Mercurial > p > roundup > code
annotate doc/upgrading.txt @ 5967:9a980675105d
Add reindex info to upgrading.doc
Recommended if you are affected by indexer code fixes, required if you
use whoosh and are upgrading to python 3.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Fri, 01 Nov 2019 19:53:58 -0400 |
| parents | 5148e46dd314 |
| children | e5acd1843517 |
| rev | line source |
|---|---|
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
1 ====================================== |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2 Upgrading to newer versions of Roundup |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
3 ====================================== |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
4 |
|
1089
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
5 Please read each section carefully and edit your tracker home files |
|
2016
2112962f5bb1
Update documentation for the client.py split and add an upgrade notice.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
2003
diff
changeset
|
6 accordingly. Note that there is information about upgrade procedures in the |
|
2003
a291bf753037
maintenance -> admin guide
Richard Jones <richard@users.sourceforge.net>
parents:
1911
diff
changeset
|
7 `administration guide`_. |
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
8 |
|
2273
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
9 If a specific version transition isn't mentioned here (eg. 0.6.7 to 0.6.8) |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
10 then you don't need to do anything. If you're upgrading from 0.5.6 to |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
11 0.6.8 though, you'll need to check the "0.5 to 0.6" and "0.6.x to 0.6.3" |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
12 steps. |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
13 |
|
5328
ba1ce44254df
clarify supported python versions in two docs. Reported by Joseph Myers.
John Rouillard <rouilj@ieee.org>
parents:
5323
diff
changeset
|
14 **IMPORTANT** The v1.5.x releases of Roundup were the last to support |
|
ba1ce44254df
clarify supported python versions in two docs. Reported by Joseph Myers.
John Rouillard <rouilj@ieee.org>
parents:
5323
diff
changeset
|
15 Python v2.5 and v2.6. Starting with the v1.6 releases of Roundup |
|
ba1ce44254df
clarify supported python versions in two docs. Reported by Joseph Myers.
John Rouillard <rouilj@ieee.org>
parents:
5323
diff
changeset
|
16 v2.7.2 is required to run newer releases of Roundup. |
|
4901
fa268ea457db
Add note about dropping support for Python v2.5
John Kristensen <john@jerrykan.com>
parents:
4890
diff
changeset
|
17 |
|
4890
609edf9de0a5
docs: Remove one nesting level from ToC on subpages
anatoly techtonik <techtonik@gmail.com>
parents:
4880
diff
changeset
|
18 Contents: |
|
609edf9de0a5
docs: Remove one nesting level from ToC on subpages
anatoly techtonik <techtonik@gmail.com>
parents:
4880
diff
changeset
|
19 |
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
20 .. contents:: |
|
4890
609edf9de0a5
docs: Remove one nesting level from ToC on subpages
anatoly techtonik <techtonik@gmail.com>
parents:
4880
diff
changeset
|
21 :local: |
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
22 |
|
5941
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
23 Migrating from 1.6.X to 2.0.0 |
|
5501
dd242cd7a182
mention change from pyme to gpg module for PGP processing
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5332
diff
changeset
|
24 ============================= |
|
dd242cd7a182
mention change from pyme to gpg module for PGP processing
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5332
diff
changeset
|
25 |
|
5726
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5543
diff
changeset
|
26 Upgrade tracker's config.ini file |
|
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5543
diff
changeset
|
27 -------------------------------------- |
|
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5543
diff
changeset
|
28 Once you have installed the new roundup, use: |
|
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5543
diff
changeset
|
29 |
|
5944
d7e6bcde5cbe
Final touchups python -> Python, reconcile config file names.
John Rouillard <rouilj@ieee.org>
parents:
5941
diff
changeset
|
30 roundup-admin -i /path/to/tracker updateconfig newconfig.ini |
|
5726
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5543
diff
changeset
|
31 |
|
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5543
diff
changeset
|
32 to generate a new ini file preserving all your settings. You can then |
|
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5543
diff
changeset
|
33 merge any local comments from the tracker's ``config.ini`` into |
|
5944
d7e6bcde5cbe
Final touchups python -> Python, reconcile config file names.
John Rouillard <rouilj@ieee.org>
parents:
5941
diff
changeset
|
34 ``newconfig.ini``. Compare the old and new files and configure any new |
|
d7e6bcde5cbe
Final touchups python -> Python, reconcile config file names.
John Rouillard <rouilj@ieee.org>
parents:
5941
diff
changeset
|
35 settings as you want. Then replace ``config.ini`` with the |
|
d7e6bcde5cbe
Final touchups python -> Python, reconcile config file names.
John Rouillard <rouilj@ieee.org>
parents:
5941
diff
changeset
|
36 ``newconfig.ini`` file. |
|
5941
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
37 |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
38 Python 3 support |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
39 ---------------- |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
40 |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
41 Many of the ``.html`` and ``.py`` files from Roundup that are copied |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
42 into tracker directories have changed for Python 3 support. If you |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
43 wish to move an existing tracker to Python 3, you need to merge in |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
44 those changes. If your tracker uses the ``anydbm`` or ``mysql`` |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
45 backends, you also need to export the tracker contents using |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
46 ``roundup-admin export`` running under Python 2, and them import them |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
47 using ``roundup-admin import`` running under Python 3, as for a |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
48 migration to a different backend. If using the ``sqlite`` backend, |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
49 you do not need to export and import, but need to delete the |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
50 ``db/otks`` and ``db/sessions`` files when changing Python version. |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
51 If using the ``postgresql`` backend, you do not need to export and |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
52 import and no other special database-related steps are needed. |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
53 |
|
5967
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
54 If you use the whoosh indexer, you will need to reindex. It looks like |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
55 a database created with Python 2 leads to Unicode decode errors when |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
56 accessed by Python 3. Reindexing can take a while (see details below |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
57 look for "reindexing"). |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
58 |
|
5944
d7e6bcde5cbe
Final touchups python -> Python, reconcile config file names.
John Rouillard <rouilj@ieee.org>
parents:
5941
diff
changeset
|
59 Octal values in config.ini change from the Python 2 representation |
|
5941
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
60 with a leading ``0`` (``022``). They now use a leading ``0o`` |
|
29d428927362
prep for 2.0.0alpha0 release.
John Rouillard <rouilj@ieee.org>
parents:
5881
diff
changeset
|
61 (``0o22``). Note that the ``0o`` format is properly handled under |
|
5944
d7e6bcde5cbe
Final touchups python -> Python, reconcile config file names.
John Rouillard <rouilj@ieee.org>
parents:
5941
diff
changeset
|
62 python 2. You can use the ``newconfig.ini`` generated using ``python3 |
|
d7e6bcde5cbe
Final touchups python -> Python, reconcile config file names.
John Rouillard <rouilj@ieee.org>
parents:
5941
diff
changeset
|
63 roundup-admin -i ... updateconfig newconfig.ini`` if you want to go |
|
d7e6bcde5cbe
Final touchups python -> Python, reconcile config file names.
John Rouillard <rouilj@ieee.org>
parents:
5941
diff
changeset
|
64 back to using python 2. (Note going back to Python 2 will require |
|
d7e6bcde5cbe
Final touchups python -> Python, reconcile config file names.
John Rouillard <rouilj@ieee.org>
parents:
5941
diff
changeset
|
65 the same steps as moving from 2 to 3 except using Python 3 to perform |
|
d7e6bcde5cbe
Final touchups python -> Python, reconcile config file names.
John Rouillard <rouilj@ieee.org>
parents:
5941
diff
changeset
|
66 the export.) |
|
5726
e199d0ae4a25
issue2551033: prevent reverse engineering hidden data by using etags
John Rouillard <rouilj@ieee.org>
parents:
5543
diff
changeset
|
67 |
|
5501
dd242cd7a182
mention change from pyme to gpg module for PGP processing
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5332
diff
changeset
|
68 PGP mail processing |
|
dd242cd7a182
mention change from pyme to gpg module for PGP processing
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5332
diff
changeset
|
69 ------------------- |
|
dd242cd7a182
mention change from pyme to gpg module for PGP processing
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5332
diff
changeset
|
70 |
|
dd242cd7a182
mention change from pyme to gpg module for PGP processing
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5332
diff
changeset
|
71 Roundup now uses the ``gpg`` module instead of ``pyme`` to process PGP |
|
dd242cd7a182
mention change from pyme to gpg module for PGP processing
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5332
diff
changeset
|
72 mail. If you have PGP processing enabled, make sure the ``gpg`` |
|
dd242cd7a182
mention change from pyme to gpg module for PGP processing
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5332
diff
changeset
|
73 module is installed. |
|
dd242cd7a182
mention change from pyme to gpg module for PGP processing
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5332
diff
changeset
|
74 |
|
5510
e2978ed3b550
update link to new mysqlclient module and recommend update in upgrading.txt
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5501
diff
changeset
|
75 MySQL client module |
|
e2978ed3b550
update link to new mysqlclient module and recommend update in upgrading.txt
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5501
diff
changeset
|
76 ------------------- |
|
e2978ed3b550
update link to new mysqlclient module and recommend update in upgrading.txt
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5501
diff
changeset
|
77 |
|
e2978ed3b550
update link to new mysqlclient module and recommend update in upgrading.txt
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5501
diff
changeset
|
78 Although the ``MySQLdb`` module from |
|
e2978ed3b550
update link to new mysqlclient module and recommend update in upgrading.txt
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5501
diff
changeset
|
79 https://pypi.org/project/MySQL-python/ is still supported, it is |
|
e2978ed3b550
update link to new mysqlclient module and recommend update in upgrading.txt
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5501
diff
changeset
|
80 recommended to switch to the updated module from |
|
e2978ed3b550
update link to new mysqlclient module and recommend update in upgrading.txt
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5501
diff
changeset
|
81 https://pypi.org/project/mysqlclient/. |
|
e2978ed3b550
update link to new mysqlclient module and recommend update in upgrading.txt
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5501
diff
changeset
|
82 |
|
5879
94a7669677ae
add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents:
5756
diff
changeset
|
83 XMLRPC Access Role |
|
94a7669677ae
add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents:
5756
diff
changeset
|
84 ------------------ |
|
94a7669677ae
add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents:
5756
diff
changeset
|
85 |
|
94a7669677ae
add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents:
5756
diff
changeset
|
86 A new permission has been added to control access to the XMLRPC |
|
94a7669677ae
add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents:
5756
diff
changeset
|
87 endpoint. If the user doesn't have the new "Xmlrpc Access" permission, |
|
94a7669677ae
add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents:
5756
diff
changeset
|
88 they will not be able to log in using the /xmlrpc end point. To add |
|
94a7669677ae
add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents:
5756
diff
changeset
|
89 this new permission to the "User" role you should change your |
|
94a7669677ae
add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents:
5756
diff
changeset
|
90 tracker's schema.py and add:: |
|
94a7669677ae
add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents:
5756
diff
changeset
|
91 |
|
94a7669677ae
add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents:
5756
diff
changeset
|
92 db.security.addPermissionToRole('User', 'Xmlrpc Access') |
|
94a7669677ae
add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents:
5756
diff
changeset
|
93 |
|
94a7669677ae
add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents:
5756
diff
changeset
|
94 This is usually included near where other permissions like "Web Access" |
|
94a7669677ae
add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents:
5756
diff
changeset
|
95 or "Email Access" are assigned. |
|
94a7669677ae
add permissions to control user of rest and xmlrpc API interfaces.
John Rouillard <rouilj@ieee.org>
parents:
5756
diff
changeset
|
96 |
|
5881
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
97 New values for db.tx_Source |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
98 --------------------------- |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
99 |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
100 The database attribute tx_Source reports "xmlrpc" and "rest" when the |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
101 /xmlrpc and /rest web endpoints are used. Check all code (extensions, |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
102 detectors, lib) in trackers looking for tx_Source. If you have code |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
103 like:: |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
104 |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
105 if db.tx_Source == "web": |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
106 |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
107 or:: |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
108 |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
109 if db.tx_Source in ['web', 'email-sig-openpgp', 'cli' ]: |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
110 |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
111 you may need to change these to include matches to "rest" and |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
112 "xmlrpc". For example:: |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
113 |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
114 if db.tx_Source in [ "web", "rest", "xmlrpc" ] |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
115 |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
116 or:: |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
117 |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
118 if db.tx_Source in ['web', 'rest', 'xmlrpc', 'email-sig-openpgp', 'cli' ]: |
|
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
119 |
|
5958
5148e46dd314
issue2550921 - prevent usernames with characters ',' and '<', '>'
John Rouillard <rouilj@ieee.org>
parents:
5944
diff
changeset
|
120 Update userauditor.py to restrict usernames |
|
5148e46dd314
issue2550921 - prevent usernames with characters ',' and '<', '>'
John Rouillard <rouilj@ieee.org>
parents:
5944
diff
changeset
|
121 ------------------------------------------- |
|
5148e46dd314
issue2550921 - prevent usernames with characters ',' and '<', '>'
John Rouillard <rouilj@ieee.org>
parents:
5944
diff
changeset
|
122 |
|
5148e46dd314
issue2550921 - prevent usernames with characters ',' and '<', '>'
John Rouillard <rouilj@ieee.org>
parents:
5944
diff
changeset
|
123 A username can be created with embedded commas and < and > |
|
5148e46dd314
issue2550921 - prevent usernames with characters ',' and '<', '>'
John Rouillard <rouilj@ieee.org>
parents:
5944
diff
changeset
|
124 characters. Even though the < and > are usually escaped when |
|
5148e46dd314
issue2550921 - prevent usernames with characters ',' and '<', '>'
John Rouillard <rouilj@ieee.org>
parents:
5944
diff
changeset
|
125 displayed, the embedded comma makes it difficult to edit lists of |
|
5148e46dd314
issue2550921 - prevent usernames with characters ',' and '<', '>'
John Rouillard <rouilj@ieee.org>
parents:
5944
diff
changeset
|
126 users as they are comma separated. |
|
5148e46dd314
issue2550921 - prevent usernames with characters ',' and '<', '>'
John Rouillard <rouilj@ieee.org>
parents:
5944
diff
changeset
|
127 |
|
5148e46dd314
issue2550921 - prevent usernames with characters ',' and '<', '>'
John Rouillard <rouilj@ieee.org>
parents:
5944
diff
changeset
|
128 If you have not modified your tracker's userauditor.py, you can just |
|
5148e46dd314
issue2550921 - prevent usernames with characters ',' and '<', '>'
John Rouillard <rouilj@ieee.org>
parents:
5944
diff
changeset
|
129 copy the userauditor.py from the classic template into your tracker's |
|
5148e46dd314
issue2550921 - prevent usernames with characters ',' and '<', '>'
John Rouillard <rouilj@ieee.org>
parents:
5944
diff
changeset
|
130 detectors directory. Otherwise merge the changes from the template |
|
5148e46dd314
issue2550921 - prevent usernames with characters ',' and '<', '>'
John Rouillard <rouilj@ieee.org>
parents:
5944
diff
changeset
|
131 userauditor.py. https://issues.roundup-tracker.org/issue2550921 may be |
|
5148e46dd314
issue2550921 - prevent usernames with characters ',' and '<', '>'
John Rouillard <rouilj@ieee.org>
parents:
5944
diff
changeset
|
132 helpful. |
|
5881
9938c40e03bc
Add "rest" and "xmlrpc" values for database tx_Source property
John Rouillard <rouilj@ieee.org>
parents:
5879
diff
changeset
|
133 |
|
5967
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
134 Consider reindexing if you use European languages |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
135 ------------------------------------------------- |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
136 |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
137 A couple of bugs dealing with incorrect indexing of European languages |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
138 (Russian and German were reported) have been fixed. Note reindexing |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
139 all your data may take a long time. See: |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
140 https://issues.roundup-tracker.org/issue1195739 and |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
141 https://issues.roundup-tracker.org/issue1344046 for a description of |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
142 the problem. If you determine that this a problem for your tracker, |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
143 you can use:: |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
144 |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
145 roundup-admin -i /path/to/tracker reindex |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
146 |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
147 to rewrite your full text indexes. The tracker used for reindex timing |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
148 had 140MB of file/message data and 2500 issues with a slow 5400RPM |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
149 SATA drive. Using native indexing with sqlite took about 45 |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
150 minutes. Using whoosh took about 2 hours. Using xapian took about 6 |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
151 hours. All examples were with Python 2. Anecdotal evidence shows |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
152 Python 3 is faster, but YMMV. |
|
9a980675105d
Add reindex info to upgrading.doc
John Rouillard <rouilj@ieee.org>
parents:
5958
diff
changeset
|
153 |
|
5041
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
154 Migrating from 1.5.1 to 1.6.0 |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
155 ============================= |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
156 |
|
5304
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
157 Update tracker config file |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
158 -------------------------- |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
159 |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
160 After installing the new version of roundup, you should |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
161 update the ``config.ini`` file for your tracker. To do this: |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
162 |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
163 1. backup your existing ``config.ini`` file |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
164 2. using the newly installed code, run:: |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
165 |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
166 roundup-admin -i /path/to/tracker updateconfig config.ini.new |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
167 |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
168 to create the file config.ini.new. Replace |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
169 ``/path/to/tracker`` with the path to your tracker. |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
170 3. replace your tracker's config.ini with config.ini.new |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
171 |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
172 Using updateconfig keeps all the settings from your |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
173 tracker's config.ini file and adds settings for all the new |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
174 options. |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
175 |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
176 If you have added comments to your original config.ini file, |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
177 merge the added comments into the config.ini.new file. Then |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
178 replace your tracker's config.ini with config.ini.new. |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
179 |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
180 Read the new config.ini and configure it to enable new |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
181 features. Details on using these features can be found in |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
182 this section. |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
183 |
|
5267
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
184 Make sure that user can view labelprop on classes (REQUIRED) |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
185 ------------------------------------------------------------ |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
186 |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
187 If you have View permissions that use ```properties=...```, |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
188 make sure that the labelprop for the class is listed in the |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
189 properties list. |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
190 |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
191 The first one of these that exists must must be in the list: |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
192 |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
193 1. the property set by a call to setlabelprop for the class |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
194 2. the key of the class (as set by setkey()) |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
195 3. the "name" property (if it exists) |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
196 4. the "title" property (if it exists) |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
197 |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
198 if none of those apply, you must allow |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
199 |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
200 * the "id" property |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
201 |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
202 E.G. If your class does a setlabelprop("foo") you must include "foo" |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
203 in the properties list even if the class has name or title properties. |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
204 |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
205 See: |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
206 http://www.roundup-tracker.org/docs/customizing.html#setlabelprop-property |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
207 for further details on the labelprop. |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
208 |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
209 If you don't do this, you will find that multilinks (and possibly |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
210 links) may not be displayed properly. E.G. templates that iterate over |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
211 a mutlilink field (with tal:repeat for example) may not show any |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
212 content. |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
213 |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
214 See: https://sourceforge.net/p/roundup/mailman/message/35763294/ |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
215 for the initial discussion of the issue. |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
216 |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
217 Cross Site Request Forgery Detection Added |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
218 ------------------------------------------ |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
219 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
220 Roundup 1.6. supports a number of defenses against CSRF. |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
221 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
222 Http header verification against the tracker's ``web`` |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
223 setting in the ``[tracker]`` section of config.ini for the |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
224 following headers: |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
225 |
|
5304
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
226 1. Analyze the ``Referer`` HTTP header to make sure it |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
227 includes the web setting. |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
228 2. Analyze the ``Origin`` HTTP header to make sure the |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
229 schema://host matches the web setting. |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
230 3. Analyze the ``X-Forwarded-Host`` header set by a proxy |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
231 running in front of roundup to make sure it agrees with |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
232 the host part of the web setting. |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
233 4. Analyze the ``Host`` header to make sure it agrees with |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
234 the host part of the web setting. This is not done if |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
235 ``X-Forwarded-Host`` is set. |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
236 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
237 By default roundup 1.6 does not require any specific header |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
238 to be present. However at least one of the headers above |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
239 *must* pass validation checks (usually ``Host`` or |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
240 ``Referer``) or the submission is rejected with an error. |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
241 If any header fails validation, the submission is |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
242 rejected. (Note the user's form keeps all the data they |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
243 entered if it was rejected.) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
244 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
245 Also the admin can include unique csrf tokens for all forms |
|
5271
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
246 submitted using the POST method. (Delete and put methods are also |
|
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
247 included, but not currently used by roundup.) The csrf |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
248 token (nonce) is tied to the user's session. When the user |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
249 submits the form and nonce, the nonce is checked to make |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
250 sure it was issued to the user and the same session. If this |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
251 is not true the post is rejected and the user is notified. |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
252 |
|
5271
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
253 The standard context/submit templating item creates CSRF tokens by |
|
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
254 default. If you have forms using the POST method that are not using |
|
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
255 the standard submit routine, you should add the following field to all |
|
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
256 forms: |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
257 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
258 <input name="@csrf" type="hidden" |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
259 tal:attributes="value python:utils.anti_csrf_nonce()"> |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
260 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
261 A unique random token is generated by every call to |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
262 utils.anti_csrf_nonce() and is put in a database to be |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
263 retreived if the token is used. Token lifetimes are 2 weeks |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
264 by default but can be configured in config.ini. Roundup will |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
265 automatically prune old tokens. Calling anti_csrf_nonce with |
|
5298
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
266 an integer lifetime, for example: |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
267 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
268 <input name="@csrf" type="hidden" |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
269 tal:attributes="value python:utils.anti_csrf_nonce(lifetime=10)"> |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
270 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
271 sets the lifetime of that nonce to 10 minutes. |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
272 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
273 If you want to change the default settings, you have to |
|
5304
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
274 update the web section in your tracker's config.ini file. Follow the |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
275 section above to generate an updated config.ini file. Then |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
276 look for settings that start with csrf. The updated config.ini |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
277 file includes detailed descriptions of the settings. |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
278 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
279 In general one of four values can be set for these |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
280 settings. The default is ``yes``, which validates the header |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
281 or nonce and blocks access if the validation fails. If the |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
282 field/header is missing it allows access. Setting these |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
283 fields to ``required`` blocks access if the header/nonce is |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
284 missing. |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
285 |
|
5275
fee207407dee
Add error and troubleshooting headers. Clarified the suggestion to a
John Rouillard <rouilj@ieee.org>
parents:
5274
diff
changeset
|
286 It is recommended that you change your templates so every form |
|
fee207407dee
Add error and troubleshooting headers. Clarified the suggestion to a
John Rouillard <rouilj@ieee.org>
parents:
5274
diff
changeset
|
287 that is not submitted via GET has an @csrf field. Then change |
|
fee207407dee
Add error and troubleshooting headers. Clarified the suggestion to a
John Rouillard <rouilj@ieee.org>
parents:
5274
diff
changeset
|
288 the csrf_enforce_token setting to 'required'. |
|
fee207407dee
Add error and troubleshooting headers. Clarified the suggestion to a
John Rouillard <rouilj@ieee.org>
parents:
5274
diff
changeset
|
289 |
|
5295
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
290 Errors and Troubleshooting - @csrf in url |
|
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
291 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
292 |
|
5271
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
293 If you see the @csrf nonce in the URL, you have added the value to a |
|
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
294 form that uses the GET method. You should remove the @csrf token from |
|
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
295 these forms as it is not needed. |
|
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
296 |
|
5295
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
297 Errors and Troubleshooting - AttributeError list object no attribute value |
|
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
298 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
5271
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
299 If you get an error: |
|
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
300 |
|
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
301 AttributeError: 'list' object has no attribute 'value' |
|
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
302 |
|
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
303 in handle_csrf, you have more than one @csrf token for the form. This |
|
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
304 usually occurs because the form uses the standard context/submit |
|
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
305 element but you also added an explicit @csrf statement. Simply remove |
|
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
306 the @csrf element for that form. |
|
bee4008a2840
Added info on dealing with common errors when adding @csrf tokens.
