tigefa4u projects / Trac Commit Log

Commit	Date
[r4601] by cboos PermissionPolicy: the !PermissionCache is again at the Request level The Context only has a !PermissionCacheProxy for conveniently delegating calls to the actual cache. There, the permissions for the user are looked-up at most once for each context. In order to differentiate among different "indirect" resources (e.g. attachments) that can share the same (realm,id), a new `Context.permid()` has been introduced. The default implementation should be enough to provide a unique key for the resource in the permission system. In the case of attachments for example, that key can be augmented by the parent context's key.	2007-01-18 21:12:02	Tree
[r4600] by cboos PermissionPolicy: several minor fixes and cleanups - check for attachment replacement, by checking for both 'CREATE' and 'DELETE'; to make this easier, `perm.require` accepts a list of permissions - use unqualified verbs for the wiki module - display the Attach button on the wiki view when this is the only possible action	2007-01-18 18:18:05	Tree
[r4599] by cboos PermissionPolicy: as expected, the Context class can be easily used for describing "pseudo" resources Example: for the !AuthzPolicy plugin (see sample-plugins/authz_policy.py), it is possible to configure the TracIni configuration view to be visible only to administrators, whereas the system information can be viewed by anyone. {{{ [about:config] @administrators = VIEW [about:systeminfo] * = VIEW }}}	2007-01-18 17:19:51	Tree
[r4598] by cboos PermissionPolicy: merged latest changes from trunk [4590:4597/trunk]	2007-01-18 16:58:39	Tree
[r4597] by cboos Highlighters other than Pygments were broken when no annotations where used. This should fix #4505.	2007-01-18 16:01:42	Tree
[r4596] by cboos Fix patch renderer unit-test failures (accomodate line number anchors)	2007-01-18 15:11:02	Tree
[r4595] by cboos PermissionPolicy: clean-up Attachment module - added an !AttachmentContext - removed request related stuff from the Attachment data model class - updated the attachment: TracLinks provider to use AttachmentContext - updated WikiMacros to use AttachmentContext	2007-01-18 14:58:37	Tree
[r4594] by cmlenz Applied patch for #4558.	2007-01-18 11:21:25	Tree
[r4593] by cmlenz Simplify the about page: show system information and configuration all on the same page, ''if'' the user has `CONFIG_VIEW` permissions.	2007-01-18 11:03:56	Tree
[r4592] by cboos PermissionPolicy: second part of fine grained permissions for attachments - converted the !AttachmentModule - check for ATTACHMENT_DELETE, but dropped support for its equivalence with 'ADMIN' permission on the parent context; this eventually needs to be re-enabled. The example plugin (sample-plugins/authz_policy.py) has been updated to accept simple verbs instead of full permission names (e.g. DELETE instead of ATTACHMENT_DELETE).	2007-01-18 10:59:11	Tree

[r4601] by cboos

PermissionPolicy: the !PermissionCache is again at the Request level

The Context only has a !PermissionCacheProxy for conveniently delegating calls to the actual cache. There, the permissions for the user are looked-up at most once for each context.

In order to differentiate among different "indirect" resources (e.g. attachments) that can share the same (realm,id), a new `Context.permid()` has been introduced. The default implementation should be enough to provide a unique key for the resource in the permission system. In the case of attachments for example, that key can be augmented by the parent context's key.

2007-01-18 21:12:02

Tree

[r4600] by cboos

PermissionPolicy: several minor fixes and cleanups
- check for attachment replacement, by checking for both 'CREATE' and 'DELETE'; to make this easier, `perm.require` accepts a list of permissions
- use unqualified verbs for the wiki module
- display the Attach button on the wiki view when this is the only possible action

2007-01-18 18:18:05

Tree

[r4599] by cboos

PermissionPolicy: as expected, the Context class can be easily used for describing "pseudo" resources

Example: for the !AuthzPolicy plugin (see sample-plugins/authz_policy.py), it is possible to configure the TracIni configuration view to be visible only to administrators, whereas the system information can be viewed by anyone.

{{{
[about:config]
@administrators = VIEW

[about:systeminfo]
* = VIEW
}}}

2007-01-18 17:19:51

Tree

[r4598] by cboos

PermissionPolicy: merged latest changes from trunk [4590:4597/trunk]

2007-01-18 16:58:39

Tree

[r4597] by cboos

Highlighters other than Pygments were broken when no annotations where used. This should fix #4505.

2007-01-18 16:01:42

Tree

[r4596] by cboos

Fix patch renderer unit-test failures (accomodate line number anchors)

2007-01-18 15:11:02

Tree

[r4595] by cboos

PermissionPolicy: clean-up Attachment module
- added an !AttachmentContext
- removed request related stuff from the Attachment data model class
- updated the attachment: TracLinks provider to use AttachmentContext
- updated WikiMacros to use AttachmentContext

2007-01-18 14:58:37

Tree

[r4594] by cmlenz

Applied patch for #4558.

2007-01-18 11:21:25

Tree

[r4593] by cmlenz

Simplify the about page: show system information and configuration all on the same page, ''if'' the user has `CONFIG_VIEW` permissions.

2007-01-18 11:03:56

Tree

[r4592] by cboos

PermissionPolicy: second part of fine grained permissions for attachments
- converted the !AttachmentModule
- check for ATTACHMENT_DELETE, but dropped support for its equivalence with 'ADMIN' permission on the parent context; this eventually needs to be re-enabled.

The example plugin (sample-plugins/authz_policy.py) has been updated to accept simple verbs instead of full permission names (e.g. DELETE instead of ATTACHMENT_DELETE).

2007-01-18 10:59:11

Tree

tigefa4u projects Trac

tigefa4u projects

Trac Commit Log