Opened 15 years ago
Closed 15 years ago
#8565 closed enhancement (fixed)
authz should support group of groups
Reported by: | Owned by: | Remy Blank | |
---|---|---|---|
Priority: | normal | Milestone: | 0.12 |
Component: | wiki system | Version: | none |
Severity: | normal | Keywords: | permissions patch authzpolicy |
Cc: | ryano@… | Branch: | |
Release Notes: | |||
API Changes: | |||
Internal Changes: |
Description (last modified by )
authz suggests it is possible to write:
[groups] admin = one, two users = three, four everybody = @admin, @users
But this does not work the the standard version, here's a patch
*** authz_policy.py.orig 2009-08-13 00:51:26.000000000 +0000 --- authz_policy.py 2009-08-13 05:06:28.000000000 +0000 *************** *** 174,184 **** --- 174,189 ---- self.get_authz_file()) self.authz = ConfigObj(self.get_authz_file()) self.groups_by_user = {} + groups = {} for group, users in self.authz.get('groups', {}).iteritems(): if isinstance(users, basestring): users = [users] for user in users: + if user[0] == '@': + users.extend (groups[user]) + continue self.groups_by_user.setdefault(user, set()).add('@' + group) + groups.setdefault('@'+group, []).append (user) self.authz_mtime = os.path.getmtime(self.get_authz_file()) def normalise_resource(self, resource):
Attachments (0)
Change History (9)
comment:1 by , 15 years ago
Keywords: | authzpolicy added |
---|
comment:2 by , 15 years ago
Cc: | added |
---|
comment:3 by , 15 years ago
Owner: | set to |
---|
follow-up: 5 comment:4 by , 15 years ago
Description: | modified (diff) |
---|---|
Owner: | changed from | to
comment:5 by , 15 years ago
Replying to cboos:
Remy, I'll take it if you don't mind, as I'm working on the authz stuff now.
Sure, go ahead.
comment:6 by , 15 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
Mutating the users
list while iterating over it is not a good programming practice. I have taken a different (but equivalent) approach in [9401].
comment:7 by , 15 years ago
Owner: | changed from | to
---|
comment:8 by , 15 years ago
Resolution: | fixed |
---|---|
Status: | closed → reopened |
Then again, relying on the order of items in a dict
is not a good idea either. I'll come up with something better.
comment:9 by , 15 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
Order of items is not an issue anymore with [9405].
Patch looks good (well, the content of the patch looks good, for the form of it, see TracDev/SubmittingPatches ;-) ).
Remy, I'll take it if you don't mind, as I'm working on the authz stuff now.