John Rouillard <rouilj@ieee.org>
parents:
5270
diff
changeset
|
307 |
|
5298
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
308 Errors and Troubleshooting - xmlrpc Required Header Missing |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
309 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
310 When performing and xmlrpc call, if you see something like: |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
311 |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
312 xmlrpclib.Fault: <Fault 1: "<class |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
313 'roundup.exceptions.UsageError'>:Required Header Missing"> |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
314 |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
315 change the setting of csrf_enforce_header_x-requested-with in |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
316 config.ini to no. So it looks like: |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
317 |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
318 csrf_enforce_header_x-requested-with = no |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
319 |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
320 Alternatively change your xmlrpc client to add appropriate headers to |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
321 the request including the: |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
322 |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
323 X-Requested-With: |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
324 |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
325 header as well as any other required csrf headers (e.g. referer, origin) |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
326 configured in config.ini. See the advanced python client at the end of |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
327 the `xmlrpc guide`_. |
|
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
328 |
|
5212
d4cc71beb102
Added support for SameSite cookie option for CSRF prevention
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
329 Support for SameSite cookie option for session cookie |
|
d4cc71beb102
Added support for SameSite cookie option for CSRF prevention
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
330 ----------------------------------------------------- |
|
d4cc71beb102
Added support for SameSite cookie option for CSRF prevention
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
331 |
|
d4cc71beb102
Added support for SameSite cookie option for CSRF prevention
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
332 Support for serving the session cookie using the SameSite cookie option |
|
d4cc71beb102
Added support for SameSite cookie option for CSRF prevention
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
333 has been added. By default it is set to lax to provide a better user |
|
d4cc71beb102
Added support for SameSite cookie option for CSRF prevention
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
334 experience. But this can be changes to strict or the option can be |
|
d4cc71beb102
Added support for SameSite cookie option for CSRF prevention
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
335 removed entirely. |
|
d4cc71beb102
Added support for SameSite cookie option for CSRF prevention
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
336 |
|
d4cc71beb102
Added support for SameSite cookie option for CSRF prevention
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
337 Using the process for merging config.ini changes described in |
|
d4cc71beb102
Added support for SameSite cookie option for CSRF prevention
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
338 `Cross Site Request Forgery Detection Added`_ you can add the |
|
d4cc71beb102
Added support for SameSite cookie option for CSRF prevention
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
339 ``samesite_cookie_setting`` to the ``[web]`` section of the config |
|
d4cc71beb102
Added support for SameSite cookie option for CSRF prevention
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
340 file. |
|
d4cc71beb102
Added support for SameSite cookie option for CSRF prevention
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
341 |
|
5147
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
342 Fix for path traversal changes template resolution |
|
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
343 -------------------------------------------------- |
|
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
344 |
|
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
345 The templates in the tracker's html subdirectory must not be |
|
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
346 symbolic links that lead outside of the html directory. |
|
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
347 |
|
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
348 If you don't use symbolic links for templates in your html |
|
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
349 subdirectory you don't have to make any changes. Otherwise you need to |
|
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
350 replace the symbolic links with hard links to the files or replace the |
|
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
351 symbolic links with the files. |
|
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
352 |
|
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
353 This is a side effect of fixing a path traversal security issue. The |
|
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
354 security issue required a directory with a specific unusual name. This |
|
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
355 made it difficult to exploit. However allowing the use of |
|
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
356 subdirectories to organize the templates required that it be fixed. |
|
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
357 |
|
d16ba6e6624b
upgrade CHANGES.txt and doc/upgrading.txt with additional info about implications of fixing path traversal bug in d22eb1d40d0e
John Rouillard <rouilj@ieee.org>
parents:
5122
diff
changeset
|
358 |
|
5267
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
359 Database back end specified in config.ini (REQUIRED) |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
360 ---------------------------------------------------- |
|
5068
5b2ce5723abb
Updated _generic.404.html to use the page template so 404 errors still
John Rouillard <rouilj@ieee.org>
parents:
5041
diff
changeset
|
361 |
|
5041
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
362 The ``db/backend_name`` file is no longer used to configure the database |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
363 backend being used for a tracker. The backend is now configured in the |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
364 ``config.ini`` file using the ``backend`` option located in the ``[rdbms]`` |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
365 section. For example if ``db/backend_name`` file contains ``sqlite``, a new |
|
5096
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
366 entry in the tracker's ``config.ini`` will need to be created:: |
|
5041
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
367 |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
368 [rdbms] |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
369 |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
370 ... |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
371 |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
372 # Database backend. |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
373 # Default: |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
374 backend = sqlite |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
375 |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
376 Once the ``config.ini`` file has been updated with the new ``backend`` option, |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
377 you can safely delete the ``db/backend_name`` file. |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
378 |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
379 Note: the ``backend_name`` file may be located in a directory other than |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
380 ``db/`` if you have configured the ``database`` option in the ``[main]`` |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
381 section of the ``config.ini`` file to be something other than ``db``. |
|
5251e97b1de0
Configure the database backend in the config.ini
John Kristensen <john@jerrykan.com>
parents:
5025
diff
changeset
|
382 |
|
5304
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
383 Note 2: if you are using the anydbm back end, you still set |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
384 it using the backend option in the rdbms section of the |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
385 config.ini file. |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
386 |
|
5096
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
387 New config file option 'indexer' added |
|
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
388 -------------------------------------- |
|
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
389 |
|
5304
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
390 This release added support for the Whoosh indexer, so a new |
|
ae32f082e623
Add section on updating config.ini. Reference in CSRF doc. Other doc updates.
John Rouillard <rouilj@ieee.org>
parents:
5298
diff
changeset
|
391 config file option has been |
|
5096
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
392 added. You can force Roundup to use a particular text indexer by |
|
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
393 setting this value in the [main] section of the tracker's |
|
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
394 ``config.ini`` file (usually placed right before indexer_stopwords):: |
|
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
395 |
|
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
396 [main] |
|
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
397 |
|
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
398 ... |
|
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
399 |
|
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
400 # Force Roundup to use a particular text indexer. |
|
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
401 # If no indexer is supplied, the first available indexer |
|
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
402 # will be used in the following order: |
|
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
403 # Possible values: xapian, whoosh, native (internal). |
|
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
404 indexer = |
|
e74c3611b138
- issue2550636, issue2550909: Added support for Whoosh indexer.
John Rouillard <rouilj@ieee.org>
parents:
5078
diff
changeset
|
405 |
|
5295
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
406 Errors and Troubleshooting - Full text searching not working |
|
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
407 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
408 |
|
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
409 If after the upgrade full text searching is not working try changing |
|
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
410 the indexer value. If this is failing most likely you need to set |
|
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
411 '''indexer = native''' to use the rdbms or db text indexing systems. |
|
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
412 |
|
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
413 Alternatively you can do a |
|
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
414 '''roundup-admin -i /path/to/tracker reindex''' |
|
5752
4c0cdfe4f678
Added x-roundup-issue-id to FAQ which discusses other x-roundup header
John Rouillard <rouilj@ieee.org>
parents:
5735
diff
changeset
|
415 to generate a new index using roundup's preferred indexer from the |
|
4c0cdfe4f678
Added x-roundup-issue-id to FAQ which discusses other x-roundup header
John Rouillard <rouilj@ieee.org>
parents:
5735
diff
changeset
|
416 list above. |
|
4c0cdfe4f678
Added x-roundup-issue-id to FAQ which discusses other x-roundup header
John Rouillard <rouilj@ieee.org>
parents:
5735
diff
changeset
|
417 |
|
4c0cdfe4f678
Added x-roundup-issue-id to FAQ which discusses other x-roundup header
John Rouillard <rouilj@ieee.org>
parents:
5735
diff
changeset
|
418 Xapian error with flint when reindexing |
|
4c0cdfe4f678
Added x-roundup-issue-id to FAQ which discusses other x-roundup header
John Rouillard <rouilj@ieee.org>
parents:
5735
diff
changeset
|
419 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ |
|
4c0cdfe4f678
Added x-roundup-issue-id to FAQ which discusses other x-roundup header
John Rouillard <rouilj@ieee.org>
parents:
5735
diff
changeset
|
420 If you reindex and are using xapian, you may get the error that |
|
4c0cdfe4f678
Added x-roundup-issue-id to FAQ which discusses other x-roundup header
John Rouillard <rouilj@ieee.org>
parents:
5735
diff
changeset
|
421 "flint" is not supported (looks like flint was removed after xapian |
|
4c0cdfe4f678
Added x-roundup-issue-id to FAQ which discusses other x-roundup header
John Rouillard <rouilj@ieee.org>
parents:
5735
diff
changeset
|
422 1.2.x). To fix this, you can delete the full text search database |
|
4c0cdfe4f678
Added x-roundup-issue-id to FAQ which discusses other x-roundup header
John Rouillard <rouilj@ieee.org>
parents:
5735
diff
changeset
|
423 located in the tracker home directory in the file '''db/text-index''' |
|
4c0cdfe4f678
Added x-roundup-issue-id to FAQ which discusses other x-roundup header
John Rouillard <rouilj@ieee.org>
parents:
5735
diff
changeset
|
424 and then perform a reindex. |
|
5295
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
425 |
|
5108
67fad01d2009
issue2550653: xapian search, stemming is not working
John Rouillard <rouilj@ieee.org>
parents:
5098
diff
changeset
|
426 Stemming improved in Xapian Indexer |
|
67fad01d2009
issue2550653: xapian search, stemming is not working
John Rouillard <rouilj@ieee.org>
parents:
5098
diff
changeset
|
427 ----------------------------------- |
|
67fad01d2009
issue2550653: xapian search, stemming is not working
John Rouillard <rouilj@ieee.org>
parents:
5098
diff
changeset
|
428 |
|
67fad01d2009
issue2550653: xapian search, stemming is not working
John Rouillard <rouilj@ieee.org>
parents:
5098
diff
changeset
|
429 Stemming allows a search for "silent" also match silently. The Porter |
|
67fad01d2009
issue2550653: xapian search, stemming is not working
John Rouillard <rouilj@ieee.org>
parents:
5098
diff
changeset
|
430 stemmer in Xapian works with lowercase English text. In this release we |
|
67fad01d2009
issue2550653: xapian search, stemming is not working
John Rouillard <rouilj@ieee.org>
parents:
5098
diff
changeset
|
431 lowercase the documents as they are put into the indexer. |
|
67fad01d2009
issue2550653: xapian search, stemming is not working
John Rouillard <rouilj@ieee.org>
parents:
5098
diff
changeset
|
432 |
|
67fad01d2009
issue2550653: xapian search, stemming is not working
John Rouillard <rouilj@ieee.org>
parents:
5098
diff
changeset
|
433 This means capitalization is not preserved, but produces more hits by |
|
67fad01d2009
issue2550653: xapian search, stemming is not working
John Rouillard <rouilj@ieee.org>
parents:
5098
diff
changeset
|
434 using the stemmer. |
|
67fad01d2009
issue2550653: xapian search, stemming is not working
John Rouillard <rouilj@ieee.org>
parents:
5098
diff
changeset
|
435 |
|
67fad01d2009
issue2550653: xapian search, stemming is not working
John Rouillard <rouilj@ieee.org>
parents:
5098
diff
changeset
|
436 You will need to do a roundup-admin reindex if you are using the |
|
67fad01d2009
issue2550653: xapian search, stemming is not working
John Rouillard <rouilj@ieee.org>
parents:
5098
diff
changeset
|
437 Xapian full text indexer on your tracker. |
|
67fad01d2009
issue2550653: xapian search, stemming is not working
John Rouillard <rouilj@ieee.org>
parents:
5098
diff
changeset
|
438 |
|
67fad01d2009
issue2550653: xapian search, stemming is not working
John Rouillard <rouilj@ieee.org>
parents:
5098
diff
changeset
|
439 |
|
5098
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
440 New config file option 'replyto_address' added |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
441 ---------------------------------------------- |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
442 |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
443 A new config file option has been added to let you control the |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
444 Reply-To header on nosy messages. |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
445 |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
446 Edit your tracker's ``config.ini`` and place the following after |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
447 the email entry in the tracker section:: |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
448 |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
449 [tracker] |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
450 ... |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
451 |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
452 # Controls the reply-to header address used when sending |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
453 # nosy messages. |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
454 # If the value is unset (default) the roundup tracker's |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
455 # email address (above) is used. |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
456 # If set to "AUTHOR" then the primary email address of the |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
457 # author of the change will be used as the reply-to |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
458 # address. This allows email exchanges to occur outside of |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
459 # the view of roundup and exposes the address of the person |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
460 # who updated the issue, but it could be useful in some |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
461 # unusual circumstances. |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
462 # If set to some other value, the value is used as the reply-to |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
463 # address. It must be a valid RFC2822 address or people will not be |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
464 # able to reply. |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
465 # Default: |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
466 replyto_address = |
|
99e289359798
issue2550803: Replying to NOSY mail goes to the tracker through
John Rouillard <rouilj@ieee.org>
parents:
5096
diff
changeset
|
467 |
|
5270
84a844f50d1f
Set min python version for release 1.6. Login changes now required,
John Rouillard <rouilj@ieee.org>
parents:
5267
diff
changeset
|
468 Login from a search or after logout works better (REQUIRED) |
|
84a844f50d1f
Set min python version for release 1.6. Login changes now required,
John Rouillard <rouilj@ieee.org>
parents:
5267
diff
changeset
|
469 ----------------------------------------------------------- |
|
5121
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
470 |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
471 The login form has been improved to work with some back end code |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
472 changes. Now when a user logs in they stay on the same page where they |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
473 started the login. To make this work, you must change the tal that is |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5158
diff
changeset
|
474 used to set the ``__came_from`` form variable. Note that the url |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5158
diff
changeset
|
475 assigned to __came_from must be url encoded/quoted and be under the |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5158
diff
changeset
|
476 tracker's base url. If the base_url uses http, you can set the url to |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5158
diff
changeset
|
477 https. |
|
5121
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
478 |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
479 Replace the existing code in the tracker's html/page.html page that |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
480 looks similar to (look for name="__came_from"):: |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
481 |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
482 <input type="hidden" name="__came_from" tal:attributes="value string:${request/base}${request/env/PATH_INFO}"> |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
483 |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
484 with the following:: |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
485 |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
486 <input type="hidden" name="__came_from" |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
487 tal:condition="exists:request/env/QUERY_STRING" |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
488 tal:attributes="value string:${request/base}${request/env/PATH_INFO}?${request/env/QUERY_STRING}"> |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
489 <input type="hidden" name="__came_from" |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
490 tal:condition="not:exists:request/env/QUERY_STRING" |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
491 tal:attributes="value string:${request/base}${request/env/PATH_INFO}"> |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
492 |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
493 Now search backwards for the nearest form statement before the code |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
494 that sets __came_from. If it looks like:: |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
495 |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
496 <form method="post" action="#"> |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
497 |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
498 replace it with:: |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
499 |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
500 <form method="post" tal:attributes="action request/base"> |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
501 |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
502 or with:: |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
503 |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
504 <form method="post" tal:attributes="action string:${request/env/PATH_INFO}"> |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
505 |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
506 the important part is that the action field **must not** include any query |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
507 parameters ('#' includes query params). |
|
894aa07be6cb
issue2550785: Using login from search (or logout) fails. when
John Rouillard <rouilj@ieee.org>
parents:
5120
diff
changeset
|
508 |
|
5295
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
509 Errors and Troubleshooting - Unrecognized scheme in ... |
|
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
510 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
5275
fee207407dee
Add error and troubleshooting headers. Clarified the suggestion to a
John Rouillard <rouilj@ieee.org>
parents:
5274
diff
changeset
|
511 |
|
5270
84a844f50d1f
Set min python version for release 1.6. Login changes now required,
John Rouillard <rouilj@ieee.org>
parents:
5267
diff
changeset
|
512 One symptom of failing to do this is getting an error: |
|
84a844f50d1f
Set min python version for release 1.6. Login changes now required,
John Rouillard <rouilj@ieee.org>
parents:
5267
diff
changeset
|
513 |
|
84a844f50d1f
Set min python version for release 1.6. Login changes now required,
John Rouillard <rouilj@ieee.org>
parents:
5267
diff
changeset
|
514 Unrecognized scheme in .... |
|
84a844f50d1f
Set min python version for release 1.6. Login changes now required,
John Rouillard <rouilj@ieee.org>
parents:
5267
diff
changeset
|
515 |
|
84a844f50d1f
Set min python version for release 1.6. Login changes now required,
John Rouillard <rouilj@ieee.org>
parents:
5267
diff
changeset
|
516 where the .... changes depending on the url path. You can see this |
|
84a844f50d1f
Set min python version for release 1.6. Login changes now required,
John Rouillard <rouilj@ieee.org>
parents:
5267
diff
changeset
|
517 when logging in from any screen other than the main index. |
|
84a844f50d1f
Set min python version for release 1.6. Login changes now required,
John Rouillard <rouilj@ieee.org>
parents:
5267
diff
changeset
|
518 |
|
5158
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
519 Option to make adding multiple keywords more convenient |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
520 ------------------------------------------------------- |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
521 |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
