id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc,branch,changelog,apichanges,internalchanges 8445,authz_policy receives 'None' as resource,funsheep@…,Remy Blank,"I'm running a trac 0.11.4 system on an apache2 server. I wanted to have the permissions checked by the AuthzPolicy. I have * added the authz_policy field to the trac.ini and a correct path to an authz.conf file * i have enabled the plugin (and for testing purposes disabled all other plugins) * i have set permission_policies = AuthzPolicy * authz_policy.py loaded from [http://trac.edgewall.org/intertrac/source%3Abranches/0.11-stable/sample-plugins/permissions/authz_policy.py authz_policy.py] - as stated on the website * The trac installation is a fresh one, without editing anything. Trac was installed with easy_install * The environment is also a fresh one * There is a global trac.ini defining the standard permission_policies among other things * And there is a environment specific trac.ini overwriting some of the definitions My authz.conf looks like: {{{ # vim: syntax=dosini [groups] administrator = me developer = dev1, dev2, dev3 # Match everything else [*] @administrator = TRAC_ADMIN anonymous = BLOG_VIEW, BROWSER_VIEW, CHANGESET_VIEW, FILE_VIEW, LOG_VIEW, MILESTONE_VIEW, REPORT_SQL_VIEW, REPORT_VIEW, ROADMAP_VIEW, SEARCH_VIEW, TICKET_VIEW, TIMELINE_VIEW, WIKI_VIEW authenticated = POLL_VOTE, TICKET_APPEND, TICKET_CREATE @developer = BLOG_CREATE, BLOG_MODIFY_OWN, WIKI_CREATE, WIKI_DELETE, WIKI_MODIFY, XML_RPC }}} After reloading the apache i'm not able to see anything but the wiki (blog plugin is disabled). After checking the log, i found this entry {{{ 2009-07-03 12:50:00,462 Trac[authz_policy] DEBUG: Checking REPORT_VIEW on }}} I then added some more debug-lines to the .py file and found this {{{ self.log.debug('Checking %s on %s (unnormalized)', action, resource) }}} gives {{{ 2009-07-03 12:50:00,461 Trac[authz_policy] DEBUG: Checking SEARCH_VIEW on None (unnormalized) }}} And fnmatch between `''` and `'*@*'` (resource_glob) in line [source:/branches/0.11-stable/sample-plugins/permissions/authz_policy.py@8367#L216 216] returns false. Some of the permission checks work (therefore i know that the setup is ok). From the log {{{ 2009-07-03 12:50:00,458 Trac[authz_policy] DEBUG: Checking WIKI_VIEW on (unnormalized) 2009-07-03 12:50:00,458 Trac[authz_policy] DEBUG: Checking WIKI_VIEW on wiki:*@* 2009-07-03 12:50:00,459 Trac[authz_policy] DEBUG: Resource glob *@* 2009-07-03 12:50:00,459 Trac[authz_policy] DEBUG: fnmatch gives: True 2009-07-03 12:50:00,459 Trac[authz_policy] DEBUG: wiki:*@* matched section *@* for user funsheep }}} ",defect,closed,normal,0.12,general,0.11.5,normal,fixed,authzpolicy verify,admin@…,,,,