Edgewall Software

Ticket #7116 (new enhancement)

Opened 6 months ago

Last modified 6 months ago

fine-grained permissions are not applied to directories when browsing sources

Reported by: esizikov@… Owned by: cboos
Priority: high Milestone: 0.13
Component: version control Version: devel
Severity: major Keywords: permissions, authz
Cc:

Description

When trying to develop a custom plugin which uses the shining new fine-grained permissions available in the svn trunk, I've stacked with directory listing not obey the developed plugin.

The problem is that fine-grained permissions are not applied to directories when browsing sources, but only to file nodes.

I've made a proof-of-concept patch for the required functionality, which acts like the existing one for files.

Attachments

trac-browser-fine-grained-security-for-directories.patch (2.1 kB) - added by esizikov@… 6 months ago.
trac-browser-fine-grained-security-for-directories.2.patch (2.5 kB) - added by esizikov@… 6 months ago.
Fixes: apply permission check to all nodes, not only folders as in the first version; catch PermissionError? exception to allow other exceptions raising.

Change History

Changed 6 months ago by esizikov@…

Changed 6 months ago by cboos

  • owner changed from jonas to cboos
  • priority changed from normal to high
  • component changed from general to version control
  • severity changed from normal to major
  • milestone changed from 0.11 to 0.12

Thanks for creating the ticket and starting work in this direction.

I'm not completely decided if this should go in milestone:0.11.1 or milestone:0.12 yet, but doing the conservative choice for now.

Changed 6 months ago by esizikov@…

Fixes: apply permission check to all nodes, not only folders as in the first version; catch PermissionError? exception to allow other exceptions raising.

Add/Change #7116 (fine-grained permissions are not applied to directories when browsing sources)

Author



Change Properties
<Author field>
Action
as new
as The resolution will be set. Next status will be 'closed'
to The owner will change from cboos. Next status will be 'new'
The owner will change from cboos to anonymous. Next status will be 'assigned'
 
Note: See TracTickets for help on using tickets.