522 In the classic tracker, after adding a new keyword you are redirected |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
523 to the page for the new keyword so you can change the keyword's |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
524 name. This is usually not desirable as you usually correctly set the |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
525 keyword's name when creating the keyword. The new classic tracker has |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
526 a new checkbox (checked by default) that keeps you on the same page so |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
527 you can add a new keywords one after the other. |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
528 |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
529 To add this to your own tracker, add the following code (prefixed with |
|
5270
84a844f50d1f
Set min python version for release 1.6. Login changes now required,
John Rouillard <rouilj@ieee.org>
parents:
5267
diff
changeset
|
530 a +) after the entry box for the new keyword in html/keyword.item.html:: |
|
5158
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
531 |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
532 <tr> |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
533 <th i18n:translate="">Keyword</th> |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
534 <td tal:content="structure context/name/field">name</td> |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
535 + <td tal:condition="not:context/id"> |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
536 + <tal:comment tal:replace="nothing"> |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
537 + If we get here and do not have an id, we are creating a new |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
538 + keyword. It would be nice to provide some mechanism to |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
539 + determine the preferred state of the "Continue adding keywords" |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
540 + checkbox. By default it is enabled. |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
541 + </tal:comment> |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
542 + <input type="checkbox" id="continue_new_keyword" |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
543 + name="__redirect_to" |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
544 + tal:attributes="value |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
545 + string:${request/base}${request/env/PATH_INFO}?@template=item; |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
546 + checked python:True" /> |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
547 + <label for="continue_new_keyword" i18n:translate="">Continue adding keywords.</label> |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
548 + </td> |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
549 </tr> |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
550 |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
551 Note remove the leading '+' when adding this to the templates. |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
552 |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
553 The key component here is support for the '__redirect_to' query |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
554 property. It is a url which can be used when creating any new item |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
555 (issue, user, keyword ....). It controls the next page displayed after |
|
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
556 creating the item. If '__redirect_to' is not set, then you end up on |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5158
diff
changeset
|
557 the page for the newly created item. The url value assigned to |
|
5270
84a844f50d1f
Set min python version for release 1.6. Login changes now required,
John Rouillard <rouilj@ieee.org>
parents:
5267
diff
changeset
|
558 __redirect_to must start with the tracker's base url and must be properly |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5158
diff
changeset
|
559 url encoded. |
|
5158
63294ed25e84
issue1842687: Keywords: After creating, stay in "Create New" mode.
John Rouillard <rouilj@ieee.org>
parents:
5156
diff
changeset
|
560 |
|
5179
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
561 Helper popups trigger change events on the original page |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
562 -------------------------------------------------------- |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
563 |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
564 The helper popups used to set dates (from a calendar), change lists of |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
565 users or lists of issues did not notify the browser that the fields |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
566 had been changed. This release adds code to trigger the change event. |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
567 |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
568 To add the change event to the calendar popup, you don't need to do |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
569 any changes to the tracker. It is all done in the roundup python code |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
570 in templating.py. |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
571 |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
572 To add the change event when updating users using the help-submit |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
573 template, copy |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
574 share/roundup/templates/devel/html/_generic.help-submit.html and |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
575 replace your tracker's html/_generic.help-submit.html. If you have |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
576 done local changes to this file, change your file to include the code |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
577 that defines the onclick event for the input field with |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
578 id="btn_apply". |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
579 |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
580 To add the change event when updating lists of issues copy |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
581 share/roundup/templates/devel/html/help_controls.js to your tracer's |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
582 html directory. If you have made local changes to the javascript file, |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
583 merge the two if/else blocks labeled:: |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
584 |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
585 /* trigger change event on the field we changed */ |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
586 |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
587 into your help_controls.js |
|
e8b3d3a14563
- issue2550796: Calendar and Classhelp selection tools don't cause
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
588 |
|
5068
5b2ce5723abb
Updated _generic.404.html to use the page template so 404 errors still
John Rouillard <rouilj@ieee.org>
parents:
5041
diff
changeset
|
589 html/_generic.404.html in trackers use page template |
|
5078
487dc55e3c5e
issue2550907 Fix errors when creating documentation. Work done by
John Rouillard <rouilj@ieee.org>
parents:
5068
diff
changeset
|
590 ---------------------------------------------------- |
|
5068
5b2ce5723abb
Updated _generic.404.html to use the page template so 404 errors still
John Rouillard <rouilj@ieee.org>
parents:
5041
diff
changeset
|
591 |
|
5b2ce5723abb
Updated _generic.404.html to use the page template so 404 errors still
John Rouillard <rouilj@ieee.org>
parents:
5041
diff
changeset
|
592 The original generic 404 error pages for many trackers did not use the |
|
5b2ce5723abb
Updated _generic.404.html to use the page template so 404 errors still
John Rouillard <rouilj@ieee.org>
parents:
5041
diff
changeset
|
593 standard page layout. This change replaces the html/_generic.404.html |
|
5b2ce5723abb
Updated _generic.404.html to use the page template so 404 errors still
John Rouillard <rouilj@ieee.org>
parents:
5041
diff
changeset
|
594 page with one that uses the page template. |
|
5b2ce5723abb
Updated _generic.404.html to use the page template so 404 errors still
John Rouillard <rouilj@ieee.org>
parents:
5041
diff
changeset
|
595 |
|
5b2ce5723abb
Updated _generic.404.html to use the page template so 404 errors still
John Rouillard <rouilj@ieee.org>
parents:
5041
diff
changeset
|
596 If your deployed tracker is based on: classic, minimal, responsive or |
|
5b2ce5723abb
Updated _generic.404.html to use the page template so 404 errors still
John Rouillard <rouilj@ieee.org>
parents:
5041
diff
changeset
|
597 devel templates and has not changed the html/_generic.404.html file, |
|
5b2ce5723abb
Updated _generic.404.html to use the page template so 404 errors still
John Rouillard <rouilj@ieee.org>
parents:
5041
diff
changeset
|
598 you can copy in the new file to get this additional functionality. |
|
5b2ce5723abb
Updated _generic.404.html to use the page template so 404 errors still
John Rouillard <rouilj@ieee.org>
parents:
5041
diff
changeset
|
599 |
|
5154
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5147
diff
changeset
|
600 Organize templates into subdirectories |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5147
diff
changeset
|
601 -------------------------------------- |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5147
diff
changeset
|
602 |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5147
diff
changeset
|
603 The @template parameter to the web interface allows the use of |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5147
diff
changeset
|
604 subdirectories. So a setting of @template=view/view for an issue would |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5147
diff
changeset
|
605 use the template in the tracker's html/view/issue.view.html. Similarly |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5147
diff
changeset
|
606 for a caller class, you could put all the templates under the |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5147
diff
changeset
|
607 html/caller directory with names like: html/caller/caller.item.html, |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5147
diff
changeset
|
608 html/caller/caller.index.html etc. You may want to symbolically link the |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5147
diff
changeset
|
609 html/_generic* templates into your subdirectory so that missing |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5147
diff
changeset
|
610 templates (e.g. a missing caller.edit.html template) can be satisfied |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5147
diff
changeset
|
611 by the _generic.edit.html template. |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5147
diff
changeset
|
612 |
|
5156
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
613 Properly quote query dispname (displayed name) in page.html |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
614 ----------------------------------------------------------- |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
615 |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
616 A new method has been added to HTMLStringProperty called url_quote. |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
617 The default templates have been updated to use this in the "Your |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
618 Query" section of the trackers html/page.html file. You will want to |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
619 change your template. Lines starting with - are the original line and |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
620 you want to change it to match the line starting with the + (remove |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
621 the + from the line):: |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
622 |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
623 <tal:block tal:repeat="qs request/user/queries"> |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
624 - <a href="#" tal:attributes="href string:${qs/klass}?${qs/url}&@dispname=${qs/name}" |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
625 + <a href="#" tal:attributes="href string:${qs/klass}?${qs/url}&@dispname=${qs/name/url_quote}" |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
626 tal:content="qs/name">link</a><br> |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
627 </tal:block> |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
628 |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
629 Find the tal:repeat line that loops over all queries. Then |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
630 change the value assigned to @dispname in the href attribute from |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
631 ${qs/name} to ${qs/name/url_quote}. Note that you should *not* change |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
632 the value for tal:content. |
|
882fa4d9bead
issue2550795: @dispname query args in page.html search links
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
633 |
|
5267
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
634 Allow "Show Unassigned" issues link to work for Anonymous user |
|
64ae2108df60
Add section on allowing user access to the labelprop for a class so
John Rouillard <rouilj@ieee.org>
parents:
5212
diff
changeset
|
635 -------------------------------------------------------------- |
|
5113
cf112b90fa8d
issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents:
5108
diff
changeset
|
636 |
|
cf112b90fa8d
issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents:
5108
diff
changeset
|
637 In this release the anonymous user is allowed to search the user |
|
cf112b90fa8d
issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents:
5108
diff
changeset
|
638 class. The following was added to the schema for all templates that |
|
cf112b90fa8d
issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents:
5108
diff
changeset
|
639 provide the search option:: |
|
cf112b90fa8d
issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents:
5108
diff
changeset
|
640 |
|
cf112b90fa8d
issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents:
5108
diff
changeset
|
641 p = db.security.addPermission(name='Search', klass='user') |
|
cf112b90fa8d
issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents:
5108
diff
changeset
|
642 db.security.addPermissionToRole ('Anonymous', p) |
|
cf112b90fa8d
issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents:
5108
diff
changeset
|
643 |
|
cf112b90fa8d
issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents:
5108
diff
changeset
|
644 If you are running a tracker that **does not** allow read access for |
|
cf112b90fa8d
issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents:
5108
diff
changeset
|
645 anonymous, you should remove this entry as it can be used to perform |
|
cf112b90fa8d
issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents:
5108
diff
changeset
|
646 a username guessing attack against a roundup install. |
|
5068
5b2ce5723abb
Updated _generic.404.html to use the page template so 404 errors still
John Rouillard <rouilj@ieee.org>
parents:
5041
diff
changeset
|
647 |
|
5295
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
648 Errors and Troubleshooting - Unassigned issues for anonymous |
|
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
649 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
5276
a034f8d09a21
add doc on wierdness in 'Show Unassigned' error if user search for anon not added
John Rouillard <rouilj@ieee.org>
parents:
5275
diff
changeset
|
650 |
|
a034f8d09a21
add doc on wierdness in 'Show Unassigned' error if user search for anon not added
John Rouillard <rouilj@ieee.org>
parents:
5275
diff
changeset
|
651 If you notice that the "Unassigned Issues" search on page.html |
|
a034f8d09a21
add doc on wierdness in 'Show Unassigned' error if user search for anon not added
John Rouillard <rouilj@ieee.org>
parents:
5275
diff
changeset
|
652 is displaying assigned issues for users with the Anonymous role, |
|
a034f8d09a21
add doc on wierdness in 'Show Unassigned' error if user search for anon not added
John Rouillard <rouilj@ieee.org>
parents:
5275
diff
changeset
|
653 you need to allow search permissions for the user class. |
|
a034f8d09a21
add doc on wierdness in 'Show Unassigned' error if user search for anon not added
John Rouillard <rouilj@ieee.org>
parents:
5275
diff
changeset
|
654 |
|
5120
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
655 Improvements in Classic Tracker query.edit.html template |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
656 -------------------------------------------------------- |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
657 |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
658 There is a new query editing template included in the distribution at: |
|
5122
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
659 |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
660 ``share/roundup/templates/classic/html/query.edit.html`` |
|
5120
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
661 |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
662 This template fixes: |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
663 |
|
5122
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
664 * public query could not be removed from "Your Queries" once it was added. |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
665 Trying to do so would cause a permissions error. |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
666 * private yes/no dropdown always showed "yes" regardless of |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
667 underlying state |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
668 * query Delete button did not work. |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
669 * same query being displayed multiple times |
|
5120
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
670 |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
671 It also adds: |
|
5122
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
672 * the table layout displays queries created by the user first, |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
673 then available public queries. |
|
5120
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
674 * public query owners are shown |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
675 * better support for deleted queries. When a query is deleted, it is |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
676 still available for those who added it to their query list. If you |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
677 are the query owner, you can restore (undelete) the query. If you |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
678 are not the owner you can remove it from your query list. |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
679 (If a query is deleted and nobody had it in their query list, it |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
680 will not show up in the "Active retired queries" section. You will |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
681 have to use the class editor or roundup_admin command line to |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
682 restore it.) |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
683 * notifies the user that delete/restore requires javascript. It |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
684 always did, but that requirement wasn't displayed. |
|
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
685 |
|
5122
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
686 To use the new template, you must add Restore permission on queries to |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
687 allow the user to restore queries (see below). |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
688 |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
689 If you have not modified the query.edit.html template in your tracker, |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
690 you should be able to copy the new version from the location above. |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
691 Otherwise you will have to merge the changes into your modified template. |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
692 |
|
5272
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
693 Add the query Restore permission for the User role to your tracker's |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
694 schema.py file. Place it right after the query retire permission for |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
695 the user role. After the change it should look like:: |
|
5122
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
696 |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
697 p = db.security.addPermission(name='Retire', klass='query', check=edit_query, |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
698 description="User is allowed to retire their queries") |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
699 db.security.addPermissionToRole('User', p) |
|
5272
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
700 p = db.security.addPermission(name='Restore', klass='query', |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
701 check=edit_query, |
|
5122
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
702 description="User is allowed to restore their queries") |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
703 db.security.addPermissionToRole('User', p) |
|
1c90f15a177f
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5121
diff
changeset
|
704 |
|
5272
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
705 where the last four lines are the ones you need to add. |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
706 |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
707 Usually you can add this to your User role. If all users have the User |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
708 role in common then all logged in users should be ok. If you have |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
709 users who do not include the User role (e.g. they may only have a |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
710 Provisional role), you should add the search permission to that role |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
711 (e.g. Provisional) as well if you allow them to edit their list of |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
712 queries. |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
713 |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
714 Also see the `new search permissions for query in 1.4.17`_ section |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
715 discussing search permission requirements for editing queries. The |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
716 fixes in this release require the ability to search the creator of all |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
717 queries to work correctly. |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
718 |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
719 If the test script for the `new search permissions for query in |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
720 1.4.17`_ doesn't report that a role has the ability to search queries |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
721 or at least search the creator property for queries, add the following |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
722 permissions to your schema.py:: |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
723 |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
724 s = db.security.addPermission(name='Search', klass='query', |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
725 properties=['creator'], |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
726 description="User is allowed to Search queries for creator") |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
727 db.security.addPermissionToRole('User', s) |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
728 |
|
5295
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
729 Errors and Troubleshooting - Public queries listed twice when editing |
|
b2998cb86bae
Add new section: Errors and Troubleshooting - Full text searching not
John Rouillard <rouilj@ieee.org>
parents:
5276
diff
changeset
|
730 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
5275
fee207407dee
Add error and troubleshooting headers. Clarified the suggestion to a
John Rouillard <rouilj@ieee.org>
parents:
5274
diff
changeset
|
731 |
|
5272
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
732 If you do not do this, public queries will be listed twice in the edit |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
733 interface. Once in the "Queries I created" section and again in the |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
734 "Queries others created" section of the query edit page |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
735 (``http..../query?@template=edit``). |
|
5120
722394a48d7b
issue2550831: Make the classic template query.edit page work.
