Edgewall Software
Modify

Opened 18 years ago

Closed 18 years ago

Last modified 15 years ago

#3688 closed defect (duplicate)

BROWSER_VIEW, CHANGESET_VIEW, FILE_VIEW and LOG_VIEW don't appear as valid actions

Reported by: abarrei@… Owned by: Christian Boos
Priority: high Milestone:
Component: admin/console Version: devel
Severity: normal Keywords:
Cc: Branch:
Release Notes:
API Changes:
Internal Changes:

Description

When I tried to remove those permissions from the anonymous account, I get that they are invalid actions. trac-admin does not report them as actions:

Available actions:

CONFIG_VIEW, MILESTONE_ADMIN, MILESTONE_CREATE, MILESTONE_DELETE, MILESTONE_MODIFY, MILESTONE_VIEW, REPORT_ADMIN, REPORT_CREATE, REPORT_DELETE, REPORT_MODIFY, REPORT_SQL_VIEW, REPORT_VIEW, ROADMAP_ADMIN, ROADMAP_VIEW, SEARCH_VIEW, TICKET_ADMIN, TICKET_APPEND, TICKET_CHGPROP, TICKET_CREATE, TICKET_MODIFY, TICKET_VIEW, TIMELINE_VIEW, TRAC_ADMIN, WIKI_ADMIN, WIKI_CREATE, WIKI_DELETE, WIKI_MODIFY, WIKI_VIEW

The worst thing of this is that I can't take anonymous access to the source repository.

Attachments (0)

Change History (7)

comment:1 by Matthew Good, 18 years ago

Resolution: duplicate
Status: newclosed

You appear to have disabled the Trac components related to source code browsing, so those permissions have also been disabled. Since you've disabled those components no users will be ale to browse the repository, so that's not really an issue. See #2546 regarding the error removing disabled permissions.

comment:2 by abarrei@…, 18 years ago

Resolution: duplicate
Status: closedreopened

Sorry to reopen the ticket, just to let you know. I did enable the versioncontrol on the trac.ini and the actions are there now. The only thing that may be worth to mention is that the versioncontrol is automatically enabled if a repository path is configured but the actions are not available on that case, is that a normal behaviour?

Anyway, thank you for your reply.. I've seen trac some time ago but this is the first time I'll try it in a real development environment and the first impression was very very good,

Thanks, a.=

in reply to:  2 comment:3 by Christian Boos, 18 years ago

Resolution: duplicate
Status: reopenedclosed

Replying to abarrei@gmail.com:

… The only thing that may be worth to mention is that the versioncontrol is automatically enabled if a repository path is configured but the actions are not available on that case, is that a normal behaviour?

Sorry, couldn't reproduce that with latest trunk. I created a fresh environment, without setting repository_dir, and the above permissions were not listed, as expected. But as soon as the repository_dir value was set, the BrowserModule, ChangesetModule and LogModule were activated and their corresponding actions were added to the list…

So I'll close the ticket, but feel free to reopen once again if you can prove me wrong by providing a detailed recipe for reproducing the issue…

comment:4 by Markus Tacker <m@…>, 18 years ago

Resolution: duplicate
Status: closedreopened
Version: 0.10b1devel

I've created a new environment with r3945 and I encounter the same problem.

Available actions:
 CONFIG_VIEW, MILESTONE_ADMIN, MILESTONE_CREATE, MILESTONE_DELETE,
 MILESTONE_MODIFY, MILESTONE_VIEW, REPORT_ADMIN, REPORT_CREATE,
 REPORT_DELETE, REPORT_MODIFY, REPORT_SQL_VIEW, REPORT_VIEW, ROADMAP_ADMIN,
 ROADMAP_VIEW, SEARCH_VIEW, TICKET_ADMIN, TICKET_APPEND, TICKET_CHGPROP,
 TICKET_CREATE, TICKET_MODIFY, TICKET_VIEW, TIMELINE_VIEW, TRAC_ADMIN,
 WIKI_ADMIN, WIKI_CREATE, WIKI_DELETE, WIKI_MODIFY, WIKI_VIEW
> permission list

User       Action
--------------------------
anonymous  BROWSER_VIEW
anonymous  CHANGESET_VIEW
anonymous  FILE_VIEW
anonymous  LOG_VIEW
> permission remove anonymous LOG_VIEW
Command failed: LOG_VIEW is not a valid action.

comment:5 by Christian Boos, 18 years ago

Milestone: 0.10.1
Owner: changed from daniel to Christian Boos
Status: reopenednew

Right, now I can reproduce it with a repository where no repository_dir has been specified, and this also in 0.10-stable. I don't know why I missed it the first time, thanks!

comment:6 by Christian Boos, 18 years ago

Status: newassigned

Well, the fix could be as simple as that:

  • trac/perm.py

     
    191191
    192192    def revoke_permission(self, username, action):
    193193        """Revokes the permission of the specified user to perform an action."""
    194         # TODO: Validate that this permission does in fact exist
    195         if action.isupper() and action not in self.get_actions():
    196             raise TracError, '%s is not a valid action.' % action
    197 
    198194        self.store.revoke_permission(username, action)
    199195
    200196    def get_actions(self):

However, given the "TODO" comment in the above, I wonder what was the original intent of this code. Do I miss something, or couldn't we just proceed and delete any action, even those who are not known as valid any more , due to some disabled components?

comment:7 by Christian Boos, 18 years ago

Milestone: 0.10.3
Resolution: duplicate
Status: assignedclosed

Anyway, mgood just did that for fixing #2146, in r4360 ;)

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Christian Boos.
The resolution will be deleted. Next status will be 'reopened'.
to The owner will be changed from Christian Boos to the specified user.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.