Edgewall Software
Modify

Opened 10 years ago

Last modified 17 months ago

#10101 new defect

Broken permissions for changeset view

Reported by: bruce@… Owned by:
Priority: normal Milestone: next-major-releases
Component: version control/changeset view Version: 0.12
Severity: normal Keywords:
Cc: Ryan J Ollos Branch:
Release Notes:
API Changes:
Internal Changes:

Description

I installed Trac 0.12 some time ago and created me as admin user (TRAC_ADMIN). I added SVN respository, synchronization and everything works fine. After some time, I added a new user and added him some permissions. But when I try to view a changeset logged as this new user, I get weird results - only some added files (2-3 from ~20 new files) with not completed paths (e.g. ballance instead of user_accounts/ballance). Diffs are not shown. Sometimes I get only:

Message: (No files)

It is ok when I log in as admin user. After some time playing with permissions, when I delete all permissions, then I add TRAC_ADMIN permission to the new user, then changesets are ok. But when I try to add only CHANGESET_VIEW permission (or all other permissions except TRAC_ADMIN), then it is not working.

I have to add (or add, remove, add) TRAC_ADMIN permission to the new user, then all required permissions and finally remove TRAC_ADMIN permission if I want CHANGESET_VIEW to work without admin permission.

Attachments (2)

WithoutBrowserViewOrFileView.png (11.5 KB ) - added by Ryan J Ollos 7 years ago.
WithBrowserViewAndFileView.png (23.8 KB ) - added by Ryan J Ollos 7 years ago.

Download all attachments as: .zip

Change History (16)

comment:1 by anonymous, 10 years ago

Hmm, it is weird… After I added TRAC_ADMIN, added other required permissions and removed TRAC_ADMIN, the permission was removed after I restarted trac process, so the above description is not ok. Without TRAC_ADMIN I can not see changesets. Now I opened "browse source" and I am able to see only folders, but no files. The problem is probably here…

comment:2 by Christian Boos, 9 years ago

Resolution: cantfix
Status: newclosed

Sorry for the late answer, but this sounds like a configuration issue.

If you can reproduce the problem with the soon to be released 0.12.3 and care to provide us with a precise reproduction recipe (which [trac] permission_policies are used, and the appropriate configuration details if you use AuthzPolicy or AuthzSourcePolicy), then you're welcome to reopen this ticket.

comment:3 by sharif.uddin@…, 7 years ago

Resolution: cantfix
Status: closedreopened

i am using 0.12.5, not sure if i am having the same issue but i would liek users to see the changeset view but not able to browse the source. if i give them CHANGESET_VIEW acces they can access the page but not see any source code which requires BROWSER_VIEW. But BROWSER_VIEW allows them to browse all the source code which i do not want.

in reply to:  1 comment:4 by Ryan J Ollos, 7 years ago

Replying to anonymous:

Now I opened "browse source" and I am able to see only folders, but no files. The problem is probably here…

This is the expected behavior if you've granted BROWSER_VIEW but not FILE_VIEW.

comment:5 by Ryan J Ollos, 7 years ago

To address comment:description, it sounds like there was no defect with regard to the completed paths. Either a permissions policy has been applied as cboos suggested, or the user just did not notice that the path is separated into Location and Files, as shown in the screen captures below.

However, I'm unsure about the behavior when the user has only CHANGESET_VIEW. As a contrived example, I've created files /dir1/dir2/file1 and /dir1/dir2/file2 and modified the content of those files.

If the user has CHANGESET_VIEW, BROWSER_VIEW and FILE_VIEW they see the following:

If the user has CHANGESET_VIEW and either one or neither of BROWSER_VIEW and FILE_VIEW they see:

So apparently CHANGESET_VIEW only grants permission to view the changeset metadata, as has been suggested in this ticket. BROWSER_VIEW and FILE_VIEW are needed to see the diff and the paths of the files that have been modified in the changeset.

In the browser realm, possessing BROWSER_VIEW allows viewing a listing of directories and navigating to those directories, but not see a listing of files in those directories. FILE_VIEW is needed to see a listing of files in a directory and the content of those files.

I'm left wondering about the following behaviors:

  • If a user has FILE_VIEW and CHANGESET_VIEW, I would expect to see a diff of the changed files and to browse to the files. I wouldn't expect BROWSER_VIEW is necessary to see a diff or a listing of the files that have been changed. The user needs only to possess FILE_VIEW to view the contents of a file, so I don't see why the same should not be true in the changeset realm. I would expect BROWSER_VIEW to be necessary for a user to navigate from the changeset view to a directory listing in the repository browser (e.g. view the contents of a new directory added in the changeset).
  • In the repository browser view, if the user has BROWSER_VIEW but not FILE_VIEW, I would expect that they could see the contents of the directories, including the filenames in the directories, but not browse to view the contents of the files (comment:1). In analogy to the rwx permissions in Linux, I would expect BROWSER_VIEW to behave as though the user had r and x for a directory. Possessing the FILE_VIEW permission would be like having the r permission for a file.

So the changes I propose are:

  • Remove the requirement of BROWSER_FILE for a user to see diff in the changeset and to view a listing of the paths that have changed. If the path changed is a directory, it will not be a followable link, however if the path changed is a file it will be followable.
  • Remove the requirement of FILE_VIEW in order to see a listing of filenames in a directory in the repository browser.
Last edited 7 years ago by Ryan J Ollos (previous) (diff)

by Ryan J Ollos, 7 years ago

by Ryan J Ollos, 7 years ago

comment:6 by Jun Omae, 7 years ago

Component: generalversion control/changeset view

comment:7 by Ryan J Ollos, 7 years ago

Cc: Ryan J Ollos added
Milestone: next-dev-1.1.x

Provided others agree with the assessment in comment:5, I'm leaning towards making these changes on the trunk rather than 1.0-stable so that no one is surprised by the change in behavior.

in reply to:  5 comment:8 by Jun Omae, 7 years ago

Replying to rjollos:

So the changes I propose are:

  • Remove the requirement of BROWSER_FILE for a user to see diff in the changeset and to view a listing of the paths that have changed. If the path changed is a directory, it will not be a followable link, however if the path changed is a file it will be followable.

Agreed.

The BROWSER_VIEW is wrongly required in ChangesetModule.process_request. We should remove the check it because each node in changes of the changeset is checked to be viewable in tags/trac-1.0.1/trac/versioncontrol/web_ui/changeset.py@:608-609#L601.

After the change, the changeset view works well with CHANGESET_VIEW and either one of BROWSER_VIEW or FILE_VIEW.

  • trac/versioncontrol/web_ui/changeset.py

    diff --git a/trac/versioncontrol/web_ui/changeset.py b/trac/versioncontrol/web_ui/changeset.py
    index 3eda837..98385fc 100644
    a b class ChangesetModule(Component):  
    483483
    484484        data['title'] = title
    485485
    486         if 'BROWSER_VIEW' not in req.perm:
    487             return
    488 
    489486        def node_info(node, annotated):
    490487            href = req.href.browser(
    491488                reponame, node.created_path, rev=node.created_rev,
  • Remove the requirement of FILE_VIEW in order to see a listing of filenames in a directory in the repository browser.

I'm not sure. I don't think we should do it.

comment:9 by Ryan J Ollos, 7 years ago

Milestone: next-dev-1.1.x1.1.3

comment:10 by Ryan J Ollos, 6 years ago

Milestone: 1.1.3next-dev-1.1.x

comment:11 by Ryan J Ollos, 6 years ago

Status: reopenednew

comment:12 by Ryan J Ollos, 5 years ago

Milestone: next-dev-1.1.xnext-dev-1.3.x

comment:13 by Ryan J Ollos, 18 months ago

Milestone: next-dev-1.3.xnext-dev-1.5.x

Milestone renamed

comment:14 by Ryan J Ollos, 17 months ago

Milestone: next-dev-1.5.xnext-major-releases

Modify Ticket

Change Properties
Set your email in Preferences
Action
as new The ticket will remain with no owner.
The ticket will be disowned.
as The resolution will be set. Next status will be 'closed'.
The owner will be changed from (none) to anonymous. Next status will be 'assigned'.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.