John Rouillard <rouilj@ieee.org>
parents:
5113
diff
changeset
|
736 |
|
5274
07da34337f70
html/query.item.html was missing checks to verify that a query should
John Rouillard <rouilj@ieee.org>
parents:
5272
diff
changeset
|
737 Fix security issues in query.item.html template |
|
07da34337f70
html/query.item.html was missing checks to verify that a query should
John Rouillard <rouilj@ieee.org>
parents:
5272
diff
changeset
|
738 ----------------------------------------------- |
|
07da34337f70
html/query.item.html was missing checks to verify that a query should
John Rouillard <rouilj@ieee.org>
parents:
5272
diff
changeset
|
739 The default query.item.html template allows anybody to view all |
|
07da34337f70
html/query.item.html was missing checks to verify that a query should
John Rouillard <rouilj@ieee.org>
parents:
5272
diff
changeset
|
740 queries. |
|
07da34337f70
html/query.item.html was missing checks to verify that a query should
John Rouillard <rouilj@ieee.org>
parents:
5272
diff
changeset
|
741 |
|
07da34337f70
html/query.item.html was missing checks to verify that a query should
John Rouillard <rouilj@ieee.org>
parents:
5272
diff
changeset
|
742 This has been updated in the classic, devel and responsive templates |
|
07da34337f70
html/query.item.html was missing checks to verify that a query should
John Rouillard <rouilj@ieee.org>
parents:
5272
diff
changeset
|
743 to only allow people to view queries they creates or queries that are |
|
07da34337f70
html/query.item.html was missing checks to verify that a query should
John Rouillard <rouilj@ieee.org>
parents:
5272
diff
changeset
|
744 publicly viewable. |
|
07da34337f70
html/query.item.html was missing checks to verify that a query should
John Rouillard <rouilj@ieee.org>
parents:
5272
diff
changeset
|
745 |
|
07da34337f70
html/query.item.html was missing checks to verify that a query should
John Rouillard <rouilj@ieee.org>
parents:
5272
diff
changeset
|
746 If you haven't modified you query.item.html template, simply copy the |
|
07da34337f70
html/query.item.html was missing checks to verify that a query should
John Rouillard <rouilj@ieee.org>
parents:
5272
diff
changeset
|
747 query.item.html template from one of the above default templates to |
|
07da34337f70
html/query.item.html was missing checks to verify that a query should
John Rouillard <rouilj@ieee.org>
parents:
5272
diff
changeset
|
748 your tracker's html directory. |
|
07da34337f70
html/query.item.html was missing checks to verify that a query should
John Rouillard <rouilj@ieee.org>
parents:
5272
diff
changeset
|
749 |
|
5186
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
750 Enhancement to check command for Permissions |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
751 -------------------------------------------- |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
752 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
753 A new form of check function is permitted in permission definitions. |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
754 The three argument form is still supported and will work the same |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
755 as it always has (although it may be depricated in the future). |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
756 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
757 If the check function is defined as:: |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
758 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
759 check(db, userid, itemid, **ctx) |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
760 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
761 the ctx variable will have the context to use when determining access |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
762 rights:: |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
763 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
764 ctx['property'] the name of the property being checked or None if |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
765 it's a class check. |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
766 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
767 ctx['classname'] the name of the class that is being checked |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
768 (issue, query ....). |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
769 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
770 ctx['permission'] the name of the permission (e.g. View, Edit...). |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
771 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
772 This should make defining complex permissions much easier. Consider:: |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
773 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
774 def issue_private_access(db, userid, itemid, **ctx): |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
775 if not db.issue.get(itemid, 'private'): |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
776 # allow access to everything if not private |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
777 return True |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
778 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
779 # It is a private issue hide nosy list |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
780 # Note that the nosy property *must* be listed |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
781 # in permissions argument to the addPermission |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
782 # definition otherwise this check command |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
783 # is not run. |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
784 if ctx['property'] == 'nosy': |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
785 return False # deny access to this property |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
786 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
787 # allow access for editing, viewing etc. of the class |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
788 return True |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
789 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
790 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
791 e = db.security.addPermission(name='Edit', klass='issue', |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
792 check=issue_private_access, |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
793 properties=['nosy'], |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
794 description="Edit issue checks") |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
795 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
796 It is suggested that you change your checks to use the ``**ctx`` |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
797 parameter. This is expected to be the preferred form in the future. |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
798 You do not need to use the ``ctx`` parameter in the function if you do |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
799 not need it. |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5179
diff
changeset
|
800 |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
801 Changes to property permissions |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
802 ------------------------------- |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
803 |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
804 If you create a permission: |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
805 |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
806 db.security.addPermission(name='View', klass='user', |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
807 properties=['theme'], check=own_record, |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
808 description="User is allowed to view their own theme") |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
809 |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
810 that combines checks and properties, the permission also matches a |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
811 permission check for the View permission on the user class. So this |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
812 also allows the user to see their user record. It is unexpected that |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
813 checking for access without a property would match this permission. |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
814 |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
815 This release adds support for making a permission like above only be |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
816 used during property permission tests. See ``customizing.txt`` and |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
817 search for props_only and set_props_only_default in the section |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
818 'Adding a new Permission' |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5194
diff
changeset
|
819 |
| 5192 | 820 Improve query editing |
| 821 --------------------- | |
| 822 | |
|
5194
3124be3cc197
Hopefully making the doc for the query editing feature less confusing.
rouilj@uland
parents:
5192
diff
changeset
|
823 If a user creates a query with the same name as one of their existing |
|
3124be3cc197
Hopefully making the doc for the query editing feature less confusing.
rouilj@uland
parents:
5192
diff
changeset
|
824 queries, the query editing interface will now report an error. By |
|
3124be3cc197
Hopefully making the doc for the query editing feature less confusing.
rouilj@uland
parents:
5192
diff
changeset
|
825 default the query editing page (issue.search.html) displays the index |
|
3124be3cc197
Hopefully making the doc for the query editing feature less confusing.
rouilj@uland
parents:
5192
diff
changeset
|
826 page when the search is triggered. This is usually correct since the |
|
3124be3cc197
Hopefully making the doc for the query editing feature less confusing.
rouilj@uland
parents:
5192
diff
changeset
|
827 user expects to see the results of the query. But now that |
|
3124be3cc197
Hopefully making the doc for the query editing feature less confusing.
rouilj@uland
parents:
5192
diff
changeset
|
828 the code properly checks for duplicate search names, the user should |
|
3124be3cc197
Hopefully making the doc for the query editing feature less confusing.
rouilj@uland
parents:
5192
diff
changeset
|
829 stay on the search page if there is an error. To add this to your |
|
5270
84a844f50d1f
Set min python version for release 1.6. Login changes now required,
John Rouillard <rouilj@ieee.org>
parents:
5267
diff
changeset
|
830 existing issue.search.html page, add the following line after the |
|
5194
3124be3cc197
Hopefully making the doc for the query editing feature less confusing.
rouilj@uland
parents:
5192
diff
changeset
|
831 hidden field @old-queryname: |
| 5192 | 832 |
| 833 <input type="hidden" name="@template" value="index|search"/> | |
| 834 | |
| 835 With this addition, the index template is displayed if there is no | |
| 836 error, and the user stays on the search template if there is an error. | |
| 837 | |
|
5323
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
838 New -L (loghttpvialogger) option to roundup-server |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
839 -------------------------------------------------- |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
840 |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
841 Http request logs from roundup-server are sent to stderr or |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
842 can be recorded in a log file (if -l or the logfile options |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
843 is used). However there is no way to rotate the logfile |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
844 without shutting down and restarting the roundup-server. |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
845 |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
846 If the -L flag is used, the python logging module is used |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
847 for logging the http requests. The name for the log |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
848 (qualname) is 'roundup.http'. You can direct these messages |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
849 to a rotating log file by putting the following:: |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
850 |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
851 [loggers] |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
852 keys=roundup.http |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
853 |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
854 [logger_roundup.http] |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
855 level=INFO |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
856 handlers=rotate_weblog |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
857 qualname=roundup.http |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
858 propagate=0 |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
859 |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
860 [handlers] |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
861 keys=rotate_weblog |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
862 |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
863 [handler_rotate_weblog] |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
864 class=logging.handlers.RotatingFileHandler |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
865 args=('httpd.log','a', 512000, 2) |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
866 formatter=plain |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
867 |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
868 [formatters] |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
869 keys=plain |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
870 |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
871 [formatter_plain] |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
872 format=%(message)s |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
873 |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
874 into a file (e.g. logging.ini). Then reference this file in |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
875 the 'config' value of the [logging] section in the trackers |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
876 config.ini file. |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
877 |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
878 Note the log configuration above is an example and can be |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
879 merged into a more full featured logging config file for |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
880 your tracker if you wish. It will create a new file in the |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
881 current working directory called 'httpd.log' and will rotate |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
882 the log file at 500K and keep two old copies of the file. |
|
762222535a0b
Allow http request logs to be logged using the python logging module
John Rouillard <rouilj@ieee.org>
parents:
5304
diff
changeset
|
883 |
|
4851
24b8011cd2dc
Fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4678
diff
changeset
|
884 Migrating from 1.5.0 to 1.5.1 |
|
24b8011cd2dc
Fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4678
diff
changeset
|
885 ============================= |
|
24b8011cd2dc
Fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4678
diff
changeset
|
886 |
|
5025
cf22972fe080
Preparing 1.5.1 steps 3/16
anatoly techtonik <techtonik@gmail.com>
parents:
4902
diff
changeset
|
887 User data visibility |
|
cf22972fe080
Preparing 1.5.1 steps 3/16
anatoly techtonik <techtonik@gmail.com>
parents:
4902
diff
changeset
|
888 -------------------- |
|
cf22972fe080
Preparing 1.5.1 steps 3/16
anatoly techtonik <techtonik@gmail.com>
parents:
4902
diff
changeset
|
889 |
|
4902
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
890 For security reasons you should change the permissions on the user |
|
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
891 class. We previously shipped a configuration that allowed users to see |
|
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
892 too many of other users details, including hashed passwords under |
|
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
893 certain circumstances. In schema.py in your tracker, replace the line:: |
|
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
894 |
|
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
895 db.security.addPermissionToRole('User', 'View', 'user') |
|
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
896 |
|
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
897 with:: |
|
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
898 |
|
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
899 p = db.security.addPermission(name='View', klass='user', |
|
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
900 properties=('id', 'organisation', 'phone', 'realname', |
|
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
901 'timezone', 'username')) |
|
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
902 db.security.addPermissionToRole('User', p) |
|
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
903 |
|
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
904 Note that this removes visibility of user emails, if you want emails to |
|
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
905 be visible you can add 'address' and 'alternate_addresses' to the list |
|
a403c29ffaf9
Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4901
diff
changeset
|
906 above. |
|
5025
cf22972fe080
Preparing 1.5.1 steps 3/16
anatoly techtonik <techtonik@gmail.com>
parents:
4902
diff
changeset
|
907 |
|
cf22972fe080
Preparing 1.5.1 steps 3/16
anatoly techtonik <techtonik@gmail.com>
parents:
4902
diff
changeset
|
908 XSS protection for custom actions |
|
cf22972fe080
Preparing 1.5.1 steps 3/16
anatoly techtonik <techtonik@gmail.com>
parents:
4902
diff
changeset
|
909 --------------------------------- |
|
cf22972fe080
Preparing 1.5.1 steps 3/16
anatoly techtonik <techtonik@gmail.com>
parents:
4902
diff
changeset
|
910 |
|
4880
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
911 If you have defined your own cgi actions in your tracker instance |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
912 (e.g. in a custom ``extensions/spambayes.py`` file) you need to modify |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
913 all cases where client.error_message or client.ok_message are modified |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
914 directly. Instead of:: |
|
4851
24b8011cd2dc
Fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4678
diff
changeset
|
915 |
|
4880
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
916 self.client.ok_message.append(...) |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
917 |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
918 you need to call:: |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
919 |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
920 self.client.add_ok_message(...) |
|
4851
24b8011cd2dc
Fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4678
diff
changeset
|
921 |
|
4880
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
922 and the same for:: |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
923 |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
924 self.client.error_message.append(...) |
|
4851
24b8011cd2dc
Fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4678
diff
changeset
|
925 |
|
4880
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
926 vs.:: |
|
4851
24b8011cd2dc
Fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4678
diff
changeset
|
927 |
|
4880
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
928 self.client.add_error_message(...) |
|
4851
24b8011cd2dc
Fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4678
diff
changeset
|
929 |
|
4880
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
930 The new calls escape the passed string by default and avoid XSS security |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
931 issues. |
|
4851
24b8011cd2dc
Fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4678
diff
changeset
|
932 |
|
4664
17197d6145cf
Add CHANGES.txt entry and instructions in upgrading.txt for issue2550765/a099ff2ceff3.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4663
diff
changeset
|
933 Migrating from 1.4.20 to 1.4.21 |
|
17197d6145cf
Add CHANGES.txt entry and instructions in upgrading.txt for issue2550765/a099ff2ceff3.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4663
diff
changeset
|
934 =============================== |
|
17197d6145cf
Add CHANGES.txt entry and instructions in upgrading.txt for issue2550765/a099ff2ceff3.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4663
diff
changeset
|
935 |
|
17197d6145cf
Add CHANGES.txt entry and instructions in upgrading.txt for issue2550765/a099ff2ceff3.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4663
diff
changeset
|
936 The ``_generic.calendar.html`` page of the instance has been updated to include |
|
17197d6145cf
Add CHANGES.txt entry and instructions in upgrading.txt for issue2550765/a099ff2ceff3.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4663
diff
changeset
|
937 ``<meta name="robots" content="noindex, nofollow" />``. This prevents |
|
17197d6145cf
Add CHANGES.txt entry and instructions in upgrading.txt for issue2550765/a099ff2ceff3.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4663
diff
changeset
|
938 robots to follow all the links in the calendar. If you haven't modified the |
|
17197d6145cf
Add CHANGES.txt entry and instructions in upgrading.txt for issue2550765/a099ff2ceff3.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4663
diff
changeset
|
939 page on your local instance, you can simply replace it with the one in |
|
17197d6145cf
Add CHANGES.txt entry and instructions in upgrading.txt for issue2550765/a099ff2ceff3.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4663
diff
changeset
|
940 ``share/roundup/templates/classic/html/_generic.calendar.html``; if you did, |
|
17197d6145cf
Add CHANGES.txt entry and instructions in upgrading.txt for issue2550765/a099ff2ceff3.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4663
diff
changeset
|
941 you can add the tag manually. See issue2550765 and changeset a099ff2ceff3. |
|
17197d6145cf
Add CHANGES.txt entry and instructions in upgrading.txt for issue2550765/a099ff2ceff3.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4663
diff
changeset
|
942 |
|
4678
23de24f57566
issue2550749 - the xmlrpc interface is invoked on content type
rouilj
parents:
4664
diff
changeset
|
943 If you are using the xml-rpc interface, there is a change |
|
23de24f57566
issue2550749 - the xmlrpc interface is invoked on content type
rouilj
parents:
4664
diff
changeset
|
944 in accessing it. You can not send text/xml data to any |
|
23de24f57566
issue2550749 - the xmlrpc interface is invoked on content type
rouilj
parents:
4664
diff
changeset
|
945 roundup url and get a response, you must use the /xmlrpc |
|
23de24f57566
issue2550749 - the xmlrpc interface is invoked on content type
rouilj
parents:
4664
diff
changeset
|
946 url. For example, if you used to send your xmlrpc request to: |
|
23de24f57566
issue2550749 - the xmlrpc interface is invoked on content type
rouilj
parents:
4664
diff
changeset
|
947 |
|
23de24f57566
issue2550749 - the xmlrpc interface is invoked on content type
rouilj
parents:
4664
diff
changeset
|
948 http://myroundup.com/roundup |
|
23de24f57566
issue2550749 - the xmlrpc interface is invoked on content type
rouilj
parents:
4664
diff
changeset
|
949 |
|
23de24f57566
issue2550749 - the xmlrpc interface is invoked on content type
rouilj
parents:
4664
diff
changeset
|
950 you need to change the url to read: |
|
23de24f57566
issue2550749 - the xmlrpc interface is invoked on content type
rouilj
parents:
4664
diff
changeset
|
951 |
|
23de24f57566
issue2550749 - the xmlrpc interface is invoked on content type
rouilj
parents:
4664
diff
changeset
|
952 http://myroundup.com/roundup/xmlrpc |
|
23de24f57566
issue2550749 - the xmlrpc interface is invoked on content type
rouilj
parents:
4664
diff
changeset
|
953 |
|
23de24f57566
issue2550749 - the xmlrpc interface is invoked on content type
rouilj
parents:
4664
diff
changeset
|
954 to invoke the xmlrpc handler. This allows us to send xml |
|
23de24f57566
issue2550749 - the xmlrpc interface is invoked on content type
rouilj
parents:
4664
diff
changeset
|
955 data to roundup for other handlers (e.g. REST, SOAP ...) |
|
23de24f57566
issue2550749 - the xmlrpc interface is invoked on content type
rouilj
parents:
4664
diff
changeset
|
956 in the future. |
|
4664
17197d6145cf
Add CHANGES.txt entry and instructions in upgrading.txt for issue2550765/a099ff2ceff3.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4663
diff
changeset
|
957 |
|
4623
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
958 Migrating from 1.4.19 to 1.4.20 |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
959 =============================== |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
960 |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
961 Roundup used to allow certain HTML-Tags in OK- and Error-messages. Since |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
962 these messages are passed via the URL (due to roundup redirecting after |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
963 an edit), we did have security-issues (see issue2550724). |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
964 |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
965 If you have customized the OK or Error messages in your |
|
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
966 roundup-installation and you were using features like bold or italic |
|
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
967 in the message, you will have to do without this highlighting and |
|
4623
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
968 remove HTML tags from messages. |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
969 |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
970 If you were using <br> tags for multi-line messages, you now should use |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
971 newlines instead, these will be replaced with <br/> during formatting. |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
972 |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
973 Note that the previous implementation also allowed links inside |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
974 messages. Since these links could be set by an attacker, no links in |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
975 roundup messages are supported anymore. This does *not* affect the |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
976 "clear this message" link in OK-messages as it is generated by the |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
977 template and is not part of the OK-message. |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
978 |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
979 If you have not modified any roundup messages, you need not do anything, |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
980 the templates shipped with roundup did not use HTML tags in messages for |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
981 highlighting. |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
982 |
|
4f9c3858b671
Fix another XSS with the ok- and error message, see issue2550724.
