DefaultPermissionGroupProvider not doing its whole job
|Reported by:||Owned by:|
|Severity:||critical||Keywords:||user group permission|
|Cc:||leho@…, itamarost@…, ethan.jucovy@…, Ryan J Ollos|
DefaultPermissionGroupProvider doesn't really return the permission groups of which a user is a member; it only handles the "anonymous" and "authenticated" groups. All of the threading through user-defined groups is actually done by
DefaultPermissionStore. While I'm sure that's efficient, it's a problem when the
permission_store is replaced, as with TracForge, if it expects to be able to extend the existing permission group system. See TracForgeGroupsModule for an example. This problem exists in 0.10-stable and 0.11 AFAICT.
Of course, it's entirely possible that I've completely misinterpreted the meaning of "group" and the intention behind
DefaultPermissionStore here :).
Change History (19)
comment:15 Changed 6 years ago by
|Owner:||changed from Alec Thomas to Christian Boos|
|Priority:||normal → high|