Changeset 198
- Timestamp:
- Feb 27, 2004, 5:53:59 PM (20 years ago)
- Location:
- trunk/trac
- Files:
-
- 12 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/trac/About.py
r171 r198 34 34 35 35 if page[0:7] == '/config': 36 perm.assert_permission(perm.CONFIG_VIEW)36 self.perm.assert_permission(perm.CONFIG_VIEW) 37 37 self.cgi.hdf.setValue('about.page', 'config') 38 38 # Export the config table to hdf -
trunk/trac/Browser.py
r196 r198 114 114 115 115 def render(self): 116 perm.assert_permission (perm.BROWSER_VIEW)116 self.perm.assert_permission (perm.BROWSER_VIEW) 117 117 118 118 self.rev = dict_get_with_default(self.args, 'rev', None) -
trunk/trac/Changeset.py
r197 r198 205 205 206 206 def render (self): 207 perm.assert_permission (perm.CHANGESET_VIEW)207 self.perm.assert_permission (perm.CHANGESET_VIEW) 208 208 209 209 if self.args.has_key('rev'): -
trunk/trac/File.py
r163 r198 33 33 34 34 def render (self): 35 perm.assert_permission (perm.FILE_VIEW)35 self.perm.assert_permission (perm.FILE_VIEW) 36 36 37 37 def get_mime_type (self, root, path): -
trunk/trac/Log.py
r163 r198 66 66 67 67 def render (self): 68 perm.assert_permission (perm.LOG_VIEW)68 self.perm.assert_permission (perm.LOG_VIEW) 69 69 70 70 self.path = dict_get_with_default(self.args, 'path', '/') -
trunk/trac/Report.py
r187 r198 57 57 58 58 def create_report(self, title, sql): 59 perm.assert_permission(perm.REPORT_CREATE)59 self.perm.assert_permission(perm.REPORT_CREATE) 60 60 61 61 cnx = db.get_connection() … … 69 69 70 70 def delete_report(self, id): 71 perm.assert_permission(perm.REPORT_DELETE)71 self.perm.assert_permission(perm.REPORT_DELETE) 72 72 73 73 cnx = db.get_connection() … … 82 82 saves report changes to the database 83 83 """ 84 perm.assert_permission(perm.REPORT_MODIFY)84 self.perm.assert_permission(perm.REPORT_MODIFY) 85 85 86 86 cnx = db.get_connection() … … 96 96 97 97 def render_report_editor(self, id, action='commit', copy=0): 98 perm.assert_permission(perm.REPORT_MODIFY)98 self.perm.assert_permission(perm.REPORT_MODIFY) 99 99 cnx = db.get_connection() 100 100 cursor = cnx.cursor() … … 122 122 from the database and presents it as a html table. 123 123 """ 124 if perm.has_permission(perm.REPORT_CREATE):124 if self.perm.has_permission(perm.REPORT_CREATE): 125 125 self.cgi.hdf.setValue('report.create_href', 126 126 href.report(None, 'new')) 127 127 128 128 if id != -1: 129 if perm.has_permission(perm.REPORT_MODIFY):129 if self.perm.has_permission(perm.REPORT_MODIFY): 130 130 self.cgi.hdf.setValue('report.edit_href', 131 131 href.report(id, 'edit')) 132 if perm.has_permission(perm.REPORT_CREATE):132 if self.perm.has_permission(perm.REPORT_CREATE): 133 133 self.cgi.hdf.setValue('report.copy_href', 134 134 href.report(id, 'copy')) 135 if perm.has_permission(perm.REPORT_DELETE):135 if self.perm.has_permission(perm.REPORT_DELETE): 136 136 self.cgi.hdf.setValue('report.delete_href', 137 137 href.report(id, 'delete')) … … 184 184 185 185 def render(self): 186 perm.assert_permission(perm.REPORT_VIEW)186 self.perm.assert_permission(perm.REPORT_VIEW) 187 187 # did the user ask for any special report? 188 188 id = int(dict_get_with_default(self.args, 'id', -1)) -
trunk/trac/Search.py
r163 r198 82 82 83 83 def render (self): 84 perm.assert_permission(perm.SEARCH_VIEW)84 self.perm.assert_permission(perm.SEARCH_VIEW) 85 85 self.cgi.hdf.setValue('title', 'Search') 86 86 self.cgi.hdf.setValue('search.ticket', 'checked') -