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4582
diff
changeset
|
983 |
|
4503
9f488541802f
Yet another fix to the mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4499
diff
changeset
|
984 Migrating from 1.4.17 to 1.4.18 |
|
4499
431bf4e7d3d7
- release preparation
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4489
diff
changeset
|
985 =============================== |
|
431bf4e7d3d7
- release preparation
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4489
diff
changeset
|
986 |
|
4503
9f488541802f
Yet another fix to the mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4499
diff
changeset
|
987 There was a bug in 1.4.17 where files were unlinked from issues if a |
|
4499
431bf4e7d3d7
- release preparation
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4489
diff
changeset
|
988 mail without attachment was received via the mail interface. The |
|
431bf4e7d3d7
- release preparation
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4489
diff
changeset
|
989 following script will list likely issues being affected by the bug. |
|
4503
9f488541802f
Yet another fix to the mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4499
diff
changeset
|
990 The date in the script is the date of the 1.4.17 release. If you have |
|
9f488541802f
Yet another fix to the mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4499
diff
changeset
|
991 installed 1.4.17 later than this date, you can change the date |
|
4499
431bf4e7d3d7
- release preparation
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4489
diff
changeset
|
992 appropriately to your installation date. Run the script in the directory |
|
4582
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
993 of your tracker:: |
|
4499
431bf4e7d3d7
- release preparation
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4489
diff
changeset
|
994 |
|
4582
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
995 #!/usr/bin/python |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
996 import os |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
997 from roundup import instance |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
998 from roundup.date import Date |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
999 dir = os.getcwd () |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
1000 tracker = instance.open (dir) |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
1001 db = tracker.open ('admin') |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
1002 # you may want to change this to your install date to find less candidates |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
1003 last_release = Date('2011-05-13') |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
1004 affected = {} |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
1005 for i in db.issue.getnodeids(): |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
1006 for j in db.issue.history(i): |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
1007 if i in affected: |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
1008 break |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
1009 if j[1] < last_release or j[3] != 'set' or 'files' not in j[4]: |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
1010 continue |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
1011 for op, p in j[4]['files']: |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
1012 if op == '-': |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
1013 affected [i] = 1 |
|
753a379c0303
Fix syntax errors in doc/upgrading.txt and .gitignore
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4510
diff
changeset
|
1014 break |
|
5332
d0689aaa83db
Applied patch 0038 from issue2550960 to upgrade code examples in
John Rouillard <rouilj@ieee.org>
parents:
5328
diff
changeset
|
1015 print(', '.join(sorted(affected.keys()))) |
|
4499
431bf4e7d3d7
- release preparation
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4489
diff
changeset
|
1016 |
|
431bf4e7d3d7
- release preparation
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4489
diff
changeset
|
1017 To find out which files where attached before you can look in the |
|
431bf4e7d3d7
- release preparation
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4489
diff
changeset
|
1018 history of the affected issue. For fixing issues you can re-attach the |
|
431bf4e7d3d7
- release preparation
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4489
diff
changeset
|
1019 files in question using the "set" command of roundup-admin, e.g., if the |
|
431bf4e7d3d7
- release preparation
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4489
diff
changeset
|
1020 list of files attached to an issue should be files 5, 17, 23 for issue42 |
|
431bf4e7d3d7
- release preparation
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4489
diff
changeset
|
1021 you will set this using |
|
431bf4e7d3d7
- release preparation
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4489
diff
changeset
|
1022 |
|
431bf4e7d3d7
- release preparation
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4489
diff
changeset
|
1023 roundup-admin -i /path/to/your/tracker set issue42 files=5,17,23 |
|
431bf4e7d3d7
- release preparation
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4489
diff
changeset
|
1024 |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1025 Migrating from 1.4.x to 1.4.17 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1026 ============================== |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1027 |
|
4489
47bd330e3d17
Fix documentation for roundup-server about the 'host' parameter...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4484
diff
changeset
|
1028 There is a new config-option `migrate_passwords` in section `web` to |
|
4484
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4444
diff
changeset
|
1029 auto-migrate passwords at web-login time to a more secure storage |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4444
diff
changeset
|
1030 scheme. Default for the new option is "yes" so if you don't want that |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4444
diff
changeset
|
1031 passwords are auto-migrated to a more secure password scheme on user |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4444
diff
changeset
|
1032 login, set this to "no" before running your tracker(s) after the |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4444
diff
changeset
|
1033 upgrade. |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4444
diff
changeset
|
1034 |
|
4489
47bd330e3d17
Fix documentation for roundup-server about the 'host' parameter...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4484
diff
changeset
|
1035 The standalone roundup-server now defaults to listening on localhost (no |
|
47bd330e3d17
Fix documentation for roundup-server about the 'host' parameter...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4484
diff
changeset
|
1036 longer on all network interfaces). This will not affect you if you're |
|
47bd330e3d17
Fix documentation for roundup-server about the 'host' parameter...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4484
diff
changeset
|
1037 already using a configuration file for roundup-server. If you are using |
|
47bd330e3d17
Fix documentation for roundup-server about the 'host' parameter...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4484
diff
changeset
|
1038 an empty setting for the `host` parameter in the config-file you should |
|
47bd330e3d17
Fix documentation for roundup-server about the 'host' parameter...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4484
diff
changeset
|
1039 explicitly put 0.0.0.0 there as the use of an empty string to specify |
|
47bd330e3d17
Fix documentation for roundup-server about the 'host' parameter...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4484
diff
changeset
|
1040 listening to all interfaces is deprecated and will go away in a future |
|
47bd330e3d17
Fix documentation for roundup-server about the 'host' parameter...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4484
diff
changeset
|
1041 version. If you are starting the server without a configuration file |
|
47bd330e3d17
Fix documentation for roundup-server about the 'host' parameter...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4484
diff
changeset
|
1042 and want to explicitly listen to all network interface, you should |
|
47bd330e3d17
Fix documentation for roundup-server about the 'host' parameter...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4484
diff
changeset
|
1043 specify the -n option with the address `0.0.0.0`. |
|
47bd330e3d17
Fix documentation for roundup-server about the 'host' parameter...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4484
diff
changeset
|
1044 |
|
5272
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
1045 .. _new search permissions for query in 1.4.17: |
|
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
1046 |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1047 Searching now requires either read-permission without a check method, or |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1048 you will have to add a "Search" permission for a class or a list of |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1049 properties for a class (if you want to allow searching). For the classic |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1050 template (or other templates derived from it) you want to add the |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1051 following lines to your `schema.py` file:: |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1052 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1053 p = db.security.addPermission(name='Search', klass='query') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1054 db.security.addPermissionToRole('User', p) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1055 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1056 This is needed, because for the `query` class users may view only their |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1057 own queries (or public queries). This is implemented with a `check` |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1058 method, therefore the default search permissions will not allow |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1059 searching and you'll have to add an explicit search permission. |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1060 If you have modified your schema, you can check if you're missing any |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1061 search permissions with the following script, run it in your tracker |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1062 directory, it will list for each Class and Property the roles that may |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1063 search for this property:: |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1064 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1065 #!/usr/bin/python |
|
5332
d0689aaa83db
Applied patch 0038 from issue2550960 to upgrade code examples in
John Rouillard <rouilj@ieee.org>
parents:
5328
diff
changeset
|
1066 from __future__ import print_function |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1067 import os |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1068 from roundup import instance |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
1069 |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1070 tracker = instance.open(os.getcwd ()) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1071 db = tracker.open('admin') |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
1072 |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1073 for cl in sorted(db.getclasses()): |
|
5332
d0689aaa83db
Applied patch 0038 from issue2550960 to upgrade code examples in
John Rouillard <rouilj@ieee.org>
parents:
5328
diff
changeset
|
1074 print("Class:", cl) |
|
5272
c6fbd4803eae
If you upgrade to the newer query edit interface but did not allow
John Rouillard <rouilj@ieee.org>
parents:
5271
diff
changeset
|
1075 for p in sorted(db.getclass(cl).getprops(protected=True).keys()): |
|
5332
d0689aaa83db
Applied patch 0038 from issue2550960 to upgrade code examples in
John Rouillard <rouilj@ieee.org>
parents:
5328
diff
changeset
|
1076 print(" Property:", p) |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1077 roles = [] |
|
5332
d0689aaa83db
Applied patch 0038 from issue2550960 to upgrade code examples in
John Rouillard <rouilj@ieee.org>
parents:
5328
diff
changeset
|
1078 for role in sorted(db.security.role.keys()): |
|
4444
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
1079 if db.security.roleHasSearchPermission(cl,p,role): |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1080 roles.append(role) |
|
5332
d0689aaa83db
Applied patch 0038 from issue2550960 to upgrade code examples in
John Rouillard <rouilj@ieee.org>
parents:
5328
diff
changeset
|
1081 print(" roles may search:", ', '.join(roles)) |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1082 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4332
diff
changeset
|
1083 |
|
4310
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4308
diff
changeset
|
1084 Migrating from 1.4.x to 1.4.12 |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4308
diff
changeset
|
1085 ============================== |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4308
diff
changeset
|
1086 |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4308
diff
changeset
|
1087 Item creation now checks the "Create" permission instead of the "Edit" |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4308
diff
changeset
|
1088 permission for individual properties. If you have modified your tracker |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4308
diff
changeset
|
1089 permissions from the default distribution, you should check that |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4308
diff
changeset
|
1090 "Create" permissions exist for all properties you want users to be able |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4308
diff
changeset
|
1091 to create. |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4308
diff
changeset
|
1092 |
|
4322
1595ad33036d
more security update doc
Richard Jones <richard@users.sourceforge.net>
parents:
4321
diff
changeset
|
1093 |
|
4320
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1094 Fixing some potential security holes |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1095 ------------------------------------ |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1096 |
|
4322
1595ad33036d
more security update doc
Richard Jones <richard@users.sourceforge.net>
parents:
4321
diff
changeset
|
1097 Enhanced checking was added to the user registration auditor. If you |
|
1595ad33036d
more security update doc
Richard Jones <richard@users.sourceforge.net>
parents:
4321
diff
changeset
|
1098 run a public tracker you should update your tracker's |
|
1595ad33036d
more security update doc
Richard Jones <richard@users.sourceforge.net>
parents:
4321
diff
changeset
|
1099 ``detectors/userauditor.py`` using the new code from |
|
1595ad33036d
more security update doc
Richard Jones <richard@users.sourceforge.net>
parents:
4321
diff
changeset
|
1100 ``share/roundup/templates/classic/detectors/userauditor.py``. In most |
|
1595ad33036d
more security update doc
Richard Jones <richard@users.sourceforge.net>
parents:
4321
diff
changeset
|
1101 cases you may just copy the file over, but if you've made changes to |
|
1595ad33036d
more security update doc
Richard Jones <richard@users.sourceforge.net>
parents:
4321
diff
changeset
|
1102 the auditor in your tracker then you'll need to manually integrate |
|
1595ad33036d
more security update doc
Richard Jones <richard@users.sourceforge.net>
parents:
4321
diff
changeset
|
1103 the new code. |
|
1595ad33036d
more security update doc
Richard Jones <richard@users.sourceforge.net>
parents:
4321
diff
changeset
|
1104 |
|
4320
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1105 Some HTML templates were found to have formatting security problems: |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1106 |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1107 ``html/page.html``:: |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1108 |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1109 -tal:replace="request/user/username">username</span></b><br> |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1110 +tal:replace="python:request.user.username.plain(escape=1)">username</span></b><br> |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1111 |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1112 ``html/_generic.help-list.html``:: |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1113 |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1114 -tal:content="structure python:item[prop]"></label> |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1115 +tal:content="python:item[prop]"></label> |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1116 |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1117 The lines marked "+" should be added and lines marked "-" should be |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1118 deleted (minus the "+"/"-" signs). |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1119 |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1120 |
| 4321 | 1121 Some HTML interface tweaks |
| 1122 -------------------------- | |
| 1123 | |
| 1124 You may wish to copy the ``user_utils.js`` and ``style.css` files from the | |
| 1125 source distribution ``share/roundup/templates/classic/html/`` directory to the | |
| 1126 ``html`` directory of your trackers as it includes a small improvement. | |
| 1127 | |
| 1128 If you have made local changes to those files you'll need to manually work | |
| 1129 the differences in to your versions or ignore the changes. | |
| 1130 | |
| 1131 | |
|
4299
e16a1131ba67
include info on what a designator is in all commands that use them
Richard Jones <richard@users.sourceforge.net>
parents:
4295
diff
changeset
|
1132 Migrating from 1.4.x to 1.4.11 |
|
4295
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1133 ============================== |
|
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1134 |
| 4312 | 1135 Close potential security hole |
| 1136 ----------------------------- | |
|
4308
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1137 |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1138 If your tracker has untrusted users you should examine its ``schema.py`` |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1139 file and look for the section granting the "Edit" permission to your users. |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1140 This should look something like:: |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1141 |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1142 p = db.security.addPermission(name='Edit', klass='user', check=own_record, |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1143 description="User is allowed to edit their own user details") |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1144 |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1145 and should be modified to restrict the list of properties they are allowed |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1146 to edit by adding the ``properties=`` section like:: |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1147 |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1148 p = db.security.addPermission(name='Edit', klass='user', check=own_record, |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1149 properties=('username', 'password', 'address', 'realname', 'phone', |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1150 'organisation', 'alternate_addresses', 'queries', 'timezone'), |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1151 description="User is allowed to edit their own user details") |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1152 |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1153 Most importantly the "roles" property should not be editable - thus not |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1154 appear in that list of properties. |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1155 |
|
b30bdfae4461
Fix security hole allowing user permission escalation
Richard Jones <richard@users.sourceforge.net>
parents:
4299
diff
changeset
|
1156 |
|
4295
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1157 Grant the "Register" permission to the Anonymous role |
|
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1158 ----------------------------------------------------- |
|
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1159 |
|
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1160 A separate "Register" permission has been introduced to allow |
|
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1161 anonymous users to register. This means you will need to add the |
|
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1162 following to your tracker's ``schema.py`` to add the permission and |
|
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1163 assign it to the Anonymous role (replacing any previously assigned |
| 4312 | 1164 "Create user" permission for the Anonymous role):: |
|
4295
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1165 |
|
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1166 +db.security.addPermission(name='Register', klass='user', |
| 4312 | 1167 + description='User is allowed to register new user') |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
1168 |
|
4295
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1169 # Assign the appropriate permissions to the anonymous user's Anonymous |
|
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1170 # Role. Choices here are: |
|
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1171 # - Allow anonymous users to register |
|
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1172 -db.security.addPermissionToRole('Anonymous', 'Create', 'user') |
|
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1173 +db.security.addPermissionToRole('Anonymous', 'Register', 'user') |
|
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1174 |
|
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1175 The lines marked "+" should be added and lines marked "-" should be |
|
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1176 deleted (minus the "+"/"-" signs). |
|
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1177 |
|
4323
a3f88aa04735
fix stupid typo
Richard Jones <richard@users.sourceforge.net>
parents:
4322
diff
changeset
|
1178 You should also modify the ``html/page.html`` template to change the |
|
4320
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1179 permission tested there:: |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1180 |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1181 -tal:condition="python:request.user.hasPermission('Create', 'user')" |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1182 +tal:condition="python:request.user.hasPermission('Register', 'user')" |
|
1072574dab86
include some additional docs
Richard Jones <richard@users.sourceforge.net>
parents:
4318
diff
changeset
|
1183 |
|
4295
a57ced3a4bb6
- Add documentation for migrating to the Register permission...
Richard Jones <richard@users.sourceforge.net>
parents:
4211
diff
changeset
|
1184 |
|
4318
05d3f47003fc
add missing upgrade instructions
Richard Jones <richard@users.sourceforge.net>
parents:
4312
diff
changeset
|
1185 Generic class editor may now restore retired items |
|
05d3f47003fc
add missing upgrade instructions
Richard Jones <richard@users.sourceforge.net>
parents:
4312
diff
changeset
|
1186 -------------------------------------------------- |
|
05d3f47003fc
add missing upgrade instructions
Richard Jones <richard@users.sourceforge.net>
parents:
4312
diff
changeset
|
1187 |
|
05d3f47003fc
add missing upgrade instructions
Richard Jones <richard@users.sourceforge.net>
parents:
4312
diff
changeset
|
1188 The instructions for doing so won't be present in your tracker unless you copy |
|
05d3f47003fc
add missing upgrade instructions
Richard Jones <richard@users.sourceforge.net>
parents:
4312
diff
changeset
|
1189 the ``_generic.index.html`` template from the roundup distribution in |
|
05d3f47003fc
add missing upgrade instructions
Richard Jones <richard@users.sourceforge.net>
parents:
4312
diff
changeset
|
1190 ``share/roundup/templates/classic/html`` to your tracker's ``html`` directory. |
|
05d3f47003fc
add missing upgrade instructions
Richard Jones <richard@users.sourceforge.net>
parents:
4312
diff
changeset
|
1191 |
|
05d3f47003fc
add missing upgrade instructions
Richard Jones <richard@users.sourceforge.net>
parents:
4312
diff
changeset
|
1192 |
|
4120
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1193 Migrating from 1.4.x to 1.4.9 |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1194 ============================= |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1195 |
|
4211
61cf00ca920a
Process each message through the mail gateway as a separate transaction.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4120
diff
changeset
|
1196 Customized MailGW Class |
|
61cf00ca920a
Process each message through the mail gateway as a separate transaction.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4120
diff
changeset
|
1197 ----------------------- |
|
61cf00ca920a
Process each message through the mail gateway as a separate transaction.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4120
diff
changeset
|
1198 |
|
61cf00ca920a
Process each message through the mail gateway as a separate transaction.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4120
diff
changeset
|
1199 If you have customized the MailGW class in your tracker: The new MailGW |
|
61cf00ca920a
Process each message through the mail gateway as a separate transaction.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4120
diff
changeset
|
1200 class opens the database for each message in the method handle_message |
|
61cf00ca920a
Process each message through the mail gateway as a separate transaction.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4120
diff
changeset
|
1201 (instance.open) instead of passing the opened database as a parameter to |
|
61cf00ca920a
Process each message through the mail gateway as a separate transaction.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4120
diff
changeset
|
1202 the MailGW constructor. The old handle_message has been renamed to |
|
61cf00ca920a
Process each message through the mail gateway as a separate transaction.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4120
diff
changeset
|
1203 _handle_message. The new method opens the database and wraps the call to |
|
61cf00ca920a
Process each message through the mail gateway as a separate transaction.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4120
diff
changeset
|
1204 the old method into a try/finally. |
|
61cf00ca920a
Process each message through the mail gateway as a separate transaction.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4120
diff
changeset
|
1205 |
|
61cf00ca920a
Process each message through the mail gateway as a separate transaction.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4120
diff
changeset
|
1206 Your customized MailGW class needs to mirror this behavior. |
|
61cf00ca920a
Process each message through the mail gateway as a separate transaction.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4120
diff
changeset
|
1207 |
|
4120
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1208 Fix the "remove" button in issue files and messages lists |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1209 --------------------------------------------------------- |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1210 |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1211 The "remove" button(s) in the issue messages list needs to be altered. Find |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1212 the following in your tracker's ``html/issue.item.html`` template:: |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1213 |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1214 <td> |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1215 <form style="padding:0" tal:condition="context/is_edit_ok" |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1216 tal:attributes="action string:issue${context/id}"> |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1217 <input type="hidden" name="@remove@files" tal:attributes="value file/id"> |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1218 |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1219 and add ``method="POST"`` as shown below:: |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1220 |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1221 <td> |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1222 <form style="padding:0" method="POST" tal:condition="context/is_edit_ok" |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1223 tal:attributes="action string:issue${context/id}"> |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1224 <input type="hidden" name="@remove@files" tal:attributes="value file/id"> |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1225 |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1226 Then also find:: |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1227 |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1228 <td> |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1229 <form style="padding:0" tal:condition="context/is_edit_ok" |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1230 tal:attributes="action string:issue${context/id}"> |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1231 <input type="hidden" name="@remove@messages" tal:attributes="value msg/id"> |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1232 |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1233 and add ``method="POST"`` as shown below:: |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1234 |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1235 <td> |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1236 <form style="padding:0" method="POST" tal:condition="context/is_edit_ok" |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1237 tal:attributes="action string:issue${context/id}"> |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1238 <input type="hidden" name="@remove@messages" tal:attributes="value msg/id"> |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1239 |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1240 |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1241 Fixing the "retire" button in user management list |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1242 -------------------------------------------------- |
|
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1243 |
|
4643
09df6e4c6975
Minor improvement to old upgrading infos.
