"trac-admin repository list" is not available if trac.versioncontrol.admin.VersionControlAdmin is disabled

[Samuel.Degrande@…]

The trac-admin "repository list" command is only available when trac.versioncontrol.admin.VersionControlAdmin? is enabled, while the other commands (add, alias, remove, set) are always available.

I would like to use that command in a cron job to detect when a user wants to add a repository to his project, and automatically create it.

I know that I can use 'config get/set' to temporally enable trac..VersionControlAdmin?, but I'm wondering why the "repository list" command is not always available.

[Samuel.Degrande@…]

Replying to Samuel.Degrande@…:

The trac-admin "repository list" command is only available when trac.versioncontrol.admin.VersionControlAdmin? is enabled, while the other commands (add, alias, remove, set) are always available.

I would like to use that command in a cron job to detect when a user wants to add a repository to his project, and automatically create it.

I know that I can use 'config get/set' to temporally enable trac..VersionControlAdmin?, but I'm wondering why the "repository list" command is not always available.

I just had a look at the sources. I now understand that 'list/sync/resync' need VersionControlAdmin? to be enabled. So my question is now rather: in a shared trac environment (i.e. in a forge-like setup), trac-admin is used by the administrator of the whole forge to administrate all projects (at least, that's the way I understand it). Letting the admin of a project disable some commands of trac-admin is somehow strange (just like if a Unix user could prevent the root user to do some tasks).

[rblank]

Why do you disable the VersionControlAdmin component?

Oh, you mean, the plugin admin panel should not allow disabling trac-admin commands, even if some parts of a project are disabled? In most "forge" situations, the plugin admin panel is disabled, or replaced with a simpler version that allows enabling / disabling whole subsystems (wiki, ticket, ...), not individual components. Indeed, allowing to upload plugins is a security issue in this situation, as it is equivalent to giving shell access with the permissions of the web server.

[anonymous]

Replying to rblank:

Why do you disable the VersionControlAdmin component?

Oh, you mean, the plugin admin panel should not allow disabling trac-admin commands, even if some parts of a project are disabled?

Yes exactly.

In most "forge" situations, the plugin admin panel is disabled, or replaced with a simpler version that allows enabling / disabling whole subsystems (wiki, ticket, ...), not individual components.

Mhhh... That would indeed be more appropriate for my use-case. How to do so ? Any example available somewhere ? (perhaps SecurePluginPanel? could help here...)

Indeed, allowing to upload plugins is a security issue in this situation, as it is equivalent to giving shell access with the permissions of the web server.

This is not something that I allow. The plugins/ dir of the projects are write protected.

I was only talking of the problem of letting the user disabling a 'component part' that is needed by cron scripts to administer his project...

[cboos]

So... what should we do here?

[Samuel.Degrande@…]

Just to let you know: my current solution is to use SecurePluginPanel? to ensure that users do not disable mandatory components...

[Samuel.Degrande@…]

So I guess that the ticket could be closed as "invalid"...

[rblank]

Or rather as "wontfix". Thanks for the feedback.