Setting permissions fails with numeric userids
|Reported by:||Owned by:||osimons|
The company where I work has a new policy of using employees file numbers as their windows username. Ie. we now have use '371732' rather than 'doej'.
Our TRAC installation ( 0.11 ) is running through Apache/mod_python, and apache is using the mod_auth_sspi to link to the Windows authentication server. As a result, we now have the odd "371732" user in TRAC.
If you try to assign permissions to these users in the manage permissions screen ( "Add Subject To Group" ), the permission grant fails with "All upper-cased tokens are reserved for permission names".
It seems that the problem is that the permission name uppercase check is done by checking
subject == subject.upper()
which holds true if subject is all numeric.
I've fixed it on my installation by changing the test to
subject == subject.upper() and subject != subject.lower()
which means that numeric userids are okay, but you still can't have an all uppercase text name.
The relevant check is in the function "render_admin_panel" in admin\web_ui.py. The check is now
if subject and subject == subject.upper() and subject != subject.lower() or \
group and group == group.upper():
raise TracError(_('All upper-cased tokens are reserved for '
Please can you apply this change to core ?