trunk/trac/Ticket.py
r186 r198 145 145 The values are taken from the html form 146 146 """ 147 perm.assert_permission(perm.TICKET_CREATE)147 self.perm.assert_permission(perm.TICKET_CREATE) 148 148 149 149 global fields … … 232 232 # save changes and redirect to avoid the POST request 233 233 old = self.get_ticket(id, 0) 234 perm.assert_permission (perm.TICKET_MODIFY)234 self.perm.assert_permission (perm.TICKET_MODIFY) 235 235 self.save_changes (id, old, self.args) 236 236 redirect (href.ticket(id)) 237 237 238 perm.assert_permission (perm.TICKET_VIEW)238 self.perm.assert_permission (perm.TICKET_VIEW) 239 239 240 240 info = self.get_ticket(id) -
trunk/trac/Timeline.py
r171 r198 103 103 104 104 def render (self): 105 perm.assert_permission(perm.TIMELINE_VIEW)105 self.perm.assert_permission(perm.TIMELINE_VIEW) 106 106 107 107 _from = dict_get_with_default(self.args, 'from', '') -
trunk/trac/Wiki.py
r196 r198 377 377 378 378 class Page: 379 def __init__(self, name, version ):379 def __init__(self, name, version, perm): 380 380 381 381 self.name = name 382 self.perm = perm 382 383 cnx = get_connection () 383 384 cursor = cnx.cursor () … … 405 406 def commit (self): 406 407 if self.new: 407 perm.assert_permission (perm.WIKI_CREATE)408 else: 409 perm.assert_permission (perm.WIKI_MODIFY)408 self.perm.assert_permission (perm.WIKI_CREATE) 409 else: 410 self.perm.assert_permission (perm.WIKI_MODIFY) 410 411 cnx = get_connection () 411 412 cursor = cnx.cursor () … … 493 494 self.cgi.hdf.setValue('title', 'Wiki Page: ' + name + ' (preview)') 494 495 else: 496 self.perm.assert_permission (perm.WIKI_VIEW) 495 497 if self.args.has_key('text'): 496 498 del self.args['text'] … … 498 500 self.cgi.hdf.setValue('title', 'Wiki Page: ' + name) 499 501 500 page = Page(name, version )502 page = Page(name, version, self.perm) 501 503 if self.args.has_key('text'): 502 504 page.set_content (self.args['text']) -
trunk/trac/perm.py
r186 r198 20 20 # Author: Jonas Borgström <jonas@edgewall.com> 21 21 22 from db import get_connection 22 23 from PermissionError import PermissionError 23 from auth import get_authname24 from db import get_connection25 26 perm_cache = {}27 24 28 25 # permissions 26 TIMELINE_VIEW = 'TIMELINE_VIEW' 27 SEARCH_VIEW = 'SEARCH_VIEW' 29 28 CONFIG_VIEW = 'CONFIG_VIEW' 30 31 29 LOG_VIEW = 'LOG_VIEW' 32 33 30 FILE_VIEW = 'FILE_VIEW' 34 35 31 CHANGESET_VIEW = 'CHANGESET_VIEW' 36 37 32 BROWSER_VIEW = 'BROWSER_VIEW' 38 33 … … 51 46 WIKI_DELETE = 'WIKI_DELETE' 52 47 53 TIMELINE_VIEW = 'TIMELINE_VIEW'54 55 SEARCH_VIEW = 'SEARCH_VIEW'56 57 48 TRAC_ADMIN = 'TRAC_ADMIN' 49 TICKET_ADMIN = 'TICKET_ADMIN' 50 REPORT_ADMIN = 'REPORT_ADMIN' 51 WIKI_ADMIN = 'WIKI_ADMIN' 58 52 59 53 meta_permission = { 60 'TICKET_ADMIN': [TICKET_VIEW, TICKET_CREATE, TICKET_MODIFY], 61 'REPORT_ADMIN': [REPORT_VIEW, REPORT_CREATE, REPORT_MODIFY, REPORT_DELETE], 62 'WIKI_ADMIN' : [WIKI_VIEW, WIKI_CREATE, WIKI_MODIFY, WIKI_DELETE] 54 TRAC_ADMIN: [TICKET_ADMIN, REPORT_ADMIN, WIKI_ADMIN, 55 TIMELINE_VIEW, SEARCH_VIEW, CONFIG_VIEW, LOG_VIEW, 56 FILE_VIEW, CHANGESET_VIEW, BROWSER_VIEW], 57 TICKET_ADMIN: [TICKET_VIEW, TICKET_CREATE, TICKET_MODIFY], 58 REPORT_ADMIN: [REPORT_VIEW, REPORT_CREATE, REPORT_MODIFY, REPORT_DELETE], 59 WIKI_ADMIN : [WIKI_VIEW, WIKI_CREATE, WIKI_MODIFY, WIKI_DELETE] 63 60 } 64 61 65 def cache_permissions (): 66 global perm_cache, meta_permission 62 class PermissionCache: 63 def __init__(self, username): 64 self.perm_cache = {} 67 65 68 # Special usernames: 69 # 'anonymous': Permissions granted to this user will apply to anyone. 