Bernhard Reiter <bernhard@intevation.de>
parents:
4623
diff
changeset
|
1244 Some previous versions of this upgrading document missed ``method="POST"`` |
|
09df6e4c6975
Minor improvement to old upgrading infos.
Bernhard Reiter <bernhard@intevation.de>
parents:
4623
diff
changeset
|
1245 in the change to the "retire" link in the user management list |
|
09df6e4c6975
Minor improvement to old upgrading infos.
Bernhard Reiter <bernhard@intevation.de>
parents:
4623
diff
changeset
|
1246 in section `Migrating from 1.4.x to 1.4.7`_. |
|
09df6e4c6975
Minor improvement to old upgrading infos.
Bernhard Reiter <bernhard@intevation.de>
parents:
4623
diff
changeset
|
1247 Make sure the change is done as listed below in this document. |
|
4120
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1248 |
|
4088
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1249 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1250 Migrating from 1.4.x to 1.4.7 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1251 ============================= |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1252 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1253 Several security issues were addressed in this release. Some aspects of your |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1254 trackers may no longer function depending on your local customisations. Core |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1255 functionality that will need to be modified: |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1256 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1257 Grant the "retire" permission to users for their queries |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1258 -------------------------------------------------------- |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1259 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1260 Users will no longer be able to retire their own queries. To remedy this you |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1261 will need to add the following to your tracker's ``schema.py`` just under the |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1262 line that grants them permission to edit their own queries:: |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1263 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1264 p = db.security.addPermission(name='Edit', klass='query', check=edit_query, |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1265 description="User is allowed to edit their queries") |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1266 db.security.addPermissionToRole('User', p) |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1267 + p = db.security.addPermission(name='Retire', klass='query', check=edit_query, |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1268 + description="User is allowed to retire their queries") |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1269 + db.security.addPermissionToRole('User', p) |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1270 p = db.security.addPermission(name='Create', klass='query', |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1271 description="User is allowed to create queries") |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1272 db.security.addPermissionToRole('User', p) |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1273 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1274 The lines marked "+" should be added, minus the "+" sign. |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1275 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1276 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1277 Fix the "retire" link in the users list for admin users |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1278 ------------------------------------------------------- |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1279 |
| 4330 | 1280 The "retire" link found in the file ``html/user.index.html``:: |
|
4088
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1281 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1282 <td tal:condition="context/is_edit_ok"> |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1283 <a tal:attributes="href string:user${user/id}?@action=retire&@template=index" |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1284 i18n:translate="">retire</a> |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1285 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1286 Should be replaced with:: |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1287 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1288 <td tal:condition="context/is_retire_ok"> |
|
4120
ad57b06af972
fixed classic tracker template to submit POST requests when appropriate
Richard Jones <richard@users.sourceforge.net>
parents:
4089
diff
changeset
|
1289 <form style="padding:0" method="POST" |
|
4088
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1290 tal:attributes="action string:user${user/id}"> |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1291 <input type="hidden" name="@template" value="index"> |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1292 <input type="hidden" name="@action" value="retire"> |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1293 <input type="submit" value="retire" i18n:attributes="value"> |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1294 </form> |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1295 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1296 |
|
4089
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1297 Fix for Python 2.6+ users |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1298 ------------------------- |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1299 |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1300 If you use Python 2.6 you should edit your tracker's |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1301 ``detectors/nosyreaction.py`` file to change:: |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1302 |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1303 import sets |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1304 |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1305 at the top to:: |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1306 |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1307 from roundup.anypy.sets_ import set |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1308 |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1309 and then all instances of ``sets.Set()`` to ``set()`` in the later code. |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1310 |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1311 |
|
eddb82d0964c
Add compatibility package to allow us to deal with Python versions 2.3..2.6.
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1312 |
|
4088
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1313 Trackers currently allowing HTML file uploading |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1314 ----------------------------------------------- |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1315 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1316 Trackers which wish to continue to allow uploading of HTML content against issues |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1317 will need to set a new configuration variable in the ``[web]`` section of the |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1318 tracker's ``config.ini`` file: |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1319 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1320 # Setting this option enables Roundup to serve uploaded HTML |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1321 # file content *as HTML*. This is a potential security risk |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1322 # and is therefore disabled by default. Set to 'yes' if you |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1323 # trust *all* users uploading content to your tracker. |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1324 # Allowed values: yes, no |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1325 # Default: no |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1326 allow_html_file = no |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1327 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1328 |
|
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3969
diff
changeset
|
1329 |
|
3969
905faf52a51f
fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
3963
diff
changeset
|
1330 Migrating from 1.4.2 to 1.4.3 |
|
905faf52a51f
fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
3963
diff
changeset
|
1331 ============================= |
|
905faf52a51f
fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
3963
diff
changeset
|
1332 |
|
905faf52a51f
fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
3963
diff
changeset
|
1333 If you are using the MySQL backend you will need to replace some indexes |
|
905faf52a51f
fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
3963
diff
changeset
|
1334 that may have been created by version 1.4.2. |
|
905faf52a51f
fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
3963
diff
changeset
|
1335 |
|
905faf52a51f
fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
3963
diff
changeset
|
1336 You should to access your MySQL database directly and remove any indexes |
|
905faf52a51f
fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
3963
diff
changeset
|
1337 with a name ending in "_key_retired_idx". You should then re-add them with |
|
905faf52a51f
fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
3963
diff
changeset
|
1338 the same spec except the key column name needs a size. So an index on |
|
905faf52a51f
fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
3963
diff
changeset
|
1339 "_user (__retired, _name)" should become "_user (__retired, _name(255))". |
|
905faf52a51f
fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
3963
diff
changeset
|
1340 |
|
905faf52a51f
fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
3963
diff
changeset
|
1341 |
|
3963
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1342 Migrating from 1.4.x to 1.4.2 |
|
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1343 ============================= |
|
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1344 |
|
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1345 You should run the "roundup-admin migrate" command for your tracker once |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
1346 you've installed the latest codebase. |
|
3963
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1347 |
|
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1348 Do this before you use the web, command-line or mail interface and before |
|
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1349 any users access the tracker. |
|
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1350 |
|
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1351 This command will respond with either "Tracker updated" (if you've not |
|
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1352 previously run it on an RDBMS backend) or "No migration action required" |
|
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1353 (if you have run it, or have used another interface to the tracker, |
|
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1354 or are using anydbm). |
|
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1355 |
|
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1356 It's safe to run this even if it's not required, so just get into the |
|
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1357 habit. |
|
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1358 |
|
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1359 |
|
3938
083e280165a8
Pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3858
diff
changeset
|
1360 Migrating from 1.3.3 to 1.4.0 |
|
3838
99bd1d59a58e
1.3.3 > 1.3.4 upgrade notes
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3745
diff
changeset
|
1361 ============================= |
|
99bd1d59a58e
1.3.3 > 1.3.4 upgrade notes
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3745
diff
changeset
|
1362 |
|
99bd1d59a58e
1.3.3 > 1.3.4 upgrade notes
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3745
diff
changeset
|
1363 Value of the "refwd_re" tracker configuration option (section "mailgw") |
|
99bd1d59a58e
1.3.3 > 1.3.4 upgrade notes
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3745
diff
changeset
|
1364 is treated as UTF-8 string. In previous versions, it was ISO8859-1. |
|
99bd1d59a58e
1.3.3 > 1.3.4 upgrade notes
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3745
diff
changeset
|
1365 |
|
99bd1d59a58e
1.3.3 > 1.3.4 upgrade notes
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3745
diff
changeset
|
1366 If you have running trackers based on the classic template, please |
|
99bd1d59a58e
1.3.3 > 1.3.4 upgrade notes
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3745
diff
changeset
|
1367 update the messagesummary detector as follows:: |
|
99bd1d59a58e
1.3.3 > 1.3.4 upgrade notes
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3745
diff
changeset
|
1368 |
|
99bd1d59a58e
1.3.3 > 1.3.4 upgrade notes
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3745
diff
changeset
|
1369 --- detectors/messagesummary.py 17 Apr 2003 03:26:38 -0000 1.1 |
|
99bd1d59a58e
1.3.3 > 1.3.4 upgrade notes
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3745
diff
changeset
|
1370 +++ detectors/messagesummary.py 3 Apr 2007 06:47:21 -0000 1.2 |
|
99bd1d59a58e
1.3.3 > 1.3.4 upgrade notes
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3745
diff
changeset
|
1371 @@ -8,7 +8,7 @@ |
|
3963
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1372 if newvalues.has_key('summary') or not newvalues.has_key('content'): |
|
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1373 return |
|
3838
99bd1d59a58e
1.3.3 > 1.3.4 upgrade notes
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3745
diff
changeset
|
1374 |
|
99bd1d59a58e
1.3.3 > 1.3.4 upgrade notes
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3745
diff
changeset
|
1375 - summary, content = parseContent(newvalues['content'], 1, 1) |
|
99bd1d59a58e
1.3.3 > 1.3.4 upgrade notes
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3745
diff
changeset
|
1376 + summary, content = parseContent(newvalues['content'], config=db.config) |
|
3963
3230f9c88086
Fix race condition for key properties in rdbms backends [SF#1876683]
Richard Jones <richard@users.sourceforge.net>
parents:
3938
diff
changeset
|
1377 newvalues['summary'] = summary |
|
3838
99bd1d59a58e
1.3.3 > 1.3.4 upgrade notes
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
3745
diff
changeset
|
1378 |
|
3858
bb30bbfc7cdd
Indexing fixes.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3838
diff
changeset
|
1379 In the latest version we have added some database indexes to the |
|
bb30bbfc7cdd
Indexing fixes.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3838
diff
changeset
|
1380 SQL-backends (mysql, postgresql, sqlite) for speeding up building the |
|
bb30bbfc7cdd
Indexing fixes.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3838
diff
changeset
|
1381 roundup-index for full-text search. We recommend that you create the |
|
bb30bbfc7cdd
Indexing fixes.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3838
diff
changeset
|
1382 following database indexes on the database by hand:: |
|
bb30bbfc7cdd
Indexing fixes.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3838
diff
changeset
|
1383 |
|
4332
61f2e659faf7
add SQL detail
Richard Jones <richard@users.sourceforge.net>
parents:
4330
diff
changeset
|
1384 CREATE INDEX words_by_id ON __words (_textid); |
|
61f2e659faf7
add SQL detail
Richard Jones <richard@users.sourceforge.net>
parents:
4330
diff
changeset
|
1385 CREATE UNIQUE INDEX __textids_by_props ON __textids (_class, _itemid, _prop); |
|
3858
bb30bbfc7cdd
Indexing fixes.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3838
diff
changeset
|
1386 |
|
3745
20e9831fc58a
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3738
diff
changeset
|
1387 Migrating from 1.2.x to 1.3.0 |
|
20e9831fc58a
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3738
diff
changeset
|
1388 ============================= |
|
20e9831fc58a
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3738
diff
changeset
|
1389 |
|
20e9831fc58a
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3738
diff
changeset
|
1390 1.3.0 Web interface changes |
|
20e9831fc58a
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3738
diff
changeset
|
1391 --------------------------- |
|
20e9831fc58a
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3738
diff
changeset
|
1392 |
|
20e9831fc58a
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3738
diff
changeset
|
1393 Some of the HTML files in the "classic" and "minimal" tracker templates |
|
20e9831fc58a
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3738
diff
changeset
|
1394 were changed to fix some bugs and clean them up. You may wish to compare |
|
20e9831fc58a
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3738
diff
changeset
|
1395 them to the HTML files in your tracker and apply any changes. |
|
20e9831fc58a
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3738
diff
changeset
|
1396 |
|
20e9831fc58a
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3738
diff
changeset
|
1397 |
|
3732
0cc9b954f1f1
- fix version number in upgrading howto.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3696
diff
changeset
|
1398 Migrating from 1.1.2 to 1.2.0 |
|
3696
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1399 ============================= |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1400 |
|
3732
0cc9b954f1f1
- fix version number in upgrading howto.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3696
diff
changeset
|
1401 1.2.0 Sorting and grouping by multiple properties |
|
3696
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1402 ------------------------------------------------- |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1403 |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1404 Starting with this version, sorting and grouping by multiple properties |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1405 is possible. This means that request.sort and request.group are now |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1406 lists. This is reflected in several places: |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1407 |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1408 * ``renderWith`` now has list attributes for ``sort`` and ``group``, |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1409 where you previously wrote:: |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
1410 |
|
3696
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1411 renderWith(... sort=('-', 'activity'), group=('+', 'priority') |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1412 |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1413 you write now:: |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1414 |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1415 renderWith(... sort=[('-', 'activity')], group=[('+', 'priority')] |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1416 |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1417 * In templates that permit to edit sorting/grouping, request.sort and |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1418 request.group are (possibly empty) lists. You can now sort and group |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1419 by multiple attributes. For an example, see the classic template. You |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1420 may want search for the variable ``n_sort`` which can be set to the |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1421 number of sort/group properties. |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1422 |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1423 * Templates that diplay new headlines for each group of items with |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1424 equal group properties can now use the modified ``batch.propchanged`` |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1425 method that can take several properties which are checked for |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1426 changes. See the example in the classic template which makes use of |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1427 ``batch.propchanged``. |
|
790363e96852
Sorting/grouping by multiple properties.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3588
diff
changeset
|
1428 |
|
3588
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1429 Migrating from 1.1.0 to 1.1.1 |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1430 ============================= |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1431 |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1432 1.1.1 "Clear this message" |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1433 -------------------------- |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1434 |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1435 In 1.1.1, the standard ``page.html`` template includes a "clear this message" |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1436 link in the green "ok" message bar that appears after a successful edit |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1437 (or other) action. |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1438 |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1439 To include this in your tracker, change the following in your ``page.html`` |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1440 template:: |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1441 |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1442 <p tal:condition="options/ok_message | nothing" class="ok-message" |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1443 tal:repeat="m options/ok_message" tal:content="structure m">error</p> |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1444 |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1445 to be:: |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1446 |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1447 <p tal:condition="options/ok_message | nothing" class="ok-message"> |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1448 <span tal:repeat="m options/ok_message" |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1449 tal:content="structure string:$m <br/ > " /> |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1450 <a class="form-small" tal:attributes="href request/current_url" |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1451 i18n:translate="">clear this message</a> |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1452 </p> |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1453 |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1454 |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1455 If you implemented the "clear this message" in your 1.1.0 tracker, then you |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1456 should change it to the above and it will work much better! |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1457 |
|
503d4c10f1f8
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3554
diff
changeset
|
1458 |
|
3550
55bcd5673097
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
3549
diff
changeset
|
1459 Migrating from 1.0.x to 1.1.0 |
|
55bcd5673097
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
3549
diff
changeset
|
1460 ============================= |
|
3548
61d48244e7a8
login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents:
3518
diff
changeset
|
1461 |
|
3550
55bcd5673097
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
3549
diff
changeset
|
1462 1.1 Login "For Session Only" |
|
55bcd5673097
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
3549
diff
changeset
|
1463 ---------------------------- |
|
3548
61d48244e7a8
login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents:
3518
diff
changeset
|
1464 |
|
61d48244e7a8
login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents:
3518
diff
changeset
|
1465 In 1.1, web logins are alive for the length of a session only, *unless* you |
|
61d48244e7a8
login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents:
3518
diff
changeset
|
1466 add the following to the login form in your tracker's ``page.html``:: |
|
61d48244e7a8
login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents:
3518
diff
changeset
|
1467 |
|
61d48244e7a8
login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents:
3518
diff
changeset
|
1468 <input type="checkbox" name="remember" id="remember"> |
|
61d48244e7a8
login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents:
3518
diff
changeset
|
1469 <label for="remember" i18n:translate="">Remember me?</label><br> |
|
61d48244e7a8
login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents:
3518
diff
changeset
|
1470 |
|
61d48244e7a8
login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents:
3518
diff
changeset
|
1471 See the classic tracker ``page.html`` if you're unsure where this should |
|
61d48244e7a8
login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents:
3518
diff
changeset
|
1472 go. |
|
61d48244e7a8
login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents:
3518
diff
changeset
|
1473 |
|
61d48244e7a8
login may now be for a single session
Richard Jones <richard@users.sourceforge.net>
parents:
3518
diff
changeset
|
1474 |
|
3549
f6719836e521
allow dispname to be passed to renderWith [SF#1424587]
Richard Jones <richard@users.sourceforge.net>
parents:
3548
diff
changeset
|
1475 1.1 Query Display Name |
|
f6719836e521
allow dispname to be passed to renderWith [SF#1424587]
