Edgewall Software

Opened 14 years ago

Last modified 5 years ago

#9526 new defect

Fine Grained Permission possible realms and paths format are not documented.

Reported by: dpc@… Owned by:
Priority: normal Milestone: next-major-releases
Component: wiki system Version: 0.12
Severity: minor Keywords: permissions documentation authzpolicy
Cc: Branch:
Release Notes:
API Changes:
Internal Changes:

Description (last modified by Ryan J Ollos <ryano@…>)

I'm trying to configure authz_policy.py (TracFineGrainedPermissions) for things other than Wiki Pages.

I can see that this is possible and working, but I'm waisting my time discovering "paths and realms" for every single thing I want to manage via authz_policy.

All the samples and documentation I've found describe configuration for wiki: realms *only* and while this is probably most common usage I'd like to create a ticket to expand the documentation in this topic.

Attachments (0)

Change History (11)

comment:1 by Remy Blank, 14 years ago

Some documentation effort about this is certainly welcome, thanks!

comment:2 by osimons, 14 years ago

The problem is that plugins also provides resource support, and for lookup purposes for users there really should be some code that iterates and presents them. Like we do for config and for macros.

comment:3 by Christian Boos, 14 years ago

Milestone: 0.12.1next-minor-0.12.x

Not for 0.12.1, it seems.

comment:4 by Ryan J Ollos <ryano@…>, 12 years ago

Description: modified (diff)
Keywords: authzpolicy added

comment:5 by Ryan J Ollos, 10 years ago

Milestone: next-minor-0.12.xnext-stable-1.0.x

Moving this forward since I don't think it needs to be fixed on 0.12-stable, but please comment if you feel differently.

We may want to consider this within the context of a more extensive rework of the permission system in which IPermissionRequestor may define actions associated with realms: trunk/trac/perm.py@12930:152-154#L117. Something like,

-                   'WIKI_VIEW']
-       return actions + [('WIKI_ADMIN', actions)]
+        actions = ['CREATE', 'DELETE', 'MODIFY', 'RENAME', 'VIEW']
+        return {'wiki': actions + [('ADMIN', actions)]}
Version 0, edited 10 years ago by Ryan J Ollos (next)

comment:6 by Ryan J Ollos, 9 years ago

Milestone: next-stable-1.0.xnext-dev-1.1.x

comment:7 by Ryan J Ollos, 9 years ago

Milestone: next-dev-1.1.xnext-dev-1.3.x

Narrowing focus for milestone:1.2. Please move ticket to milestone:1.2 if you intend to fix it.

comment:8 by anonymous, 6 years ago

there really should be some code that iterates and presents them. Like we do for config and for macros.

  • trac/wiki/macros.py

    diff -r a3e91091080a trac/wiki/macros.py
    a b  
    2525from trac.core import *
    2626from trac.resource import (
    27     Resource, ResourceNotFound, get_resource_name, get_resource_summary,
    28     get_resource_url
     27    Resource, ResourceNotFound, ResourceSystem, get_resource_name,
     28    get_resource_summary, get_resource_url
    3030from trac.util import as_int
    3131from trac.util.datefmt import format_date, from_utimestamp, user_time
    903903                    for mime_type in sorted(mime_types))))
     906class KnownRealmsMacro(WikiMacroBase):
     907    _domain = 'messages'
     908    _description = cleandoc_(
     909    """List all known realms which can be used with TracFineGrainedPermissions.
     911    Can be given an optional argument which is interpreted as realm filter.
     912    """)
     914    def expand_macro(self, formatter, name, content):
     915        realm_filter = ''
     916        args, kw = parse_args(content)
     917        if args:
     918            realm_filter = args.pop(0).strip().rstrip('*')
     920        resource_sys = ResourceSystem(self.env)
     921        realms = []
     922        for realm in resource_sys.get_known_realms():
     923          if not realm_filter or realm.startswith(realm_filter):
     924            try:
     925                summary = get_resource_summary(self.env, Resource(realm))
     926            except Exception as e:
     927                summary = 'ERROR ' + str(e)
     928            realms.append((realm, summary))
     930        return tag.div(class_='trac-realms')(
     931            tag.table(class_='wiki')(
     932                tag.thead(tag.tr(
     933                    tag.th(_("Realm")),
     934                    tag.th(_("Summary")))),
     935                tag.tbody(
     936                    tag.tr(tag.th(tag.code(realm),
     937                                  style="text-align: left"),
     938                           tag.td(tag.code(
     939                            summary
     940                           )))
     941                    for realm, summary in sorted(realms))))
    906944class TracGuideTocMacro(WikiMacroBase):
    907945    _domain = 'messages'
    908946    _description = cleandoc_(

[[KnownRealms()]] shows:

Realm Summary
attachment Unparented attachment None
changeset Changeset None
milestone Milestone None
repository Default repository
source ERROR 'NoneType' object has no attribute 'get_node'
ticket ERROR coercing to Unicode: need string or buffer, NoneType found

comment:9 by Ryan J Ollos, 6 years ago

The realm summary isn't useful, but a comma-separated list might be enough.

comment:10 by Ryan J Ollos, 5 years ago

Milestone: next-dev-1.3.xnext-dev-1.5.x

Milestone renamed

comment:11 by Ryan J Ollos, 5 years ago

Milestone: next-dev-1.5.xnext-major-releases

Modify Ticket

Change Properties
Set your email in Preferences
as new The ticket will remain with no owner.
The ticket will be disowned.
as The resolution will be set. Next status will be 'closed'.
The owner will be changed from (none) to anonymous. Next status will be 'assigned'.

Add Comment

E-mail address and name can be saved in the Preferences .
Note: See TracTickets for help on using tickets.