Edgewall Software
Modify

Opened 3 years ago

Closed 3 years ago

#12734 closed enhancement (fixed)

Log invalid actions used in AuthzPolicy

Reported by: Ryan J Ollos Owned by: Ryan J Ollos
Priority: normal Milestone: 1.2.1
Component: general Version:
Severity: normal Keywords: authzpolicy
Cc: Branch:
Release Notes:

Invalid actions in authz file are logged at warning level.

API Changes:

Description (last modified by Ryan J Ollos)

To help with debugging, it would be useful to log a warning when an undefined action is used in AuthzPolicy.

Attachments (0)

Change History (7)

comment:1 by Ryan J Ollos, 3 years ago

Description: modified (diff)

comment:2 by Ryan J Ollos, 3 years ago

Milestone: next-stable-1.2.x1.2.1
Owner: set to Ryan J Ollos
Status: newassigned

Proposed change in [65ad7217/rjollos.git]. The change without test will be targeted to 1.2-stable, where EnvironmentStub.log_messages is not available.

comment:3 by Ryan J Ollos, 3 years ago

Release Notes: modified (diff)
Resolution: fixed
Status: assignedclosed

Fixed in r15678, merged in r15679.

comment:4 by anonymous, 3 years ago

Resolution: fixed
Status: closedreopened

TracFineGrainedPermissions#UsageNotes

[groups]
admins = john, jack
devs = alice, bob

Now this warns: "The action john in the [groups] section of authzpolicy.conf is not a valid action."

Last edited 3 years ago by Ryan J Ollos (previous) (diff)

comment:5 by Ryan J Ollos, 3 years ago

Status: reopenedassigned

comment:6 by anonymous, 3 years ago

I think that section could just be skipped there:

  • tracopt/perm/authz_policy.py

    diff -r f61b53b84d91 tracopt/perm/authz_policy.py
    a b  
    206206
    207207        all_actions = PermissionSystem(self.env).get_actions()
    208208        for section in self.authz.sections():
     209            if section == 'groups':
     210                continue
    209211            for _, actions in self.authz.items(section):
    210212                for action in to_list(actions):
    211213                    if action not in all_actions:

It's also skipped later.

comment:7 by Ryan J Ollos, 3 years ago

Resolution: fixed
Status: assignedclosed

Fixed in r15771 and r15772.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Ryan J Ollos.
The resolution will be deleted. Next status will be 'reopened'.
to as closed The owner will be changed from Ryan J Ollos to the specified user.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.