Richard Jones <richard@users.sourceforge.net>
parents:
3548
diff
changeset
|
1476 ---------------------- |
|
f6719836e521
allow dispname to be passed to renderWith [SF#1424587]
Richard Jones <richard@users.sourceforge.net>
parents:
3548
diff
changeset
|
1477 |
|
f6719836e521
allow dispname to be passed to renderWith [SF#1424587]
Richard Jones <richard@users.sourceforge.net>
parents:
3548
diff
changeset
|
1478 The ``dispname`` web variable has been renamed ``@dispname`` to avoid |
|
f6719836e521
allow dispname to be passed to renderWith [SF#1424587]
Richard Jones <richard@users.sourceforge.net>
parents:
3548
diff
changeset
|
1479 clashing with other variables of the same name. If you are using the |
|
f6719836e521
allow dispname to be passed to renderWith [SF#1424587]
Richard Jones <richard@users.sourceforge.net>
parents:
3548
diff
changeset
|
1480 display name feature, you will need to edit your tracker's ``page.html`` |
|
f6719836e521
allow dispname to be passed to renderWith [SF#1424587]
Richard Jones <richard@users.sourceforge.net>
parents:
3548
diff
changeset
|
1481 and ``issue.index.html`` pages to change ``dispname`` to ``@dispname``. |
|
f6719836e521
allow dispname to be passed to renderWith [SF#1424587]
Richard Jones <richard@users.sourceforge.net>
parents:
3548
diff
changeset
|
1482 |
|
f6719836e521
allow dispname to be passed to renderWith [SF#1424587]
Richard Jones <richard@users.sourceforge.net>
parents:
3548
diff
changeset
|
1483 A side-effect of this change is that the renderWith method used in the |
|
f6719836e521
allow dispname to be passed to renderWith [SF#1424587]
Richard Jones <richard@users.sourceforge.net>
parents:
3548
diff
changeset
|
1484 ``home.html`` page may now take a dispname argument. |
|
f6719836e521
allow dispname to be passed to renderWith [SF#1424587]
Richard Jones <richard@users.sourceforge.net>
parents:
3548
diff
changeset
|
1485 |
|
3554
5e70726a86dd
fixed schema migration problem when Class keys were removed
Richard Jones <richard@users.sourceforge.net>
parents:
3552
diff
changeset
|
1486 |
|
3552
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1487 1.1 "Clear this message" |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1488 ------------------------ |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1489 |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1490 In 1.1, the standard ``page.html`` template includes a "clear this message" |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1491 link in the green "ok" message bar that appears after a successful edit |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1492 (or other) action. |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1493 |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1494 To include this in your tracker, change the following in your ``page.html`` |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1495 template:: |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1496 |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1497 <p tal:condition="options/ok_message | nothing" class="ok-message" |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1498 tal:repeat="m options/ok_message" tal:content="structure m">error</p> |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1499 |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1500 to be:: |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1501 |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1502 <p tal:condition="options/ok_message | nothing" class="ok-message"> |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1503 <span tal:repeat="m options/ok_message" |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1504 tal:content="structure string:$m <br/ > " /> |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1505 <a class="form-small" tal:attributes="href string:issue${context/id}" |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1506 i18n:translate="">clear this message</a> |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1507 </p> |
|
4cf7f9b7cb37
include "clear this message" link in the "ok" message bar
Richard Jones <richard@users.sourceforge.net>
parents:
3550
diff
changeset
|
1508 |
|
3549
f6719836e521
allow dispname to be passed to renderWith [SF#1424587]
Richard Jones <richard@users.sourceforge.net>
parents:
3548
diff
changeset
|
1509 |
|
3518
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1510 Migrating from 0.8.x to 1.0 |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1511 =========================== |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1512 |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1513 1.0 New Query Permissions |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1514 ------------------------- |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1515 |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1516 New permissions are defined for query editing and viewing. To include these |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1517 in your tracker, you need to add these lines to your tracker's |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1518 ``schema.py``:: |
|
3419
4aeb0d0cf0d6
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3281
diff
changeset
|
1519 |
|
3518
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1520 # Users should be able to edit and view their own queries. They should also |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1521 # be able to view any marked as not private. They should not be able to |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1522 # edit others' queries, even if they're not private |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1523 def view_query(db, userid, itemid): |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1524 private_for = db.query.get(itemid, 'private_for') |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1525 if not private_for: return True |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1526 return userid == private_for |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1527 def edit_query(db, userid, itemid): |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1528 return userid == db.query.get(itemid, 'creator') |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1529 p = db.security.addPermission(name='View', klass='query', check=view_query, |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1530 description="User is allowed to view their own and public queries") |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1531 db.security.addPermissionToRole('User', p) |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1532 p = db.security.addPermission(name='Edit', klass='query', check=edit_query, |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1533 description="User is allowed to edit their queries") |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1534 db.security.addPermissionToRole('User', p) |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1535 p = db.security.addPermission(name='Create', klass='query', |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1536 description="User is allowed to create queries") |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1537 db.security.addPermissionToRole('User', p) |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1538 |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1539 and then remove 'query' from the line:: |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1540 |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1541 # Assign the access and edit Permissions for issue, file and message |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1542 # to regular users now |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1543 for cl in 'issue', 'file', 'msg', 'query', 'keyword': |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1544 |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1545 so it looks like:: |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1546 |
|
7fb8cfe3c737
enable editing of public queries [SF#966144]
Richard Jones <richard@users.sourceforge.net>
parents:
3419
diff
changeset
|
1547 for cl in 'issue', 'file', 'msg', 'keyword': |
|
3419
4aeb0d0cf0d6
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3281
diff
changeset
|
1548 |
|
4aeb0d0cf0d6
pre-release stuff
Richard Jones <richard@users.sourceforge.net>
parents:
3281
diff
changeset
|
1549 |
|
3253
34d034a4c0d9
merge from 0.8 plus docs
Richard Jones <richard@users.sourceforge.net>
parents:
3130
diff
changeset
|
1550 Migrating from 0.8.0 to 0.8.3 |
|
34d034a4c0d9
merge from 0.8 plus docs
Richard Jones <richard@users.sourceforge.net>
parents:
3130
diff
changeset
|
1551 ============================= |
|
34d034a4c0d9
merge from 0.8 plus docs
Richard Jones <richard@users.sourceforge.net>
parents:
3130
diff
changeset
|
1552 |
|
34d034a4c0d9
merge from 0.8 plus docs
Richard Jones <richard@users.sourceforge.net>
parents:
3130
diff
changeset
|
1553 0.8.3 Nosy Handling Changes |
|
34d034a4c0d9
merge from 0.8 plus docs
Richard Jones <richard@users.sourceforge.net>
parents:
3130
diff
changeset
|
1554 --------------------------- |
|
34d034a4c0d9
merge from 0.8 plus docs
Richard Jones <richard@users.sourceforge.net>
parents:
3130
diff
changeset
|
1555 |
|
34d034a4c0d9
merge from 0.8 plus docs
Richard Jones <richard@users.sourceforge.net>
parents:
3130
diff
changeset
|
1556 A change was made to fix a bug in the ``nosyreaction.py`` standard |
|
34d034a4c0d9
merge from 0.8 plus docs
Richard Jones <richard@users.sourceforge.net>
parents:
3130
diff
changeset
|
1557 detector. To incorporate this fix in your trackers, you will need to copy |
|
34d034a4c0d9
merge from 0.8 plus docs
Richard Jones <richard@users.sourceforge.net>
parents:
3130
diff
changeset
|
1558 the ``nosyreaction.py`` file from the ``templates/classic/detectors`` |
|
34d034a4c0d9
merge from 0.8 plus docs
Richard Jones <richard@users.sourceforge.net>
parents:
3130
diff
changeset
|
1559 directory of the source to your tracker's ``templates`` directory. |
|
34d034a4c0d9
merge from 0.8 plus docs
Richard Jones <richard@users.sourceforge.net>
parents:
3130
diff
changeset
|
1560 |
|
34d034a4c0d9
merge from 0.8 plus docs
Richard Jones <richard@users.sourceforge.net>
parents:
3130
diff
changeset
|
1561 If you have modified the ``nosyreaction.py`` file from the standard |
|
34d034a4c0d9
merge from 0.8 plus docs
Richard Jones <richard@users.sourceforge.net>
parents:
3130
diff
changeset
|
1562 version, you will need to roll your changes into the new file. |
|
34d034a4c0d9
merge from 0.8 plus docs
Richard Jones <richard@users.sourceforge.net>
parents:
3130
diff
changeset
|
1563 |
|
34d034a4c0d9
merge from 0.8 plus docs
Richard Jones <richard@users.sourceforge.net>
parents:
3130
diff
changeset
|
1564 |
|
2282
c0e86056739f
local character set support
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2273
diff
changeset
|
1565 Migrating from 0.7.1 to 0.8.0 |
|
c0e86056739f
local character set support
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2273
diff
changeset
|
1566 ============================= |
|
c0e86056739f
local character set support
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2273
diff
changeset
|
1567 |
|
2954
15620de288b1
0.8 requires clean uninstall of previous version [SF#1071402]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2915
diff
changeset
|
1568 You *must* fully uninstall previous Roundup version before installing |
|
15620de288b1
0.8 requires clean uninstall of previous version [SF#1071402]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2915
diff
changeset
|
1569 Roundup 0.8.0. If you don't do that, ``roundup-admin install`` |
|
15620de288b1
0.8 requires clean uninstall of previous version [SF#1071402]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2915
diff
changeset
|
1570 command may fail to function properly. |
|
15620de288b1
0.8 requires clean uninstall of previous version [SF#1071402]
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2915
diff
changeset
|
1571 |
|
2819
24a5447725a2
note dropped bsddb and bsddb3;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2737
diff
changeset
|
1572 0.8.0 Backend changes |
|
24a5447725a2
note dropped bsddb and bsddb3;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2737
diff
changeset
|
1573 --------------------- |
|
24a5447725a2
note dropped bsddb and bsddb3;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2737
diff
changeset
|
1574 |
|
24a5447725a2
note dropped bsddb and bsddb3;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2737
diff
changeset
|
1575 Backends 'bsddb' and 'bsddb3' are removed. If you are using one of these, |
|
2886
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1576 you *must* migrate to another backend before upgrading. |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1577 |
|
2819
24a5447725a2
note dropped bsddb and bsddb3;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2737
diff
changeset
|
1578 |
|
2737
37e2b70105f7
removed safeget() from the API [SF#994750]
Richard Jones <richard@users.sourceforge.net>
parents:
2700
diff
changeset
|
1579 0.8.0 API changes |
|
37e2b70105f7
removed safeget() from the API [SF#994750]
Richard Jones <richard@users.sourceforge.net>
parents:
2700
diff
changeset
|
1580 ----------------- |
|
37e2b70105f7
removed safeget() from the API [SF#994750]
Richard Jones <richard@users.sourceforge.net>
parents:
2700
diff
changeset
|
1581 |
|
37e2b70105f7
removed safeget() from the API [SF#994750]
Richard Jones <richard@users.sourceforge.net>
parents:
2700
diff
changeset
|
1582 Class.safeget() was removed from the API. Test your item ids before calling |
|
37e2b70105f7
removed safeget() from the API [SF#994750]
Richard Jones <richard@users.sourceforge.net>
parents:
2700
diff
changeset
|
1583 Class.get() instead. |
|
37e2b70105f7
removed safeget() from the API [SF#994750]
Richard Jones <richard@users.sourceforge.net>
parents:
2700
diff
changeset
|
1584 |
|
37e2b70105f7
removed safeget() from the API [SF#994750]
Richard Jones <richard@users.sourceforge.net>
parents:
2700
diff
changeset
|
1585 |
| 2907 | 1586 0.8.0 New tracker layout |
| 2700 | 1587 ------------------------ |
| 1588 | |
|
2889
accb3b411ef6
instructions and method for generating config.ini
Richard Jones <richard@users.sourceforge.net>
parents:
2886
diff
changeset
|
1589 The ``config.py`` file has been replaced by ``config.ini``. You may use the |
|
accb3b411ef6
instructions and method for generating config.ini
Richard Jones <richard@users.sourceforge.net>
parents:
2886
diff
changeset
|
1590 roundup-admin command "genconfig" to generate a new config file:: |
|
2886
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1591 |
|
2889
accb3b411ef6
instructions and method for generating config.ini
Richard Jones <richard@users.sourceforge.net>
parents:
2886
diff
changeset
|
1592 roundup-admin genconfig <tracker home>/config.ini |
|
2886
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1593 |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1594 and modify the values therein based on the contents of your old config.py. |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1595 In most cases, the names of the config variables are the same. |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1596 |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1597 The ``select_db.py`` file has been replaced by a file in the ``db`` |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1598 directory called ``backend_name``. As you might guess, this file contains |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1599 just the name of the backend. To figure what the contents of yours should |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1600 be, use the following table: |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1601 |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1602 ================================ ========================= |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1603 ``select_db.py`` contents ``backend_name`` contents |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1604 ================================ ========================= |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1605 from back_anydbm import ... anydbm |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1606 from back_metakit import ... metakit |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1607 from back_sqlite import ... sqlite |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1608 from back_mysql import ... mysql |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1609 from back_postgresql import ... postgresql |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1610 ================================ ========================= |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1611 |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1612 The ``dbinit.py`` file has been split into two new files, |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1613 ``initial_data.py`` and ``schema.py``. The contents of this file are: |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1614 |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1615 ``initial_data.py`` |
|
3130
7308c3c5a943
docs editing from Jean Jordaan
Richard Jones <richard@users.sourceforge.net>
parents:
2954
diff
changeset
|
1616 You don't need one of these as your tracker is already initialised. |
|
2886
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1617 |
|
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1618 ``schema.py`` |
|
3130
7308c3c5a943
docs editing from Jean Jordaan
Richard Jones <richard@users.sourceforge.net>
parents:
2954
diff
changeset
|
1619 Copy the body of the ``def open(name=None)`` function from your old |
|
7308c3c5a943
docs editing from Jean Jordaan
Richard Jones <richard@users.sourceforge.net>
parents:
2954
diff
changeset
|
1620 tracker's ``dbinit.py`` file to this file. As the lines you're copying |
|
7308c3c5a943
docs editing from Jean Jordaan
Richard Jones <richard@users.sourceforge.net>
parents:
2954
diff
changeset
|
1621 aren't part of a function definition anymore, one level of indentation |
|
7308c3c5a943
docs editing from Jean Jordaan
Richard Jones <richard@users.sourceforge.net>
parents:
2954
diff
changeset
|
1622 needs to be removed (remove only the leading four spaces on each |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
1623 line). |
|
2886
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1624 |
|
3130
7308c3c5a943
docs editing from Jean Jordaan
Richard Jones <richard@users.sourceforge.net>
parents:
2954
diff
changeset
|
1625 The first few lines -- those starting with ``from roundup.hyperdb |
|
7308c3c5a943
docs editing from Jean Jordaan
Richard Jones <richard@users.sourceforge.net>
parents:
2954
diff
changeset
|
1626 import ...`` and the ``db = Database(config, name)`` line -- don't |
|
7308c3c5a943
docs editing from Jean Jordaan
Richard Jones <richard@users.sourceforge.net>
parents:
2954
diff
changeset
|
1627 need to be copied. Neither do the last few lines -- those starting |
|
7308c3c5a943
docs editing from Jean Jordaan
Richard Jones <richard@users.sourceforge.net>
parents:
2954
diff
changeset
|
1628 with ``import detectors``, down to ``return db`` inclusive. |
|
2886
0998d1b48182
documentation updates
Richard Jones <richard@users.sourceforge.net>
parents:
2819
diff
changeset
|
1629 |
|
3281
751601e710d8
minor doc change
Richard Jones <richard@users.sourceforge.net>
parents:
3253
diff
changeset
|
1630 You may remove the ``__init__.py`` module from the "detectors" directory as |
|
751601e710d8
minor doc change
Richard Jones <richard@users.sourceforge.net>
parents:
3253
diff
changeset
|
1631 it is no longer used. |
|
751601e710d8
minor doc change
Richard Jones <richard@users.sourceforge.net>
parents:
3253
diff
changeset
|
1632 |
| 3738 | 1633 There's a new way to write extension code for Roundup. If you have code in |
| 1634 an ``interfaces.py`` file you should move it. See the `customisation | |
| 2915 | 1635 documentation`_ for information about how extensions are now written. |
| 3738 | 1636 Note that some older trackers may use ``interfaces.py`` to customise the |
| 1637 mail gateway behaviour. You will need to keep your ``interfaces.py`` file | |
| 1638 if this is the case. | |
| 2700 | 1639 |
| 2907 | 1640 |
| 1641 0.8.0 Permissions Changes | |
| 1642 ------------------------- | |
|
2282
c0e86056739f
local character set support
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2273
diff
changeset
|
1643 |
| 2907 | 1644 The creation of a new item in the user interfaces is now controlled by the |
| 1645 "Create" Permission. You will need to add an assignment of this Permission | |
| 1646 to your users who are allowed to create items. The most common form of this | |
| 1647 is the following in your ``schema.py`` added just under the current | |
| 1648 assignation of the Edit Permission:: | |
|
2282
c0e86056739f
local character set support
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2273
diff
changeset
|
1649 |
| 2907 | 1650 for cl in 'issue', 'file', 'msg', 'query', 'keyword': |
| 1651 p = db.security.getPermission('Create', cl) | |
| 1652 db.security.addPermissionToRole('User', p) | |
| 1653 | |
| 1654 You will need to explicitly let anonymous users access the web interface so | |
| 1655 that regular users are able to see the login form. Note that almost all | |
| 1656 trackers will need this Permission. The only situation where it's not | |
| 1657 required is in a tracker that uses an HTTP Basic Authenticated front-end. | |
| 1658 It's enabled by adding to your ``schema.py``:: | |
| 1659 | |
| 1660 p = db.security.getPermission('Web Access') | |
| 1661 db.security.addPermissionToRole('Anonymous', p) | |
| 1662 | |
| 1663 Finally, you will need to enable permission for your users to edit their | |
| 1664 own details by adding the following to ``schema.py``:: | |
|
2282
c0e86056739f
local character set support
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2273
diff
changeset
|
1665 |
| 2907 | 1666 # Users should be able to edit their own details. Note that this |
| 1667 # permission is limited to only the situation where the Viewed or | |
| 1668 # Edited item is their own. | |
| 1669 def own_record(db, userid, itemid): | |
| 1670 '''Determine whether the userid matches the item being accessed.''' | |
| 1671 return userid == itemid | |
| 1672 p = db.security.addPermission(name='View', klass='user', check=own_record, | |
| 1673 description="User is allowed to view their own user details") | |
| 1674 p = db.security.addPermission(name='Edit', klass='user', check=own_record, | |
| 1675 description="User is allowed to edit their own user details") | |
| 1676 db.security.addPermissionToRole('User', p) | |
| 1677 | |
| 1678 | |
| 1679 0.8.0 Use of TemplatingUtils | |
| 1680 ---------------------------- | |
| 1681 | |
| 2910 | 1682 If you used custom python functions in TemplatingUtils, they must |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
1683 be moved from interfaces.py to a new file in the ``extensions`` directory. |
| 2910 | 1684 |
| 2907 | 1685 Each Function that should be available through TAL needs to be defined |
| 1686 as a toplevel function in the newly created file. Furthermore you | |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
1687 add an inititialization function, that registers the functions with the |
| 2907 | 1688 tracker. |
|
2282
c0e86056739f
local character set support
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2273
diff
changeset
|
1689 |
| 2907 | 1690 If you find this too tedious, donfu wrote an automatic init function that |
| 1691 takes an existing TemplatingUtils class, and registers all class methods | |
| 1692 that do not start with an underscore. The following hack should be placed | |
| 1693 in the ``extensions`` directory alongside other extensions:: | |
|
2282
c0e86056739f
local character set support
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2273
diff
changeset
|
1694 |
| 2907 | 1695 class TemplatingUtils: |
| 1696 # copy from interfaces.py | |
| 1697 | |
| 1698 def init(tracker): | |
| 1699 util = TemplatingUtils() | |
|
2819
24a5447725a2
note dropped bsddb and bsddb3;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2737
diff
changeset
|
1700 |
| 2907 | 1701 def setClient(tu): |
| 1702 util.client = tu.client | |
| 1703 return util | |
|
2819
24a5447725a2
note dropped bsddb and bsddb3;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2737
diff
changeset
|
1704 |
| 2907 | 1705 def execUtil(name): |
| 1706 return lambda tu, *args, **kwargs: \ | |
| 1707 getattr(setClient(tu), name)(*args, **kwargs) | |
| 1708 | |
| 1709 for name in dir(util): | |
| 1710 if callable(getattr(util, name)) and not name.startswith('_'): | |
| 1711 tracker.registerUtil(name, execUtil(name)) | |
| 1712 | |
|
2282
c0e86056739f
local character set support
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2273
diff
changeset
|
1713 |
|
2572
d15b71b8a85a
more logging goodness
Richard Jones <richard@users.sourceforge.net>
parents:
2409
diff
changeset
|
1714 0.8.0 Logging Configuration |
|
d15b71b8a85a
more logging goodness
Richard Jones <richard@users.sourceforge.net>
parents:
2409
diff
changeset
|
1715 --------------------------- |
|
d15b71b8a85a
more logging goodness
Richard Jones <richard@users.sourceforge.net>
parents:
2409
diff
changeset
|
1716 |
|
2573
71e03be0a25b
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
2572
diff
changeset
|
1717 See the `administration guide`_ for information about configuring the new |
|
71e03be0a25b
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
2572
diff
changeset
|
1718 logging implemented in 0.8.0. |
|
71e03be0a25b
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
2572
diff
changeset
|
1719 |
|
2374
31cb1014300c
Switch to using sqlite's own locking mechanisms...
