BROWSER_VIEW, CHANGESET_VIEW, FILE_VIEW and LOG_VIEW don't appear as valid actions

[abarrei@…]

When I tried to remove those permissions from the anonymous account, I get that they are invalid actions. trac-admin does not report them as actions:

Available actions:

CONFIG_VIEW, MILESTONE_ADMIN, MILESTONE_CREATE, MILESTONE_DELETE, MILESTONE_MODIFY, MILESTONE_VIEW, REPORT_ADMIN, REPORT_CREATE, REPORT_DELETE, REPORT_MODIFY, REPORT_SQL_VIEW, REPORT_VIEW, ROADMAP_ADMIN, ROADMAP_VIEW, SEARCH_VIEW, TICKET_ADMIN, TICKET_APPEND, TICKET_CHGPROP, TICKET_CREATE, TICKET_MODIFY, TICKET_VIEW, TIMELINE_VIEW, TRAC_ADMIN, WIKI_ADMIN, WIKI_CREATE, WIKI_DELETE, WIKI_MODIFY, WIKI_VIEW

The worst thing of this is that I can't take anonymous access to the source repository.

[mgood]

You appear to have disabled the Trac components related to source code browsing, so those permissions have also been disabled. Since you've disabled those components no users will be ale to browse the repository, so that's not really an issue. See #2546 regarding the error removing disabled permissions.

[abarrei@…]

Sorry to reopen the ticket, just to let you know. I did enable the versioncontrol on the trac.ini and the actions are there now. The only thing that may be worth to mention is that the versioncontrol is automatically enabled if a repository path is configured but the actions are not available on that case, is that a normal behaviour?

Anyway, thank you for your reply.. I've seen trac some time ago but this is the first time I'll try it in a real development environment and the first impression was very very good,

Thanks, a.=

[cboos]

Replying to abarrei@gmail.com:

... The only thing that may be worth to mention is that the versioncontrol is automatically enabled if a repository path is configured but the actions are not available on that case, is that a normal behaviour?

Sorry, couldn't reproduce that with latest trunk. I created a fresh environment, without setting repository_dir, and the above permissions were not listed, as expected. But as soon as the repository_dir value was set, the BrowserModule, ChangesetModule and LogModule were activated and their corresponding actions were added to the list...

So I'll close the ticket, but feel free to reopen once again if you can prove me wrong by providing a detailed recipe for reproducing the issue...

[Markus Tacker <m@…>]

I've created a new environment with r3945 and I encounter the same problem.

Available actions:
 CONFIG_VIEW, MILESTONE_ADMIN, MILESTONE_CREATE, MILESTONE_DELETE,
 MILESTONE_MODIFY, MILESTONE_VIEW, REPORT_ADMIN, REPORT_CREATE,
 REPORT_DELETE, REPORT_MODIFY, REPORT_SQL_VIEW, REPORT_VIEW, ROADMAP_ADMIN,
 ROADMAP_VIEW, SEARCH_VIEW, TICKET_ADMIN, TICKET_APPEND, TICKET_CHGPROP,
 TICKET_CREATE, TICKET_MODIFY, TICKET_VIEW, TIMELINE_VIEW, TRAC_ADMIN,
 WIKI_ADMIN, WIKI_CREATE, WIKI_DELETE, WIKI_MODIFY, WIKI_VIEW

> permission list

User       Action
--------------------------
anonymous  BROWSER_VIEW
anonymous  CHANGESET_VIEW
anonymous  FILE_VIEW
anonymous  LOG_VIEW

> permission remove anonymous LOG_VIEW
Command failed: LOG_VIEW is not a valid action.

[cboos]

Right, now I can reproduce it with a repository where no repository_dir has been specified, and this also in 0.10-stable. I don't know why I missed it the first time, thanks!

[cboos]

Well, the fix could be as simple as that:

trac/perm.py

@@ -191 +191 @@
 
     def revoke_permission(self, username, action):
         """Revokes the permission of the specified user to perform an action."""
-        # TODO: Validate that this permission does in fact exist
-        if action.isupper() and action not in self.get_actions():
-            raise TracError, '%s is not a valid action.' % action
-
         self.store.revoke_permission(username, action)
 
     def get_actions(self):

However, given the "TODO" comment in the above, I wonder what was the original intent of this code. Do I miss something, or couldn't we just proceed and delete any action, even those who are not known as valid any more , due to some disabled components?

[cboos]

Anyway, mgood just did that for fixing #2146, in r4360 ;)