70 # 'authenticated': Permissions granted to this user will apply to 71 # any authenticated (logged in with HTTP_AUTH) user. 66 # Special usernames: 67 # 'anonymous': Permissions granted to this user will apply to 68 # anyone. 69 # 'authenticated': Permissions granted to this user will apply to 70 # any authenticated (logged in with HTTP_AUTH) user. 72 71 73 cnx = get_connection () 74 if get_authname() == 'anonymous': 75 rs = cnx.db.execute ("SELECT action FROM permission " 76 "WHERE user='anonymous'") 77 else: 78 rs = cnx.db.execute ("SELECT action FROM permission " 79 "WHERE user='%s' OR user='anonymous' " 80 "OR user = 'authenticated'" % 81 get_authname ()) 82 for row in rs.row_list: 83 action = row[0] 72 cnx = get_connection () 73 cursor = cnx.cursor() 74 if username == 'anonymous': 75 cursor.execute ("SELECT action FROM permission " 76 "WHERE user='anonymous'") 77 else: 78 cursor.execute ("SELECT action FROM permission " 79 "WHERE user='%s' OR user='anonymous' " 80 "OR user = 'authenticated'" % username) 81 while 1: 82 row = cursor.fetchone() 83 if not row: 84 break 85 self.expand_meta_permission(row[0]) 86 87 def expand_meta_permission(self, action): 84 88 if meta_permission.has_key(action): 85 89 for perm in meta_permission[action]: 86 perm_cache[perm] = 1 87 # map (lambda action: perm_cache.__setitem__(action, 1), 88 # meta_permission[action]) 89 perm_cache[action] = 1 90 self.expand_meta_permission(perm) 91 else: 92 self.perm_cache[action] = 1 90 93 91 def has_permission (action): 92 global perm_cache 93 return perm_cache.has_key (action) or perm_cache.has_key(TRAC_ADMIN) 94 def has_permission(self, action): 95 return self.perm_cache.has_key (action) 94 96 95 def assert_permission (action): 96 global perm_cache 97 if not (perm_cache.has_key (action) or perm_cache.has_key(TRAC_ADMIN)): 98 raise PermissionError (action) 97 def assert_permission (self, action): 98 if not self.perm_cache.has_key (action): 99 raise PermissionError (action) 99 100 100 def perm_to_hdf(hdf): 101 global perm_cache 102 for action in perm_cache.keys(): 103 hdf.setValue('trac.acl.' + action, 'true') 101 def add_to_hdf(self, hdf): 102 for action in self.perm_cache.keys(): 103 hdf.setValue('trac.acl.' + action, 'true') 104 104 -
trunk/trac/trac.py
r187 r198 108 108 import Href 109 109 import db 110 import perm 111 import auth 112 from PermissionError import PermissionError 110 113 from util import dict_get_with_default, redirect 111 from auth import verify_authentication, authenticate_user112 from perm import cache_permissions, PermissionError, perm_to_hdf113 114 114 115 db.init() … … 128 129 module._name = mode 129 130 130 verify_authentication(args)131 cache_permissions()132 perm_to_hdf(module.cgi.hdf)131 auth.verify_authentication(args) 132 module.perm = perm.PermissionCache(auth.get_authname()) 133 module.perm.add_to_hdf(module.cgi.hdf) 133 134 134 135 # Only open the subversion repository for the modules that really
Note:
See TracChangeset
for help on using the changeset viewer.