. +- Add documentation for migrating to the Register permission and + fix mailgw to use Register permission, fixes issue2550599 2009-10-09 1.4.10 (r4374) diff --git a/doc/upgrading.txt b/doc/upgrading.txt index b599602..70529d7 100644 --- a/doc/upgrading.txt +++ b/doc/upgrading.txt @@ -13,6 +13,31 @@ steps. .. contents:: +Migrating from 1.4.x to 1.4.10 +============================== + +Grant the "Register" permission to the Anonymous role +----------------------------------------------------- + +A separate "Register" permission has been introduced to allow +anonymous users to register. This means you will need to add the +following to your tracker's ``schema.py`` to add the permission and +assign it to the Anonymous role (replacing any previously assigned +"Create user" permission for the Anonymous role): + + +db.security.addPermission(name='Register', klass='user', + + description='User is allowed to register new user') + + # Assign the appropriate permissions to the anonymous user's Anonymous + # Role. Choices here are: + # - Allow anonymous users to register + -db.security.addPermissionToRole('Anonymous', 'Create', 'user') + +db.security.addPermissionToRole('Anonymous', 'Register', 'user') + +The lines marked "+" should be added and lines marked "-" should be +deleted (minus the "+"/"-" signs). + + Migrating from 1.4.x to 1.4.9 ============================= diff --git a/roundup/mailgw.py b/roundup/mailgw.py index 61470ae..c9de63a 100644 --- a/roundup/mailgw.py +++ b/roundup/mailgw.py @@ -1130,7 +1130,7 @@ The mail gateway is not properly set up. Please contact # Don't create users if anonymous isn't allowed to register create = 1 anonid = self.db.user.lookup('anonymous') - if not (self.db.security.hasPermission('Create', anonid, 'user') + if not (self.db.security.hasPermission('Register', anonid, 'user') and self.db.security.hasPermission('Email Access', anonid)): create = 0 @@ -1150,7 +1150,7 @@ The mail gateway is not properly set up. Please contact from_address = from_list[0][1] registration_info = "" if self.db.security.hasPermission('Web Access', author) and \ - self.db.security.hasPermission('Create', anonid, 'user'): + self.db.security.hasPermission('Register', anonid, 'user'): tracker_web = self.instance.config.TRACKER_WEB registration_info = """ Please register at: