Opened 14 years ago
Last modified 5 years ago
#10101 new defect
Broken permissions for changeset view
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | normal | Milestone: | next-major-releases |
| Component: | version control/changeset view | Version: | 0.12 |
| Severity: | normal | Keywords: | |
| Cc: | Ryan J Ollos | Branch: | |
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description
I installed Trac 0.12 some time ago and created me as admin user (TRAC_ADMIN). I added SVN respository, synchronization and everything works fine. After some time, I added a new user and added him some permissions. But when I try to view a changeset logged as this new user, I get weird results - only some added files (2-3 from ~20 new files) with not completed paths (e.g. ballance instead of user_accounts/ballance). Diffs are not shown. Sometimes I get only:
Message: (No files)
It is ok when I log in as admin user. After some time playing with permissions, when I delete all permissions, then I add TRAC_ADMIN permission to the new user, then changesets are ok. But when I try to add only CHANGESET_VIEW permission (or all other permissions except TRAC_ADMIN), then it is not working.
I have to add (or add, remove, add) TRAC_ADMIN permission to the new user, then all required permissions and finally remove TRAC_ADMIN permission if I want CHANGESET_VIEW to work without admin permission.
Attachments (2)
Change History (16)
follow-up: 4 comment:1 by , 14 years ago
comment:2 by , 13 years ago
| Resolution: | → cantfix |
|---|---|
| Status: | new → closed |
Sorry for the late answer, but this sounds like a configuration issue.
If you can reproduce the problem with the soon to be released 0.12.3 and care to provide us with a precise reproduction recipe (which [trac] permission_policies are used, and the appropriate configuration details if you use AuthzPolicy or AuthzSourcePolicy), then you're welcome to reopen this ticket.
comment:3 by , 10 years ago
| Resolution: | cantfix |
|---|---|
| Status: | closed → reopened |
i am using 0.12.5, not sure if i am having the same issue but i would liek users to see the changeset view but not able to browse the source. if i give them CHANGESET_VIEW acces they can access the page but not see any source code which requires BROWSER_VIEW. But BROWSER_VIEW allows them to browse all the source code which i do not want.
comment:4 by , 10 years ago
Replying to anonymous:
Now I opened "browse source" and I am able to see only folders, but no files. The problem is probably here…
This is the expected behavior if you've granted BROWSER_VIEW but not FILE_VIEW.
follow-up: 8 comment:5 by , 10 years ago
To address comment:description, it sounds like there was no defect with regard to the completed paths. Either a permissions policy has been applied as cboos suggested, or the user just did not notice that the path is separated into Location and Files, as shown in the screen captures below.
However, I'm unsure about the behavior when the user has only CHANGESET_VIEW. As a contrived example, I've created files /dir1/dir2/file1 and /dir1/dir2/file2 and modified the content of those files.
If the user has CHANGESET_VIEW, BROWSER_VIEW and FILE_VIEW they see the following:
If the user has CHANGESET_VIEW and either one or neither of BROWSER_VIEW and FILE_VIEW they see:
So apparently CHANGESET_VIEW only grants permission to view the changeset metadata, as has been suggested in this ticket. BROWSER_VIEW and FILE_VIEW are needed to see the diff and the paths of the files that have been modified in the changeset.
In the browser realm, possessing BROWSER_VIEW allows viewing a listing of directories and navigating to those directories, but not see a listing of files in those directories. FILE_VIEW is needed to see a listing of files in a directory and the content of those files.
I'm left wondering about the following behaviors:
- If a user has
FILE_VIEWandCHANGESET_VIEW, I would expect to see a diff of the changed files and to browse to the files. I wouldn't expectBROWSER_VIEWis necessary to see a diff or a listing of the files that have been changed. The user needs only to possessFILE_VIEWto view the contents of a file, so I don't see why the same should not be true in the changeset realm. I would expectBROWSER_VIEWto be necessary for a user to navigate from the changeset view to a directory listing in the repository browser (e.g. view the contents of a new directory added in the changeset). - In the repository browser view, if the user has
BROWSER_VIEWbut notFILE_VIEW, I would expect that they could see the contents of the directories, including the filenames in the directories, but not browse to view the contents of the files (comment:1). In analogy to therwxpermissions in Linux, I would expectBROWSER_VIEWto behave as though the user hadrandxfor a directory. Possessing theFILE_VIEWpermission would be like having therpermission for a file.
So the changes I propose are:
- Remove the requirement of
BROWSER_FILEfor a user to see diff in the changeset and to view a listing of the paths that have changed. If the path changed is a directory, it will not be a followable link, however if the path changed is a file it will be followable. - Remove the requirement of
FILE_VIEWin order to see a listing of filenames in a directory in the repository browser.
by , 10 years ago
| Attachment: | WithoutBrowserViewOrFileView.png added |
|---|
by , 10 years ago
| Attachment: | WithBrowserViewAndFileView.png added |
|---|
comment:6 by , 10 years ago
| Component: | general → version control/changeset view |
|---|
comment:7 by , 10 years ago
| Cc: | added |
|---|---|
| Milestone: | → next-dev-1.1.x |
Provided others agree with the assessment in comment:5, I'm leaning towards making these changes on the trunk rather than 1.0-stable so that no one is surprised by the change in behavior.
comment:8 by , 10 years ago
Replying to rjollos:
So the changes I propose are:
- Remove the requirement of
BROWSER_FILEfor a user to see diff in the changeset and to view a listing of the paths that have changed. If the path changed is a directory, it will not be a followable link, however if the path changed is a file it will be followable.
Agreed.
The BROWSER_VIEW is wrongly required in ChangesetModule.process_request. We should remove the check it because each node in changes of the changeset is checked to be viewable in tags/trac-1.0.1/trac/versioncontrol/web_ui/changeset.py@:608-609#L601.
After the change, the changeset view works well with CHANGESET_VIEW and either one of BROWSER_VIEW or FILE_VIEW.
-
trac/versioncontrol/web_ui/changeset.py
diff --git a/trac/versioncontrol/web_ui/changeset.py b/trac/versioncontrol/web_ui/changeset.py index 3eda837..98385fc 100644
a b class ChangesetModule(Component): 483 483 484 484 data['title'] = title 485 485 486 if 'BROWSER_VIEW' not in req.perm:487 return488 489 486 def node_info(node, annotated): 490 487 href = req.href.browser( 491 488 reponame, node.created_path, rev=node.created_rev,
- Remove the requirement of
FILE_VIEWin order to see a listing of filenames in a directory in the repository browser.
I'm not sure. I don't think we should do it.
comment:9 by , 10 years ago
| Milestone: | next-dev-1.1.x → 1.1.3 |
|---|
comment:10 by , 10 years ago
| Milestone: | 1.1.3 → next-dev-1.1.x |
|---|
comment:11 by , 10 years ago
| Status: | reopened → new |
|---|
comment:12 by , 9 years ago
| Milestone: | next-dev-1.1.x → next-dev-1.3.x |
|---|
comment:14 by , 5 years ago
| Milestone: | next-dev-1.5.x → next-major-releases |
|---|
Hmm, it is weird… After I added TRAC_ADMIN, added other required permissions and removed TRAC_ADMIN, the permission was removed after I restarted trac process, so the above description is not ok. Without TRAC_ADMIN I can not see changesets. Now I opened "browse source" and I am able to see only folders, but no files. The problem is probably here…