Richard Jones <richard@users.sourceforge.net>
parents:
2293
diff
changeset
|
1720 |
|
31cb1014300c
Switch to using sqlite's own locking mechanisms...
Richard Jones <richard@users.sourceforge.net>
parents:
2293
diff
changeset
|
1721 Migrating from 0.7.2 to 0.7.3 |
|
31cb1014300c
Switch to using sqlite's own locking mechanisms...
Richard Jones <richard@users.sourceforge.net>
parents:
2293
diff
changeset
|
1722 ============================= |
|
31cb1014300c
Switch to using sqlite's own locking mechanisms...
Richard Jones <richard@users.sourceforge.net>
parents:
2293
diff
changeset
|
1723 |
|
31cb1014300c
Switch to using sqlite's own locking mechanisms...
Richard Jones <richard@users.sourceforge.net>
parents:
2293
diff
changeset
|
1724 0.7.3 Configuration |
|
31cb1014300c
Switch to using sqlite's own locking mechanisms...
Richard Jones <richard@users.sourceforge.net>
parents:
2293
diff
changeset
|
1725 ------------------- |
|
31cb1014300c
Switch to using sqlite's own locking mechanisms...
Richard Jones <richard@users.sourceforge.net>
parents:
2293
diff
changeset
|
1726 |
|
31cb1014300c
Switch to using sqlite's own locking mechanisms...
Richard Jones <richard@users.sourceforge.net>
parents:
2293
diff
changeset
|
1727 If you choose, you may specify the directory from which static files are |
|
31cb1014300c
Switch to using sqlite's own locking mechanisms...
Richard Jones <richard@users.sourceforge.net>
parents:
2293
diff
changeset
|
1728 served (those which use the URL component ``@@file``). Currently the |
|
31cb1014300c
Switch to using sqlite's own locking mechanisms...
Richard Jones <richard@users.sourceforge.net>
parents:
2293
diff
changeset
|
1729 directory defaults to the ``TEMPLATES`` configuration variable. You may |
|
31cb1014300c
Switch to using sqlite's own locking mechanisms...
Richard Jones <richard@users.sourceforge.net>
parents:
2293
diff
changeset
|
1730 define a new variable, ``STATIC_FILES`` which overrides this value for |
|
31cb1014300c
Switch to using sqlite's own locking mechanisms...
Richard Jones <richard@users.sourceforge.net>
parents:
2293
diff
changeset
|
1731 static files. |
|
31cb1014300c
Switch to using sqlite's own locking mechanisms...
Richard Jones <richard@users.sourceforge.net>
parents:
2293
diff
changeset
|
1732 |
|
31cb1014300c
Switch to using sqlite's own locking mechanisms...
Richard Jones <richard@users.sourceforge.net>
parents:
2293
diff
changeset
|
1733 |
|
2293
51b34469b7aa
mention DEFAULT_TIMEZONE requirement in upgrading doc [SF#952932]
Richard Jones <richard@users.sourceforge.net>
parents:
2282
diff
changeset
|
1734 Migrating from 0.7.0 to 0.7.2 |
|
51b34469b7aa
mention DEFAULT_TIMEZONE requirement in upgrading doc [SF#952932]
Richard Jones <richard@users.sourceforge.net>
parents:
2282
diff
changeset
|
1735 ============================= |
|
51b34469b7aa
mention DEFAULT_TIMEZONE requirement in upgrading doc [SF#952932]
Richard Jones <richard@users.sourceforge.net>
parents:
2282
diff
changeset
|
1736 |
|
51b34469b7aa
mention DEFAULT_TIMEZONE requirement in upgrading doc [SF#952932]
Richard Jones <richard@users.sourceforge.net>
parents:
2282
diff
changeset
|
1737 0.7.2 DEFAULT_TIMEZONE is now required |
|
51b34469b7aa
mention DEFAULT_TIMEZONE requirement in upgrading doc [SF#952932]
Richard Jones <richard@users.sourceforge.net>
parents:
2282
diff
changeset
|
1738 -------------------------------------- |
|
51b34469b7aa
mention DEFAULT_TIMEZONE requirement in upgrading doc [SF#952932]
Richard Jones <richard@users.sourceforge.net>
parents:
2282
diff
changeset
|
1739 |
|
51b34469b7aa
mention DEFAULT_TIMEZONE requirement in upgrading doc [SF#952932]
Richard Jones <richard@users.sourceforge.net>
parents:
2282
diff
changeset
|
1740 The DEFAULT_TIMEZONE configuration variable is now required. Add the |
|
51b34469b7aa
mention DEFAULT_TIMEZONE requirement in upgrading doc [SF#952932]
Richard Jones <richard@users.sourceforge.net>
parents:
2282
diff
changeset
|
1741 following to your tracker's ``config.py`` file:: |
|
51b34469b7aa
mention DEFAULT_TIMEZONE requirement in upgrading doc [SF#952932]
Richard Jones <richard@users.sourceforge.net>
parents:
2282
diff
changeset
|
1742 |
|
51b34469b7aa
mention DEFAULT_TIMEZONE requirement in upgrading doc [SF#952932]
Richard Jones <richard@users.sourceforge.net>
parents:
2282
diff
changeset
|
1743 # You may specify a different default timezone, for use when users do not |
|
51b34469b7aa
mention DEFAULT_TIMEZONE requirement in upgrading doc [SF#952932]
Richard Jones <richard@users.sourceforge.net>
parents:
2282
diff
changeset
|
1744 # choose their own in their settings. |
|
51b34469b7aa
mention DEFAULT_TIMEZONE requirement in upgrading doc [SF#952932]
Richard Jones <richard@users.sourceforge.net>
parents:
2282
diff
changeset
|
1745 DEFAULT_TIMEZONE = 0 # specify as numeric hour offest |
|
51b34469b7aa
mention DEFAULT_TIMEZONE requirement in upgrading doc [SF#952932]
Richard Jones <richard@users.sourceforge.net>
parents:
2282
diff
changeset
|
1746 |
|
51b34469b7aa
mention DEFAULT_TIMEZONE requirement in upgrading doc [SF#952932]
Richard Jones <richard@users.sourceforge.net>
parents:
2282
diff
changeset
|
1747 |
|
2273
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1748 Migrating from 0.7.0 to 0.7.1 |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1749 ============================= |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1750 |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1751 0.7.1 Permission assignments |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1752 ---------------------------- |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1753 |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1754 If you allow anonymous access to your tracker, you might need to assign |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1755 some additional View (or Edit if your tracker is that open) permissions |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1756 to the "anonymous" user. To do so, find the code in your ``dbinit.py`` that |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1757 says:: |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1758 |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1759 for cl in 'issue', 'file', 'msg', 'query', 'keyword': |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1760 p = db.security.getPermission('View', cl) |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1761 db.security.addPermissionToRole('User', p) |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1762 p = db.security.getPermission('Edit', cl) |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1763 db.security.addPermissionToRole('User', p) |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1764 for cl in 'priority', 'status': |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1765 p = db.security.getPermission('View', cl) |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1766 db.security.addPermissionToRole('User', p) |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1767 |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1768 Add add a line:: |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1769 |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1770 db.security.addPermissionToRole('Anonymous', p) |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1771 |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1772 next to the existing ``'User'`` lines for the Permissions you wish to |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1773 assign to the anonymous user. |
|
c77483d2cda4
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2263
diff
changeset
|
1774 |
|
2119
cc4667ef3f12
Added the ability to toggle where error messages go.
Eddie Parker <eparker@users.sourceforge.net>
parents:
2114
diff
changeset
|
1775 |
|
2136
ee3cf6a44f29
queries on a per-user basis, and public queries [SF#891798] :)
Richard Jones <richard@users.sourceforge.net>
parents:
2121
diff
changeset
|
1776 Migrating from 0.6 to 0.7 |
|
2119
cc4667ef3f12
Added the ability to toggle where error messages go.
Eddie Parker <eparker@users.sourceforge.net>
parents:
2114
diff
changeset
|
1777 ========================= |
|
cc4667ef3f12
Added the ability to toggle where error messages go.
Eddie Parker <eparker@users.sourceforge.net>
parents:
2114
diff
changeset
|
1778 |
|
2076
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1779 0.7.0 Permission assignments |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1780 ---------------------------- |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1781 |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1782 Due to a change in the rendering of web widgets, permissions are now |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1783 checked on Classes where they previously weren't (this is a good thing). |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1784 |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1785 You will need to add some additional Permission assignments for your |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
1786 regular users, or some displays will break. After the following in your |
|
2076
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1787 tracker's ``dbinit.py``:: |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1788 |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1789 # Assign the access and edit Permissions for issue, file and message |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1790 # to regular users now |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1791 for cl in 'issue', 'file', 'msg', 'query', 'keyword': |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1792 p = db.security.getPermission('View', cl) |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1793 db.security.addPermissionToRole('User', p) |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1794 p = db.security.getPermission('Edit', cl) |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1795 db.security.addPermissionToRole('User', p) |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1796 |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1797 add:: |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1798 |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1799 for cl in 'priority', 'status': |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1800 p = db.security.getPermission('View', cl) |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1801 db.security.addPermissionToRole('User', p) |
|
2a4309450202
security fixes and doc updates
Richard Jones <richard@users.sourceforge.net>
parents:
2059
diff
changeset
|
1802 |
|
2102
666402433998
Fix some tests.
Richard Jones <richard@users.sourceforge.net>
parents:
2077
diff
changeset
|
1803 |
|
1800
a3b1b1dcf639
Use getuid(), not figure_curuserid()
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1769
diff
changeset
|
1804 0.7.0 Getting the current user id |
|
a3b1b1dcf639
Use getuid(), not figure_curuserid()
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1769
diff
changeset
|
1805 --------------------------------- |
|
a3b1b1dcf639
Use getuid(), not figure_curuserid()
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1769
diff
changeset
|
1806 |
|
2263
d22a40dd33af
mmm... grammar
Richard Jones <richard@users.sourceforge.net>
parents:
2223
diff
changeset
|
1807 The Database.curuserid attribute has been removed. |
|
d22a40dd33af
mmm... grammar
Richard Jones <richard@users.sourceforge.net>
parents:
2223
diff
changeset
|
1808 |
|
d22a40dd33af
mmm... grammar
Richard Jones <richard@users.sourceforge.net>
parents:
2223
diff
changeset
|
1809 Any code referencing this attribute should be replaced with a |
|
d22a40dd33af
mmm... grammar
Richard Jones <richard@users.sourceforge.net>
parents:
2223
diff
changeset
|
1810 call to Database.getuid(). |
|
1800
a3b1b1dcf639
Use getuid(), not figure_curuserid()
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1769
diff
changeset
|
1811 |
|
1813
6c2cff78d6a0
added note about hidden :template var in user.item ([SF#799842])
Richard Jones <richard@users.sourceforge.net>
parents:
1800
diff
changeset
|
1812 |
|
1911
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1813 0.7.0 ZRoundup changes |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1814 ---------------------- |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1815 |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1816 The templates in your tracker's html directory will need updating if you |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1817 wish to use ZRoundup. If you've not modified those files (or some of them), |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1818 you may just copy the new versions from the Roundup source in the |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1819 templates/classic/html directory. |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1820 |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1821 If you have modified the html files, then you'll need to manually edit them |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1822 to change all occurances of special form variables from using the colon ":" |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1823 special character to the at "@" special character. That is, variables such |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1824 as:: |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1825 |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1826 :action :required :template :remove:messages ... |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1827 |
|
2223
9b447ac40be3
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
2138
diff
changeset
|
1828 should become:: |
|
1911
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1829 |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1830 @action @required @template @remove@messages ... |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1831 |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1832 Note that ``tal:`` statements are unaffected. So are TAL expression type |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1833 prefixes such as ``python:`` and ``string:``. Please ask on the |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1834 roundup-users mailing list for help if you're unsure. |
|
f5c804379c85
fixed ZRoundup - mostly changes to classic template
Richard Jones <richard@users.sourceforge.net>
parents:
1882
diff
changeset
|
1835 |
|
1882
15cfde2c3db8
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
1850
diff
changeset
|
1836 |
|
2913
398a93f386b8
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2910
diff
changeset
|
1837 0.7.0 Edit collision detection |
|
398a93f386b8
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2910
diff
changeset
|
1838 ------------------------------ |
|
398a93f386b8
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2910
diff
changeset
|
1839 |
|
398a93f386b8
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2910
diff
changeset
|
1840 Roundup now detects collisions with editing in the web interface (that is, |
|
398a93f386b8
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2910
diff
changeset
|
1841 two people editing the same item at the same time). |
|
398a93f386b8
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2910
diff
changeset
|
1842 |
|
398a93f386b8
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2910
diff
changeset
|
1843 You must copy the ``_generic.collision.html`` file from Roundup source in |
|
398a93f386b8
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2910
diff
changeset
|
1844 the ``templates/classic/html`` directory. to your tracker's ``html`` |
|
398a93f386b8
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2910
diff
changeset
|
1845 directory. |
|
398a93f386b8
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2910
diff
changeset
|
1846 |
|
398a93f386b8
merge from maint-0-7
Richard Jones <richard@users.sourceforge.net>
parents:
2910
diff
changeset
|
1847 |
|
1835
461d8aa81376
merge from maint branch
Richard Jones <richard@users.sourceforge.net>
parents:
1813
diff
changeset
|
1848 Migrating from 0.6.x to 0.6.3 |
|
461d8aa81376
merge from maint branch
Richard Jones <richard@users.sourceforge.net>
parents:
1813
diff
changeset
|
1849 ============================= |
|
461d8aa81376
merge from maint branch
Richard Jones <richard@users.sourceforge.net>
parents:
1813
diff
changeset
|
1850 |
|
461d8aa81376
merge from maint branch
Richard Jones <richard@users.sourceforge.net>
parents:
1813
diff
changeset
|
1851 0.6.3 Configuration |
|
461d8aa81376
merge from maint branch
Richard Jones <richard@users.sourceforge.net>
parents:
1813
diff
changeset
|
1852 ------------------- |
|
461d8aa81376
merge from maint branch
Richard Jones <richard@users.sourceforge.net>
parents:
1813
diff
changeset
|
1853 |
|
461d8aa81376
merge from maint branch
Richard Jones <richard@users.sourceforge.net>
parents:
1813
diff
changeset
|
1854 You will need to copy the file:: |
|
461d8aa81376
merge from maint branch
Richard Jones <richard@users.sourceforge.net>
parents:
1813
diff
changeset
|
1855 |
|
461d8aa81376
merge from maint branch
Richard Jones <richard@users.sourceforge.net>
parents:
1813
diff
changeset
|
1856 templates/classic/detectors/__init__.py |
|
461d8aa81376
merge from maint branch
Richard Jones <richard@users.sourceforge.net>
parents:
1813
diff
changeset
|
1857 |
|
461d8aa81376
merge from maint branch
Richard Jones <richard@users.sourceforge.net>
parents:
1813
diff
changeset
|
1858 to your tracker's ``detectors`` directory, replacing the one already there. |
|
461d8aa81376
merge from maint branch
Richard Jones <richard@users.sourceforge.net>
parents:
1813
diff
changeset
|
1859 This fixes a couple of bugs in that file. |
|
461d8aa81376
merge from maint branch
Richard Jones <richard@users.sourceforge.net>
parents:
1813
diff
changeset
|
1860 |
|
461d8aa81376
merge from maint branch
Richard Jones <richard@users.sourceforge.net>
parents:
1813
diff
changeset
|
1861 |
|
461d8aa81376
merge from maint branch
Richard Jones <richard@users.sourceforge.net>
parents:
1813
diff
changeset
|
1862 |
|
1363
f41360211819
oops, forgot upgrade note
Richard Jones <richard@users.sourceforge.net>
parents:
1308
diff
changeset
|
1863 Migrating from 0.5 to 0.6 |
|
f41360211819
oops, forgot upgrade note
Richard Jones <richard@users.sourceforge.net>
parents:
1308
diff
changeset
|
1864 ========================= |
|
f41360211819
oops, forgot upgrade note
Richard Jones <richard@users.sourceforge.net>
parents:
1308
diff
changeset
|
1865 |
|
1813
6c2cff78d6a0
added note about hidden :template var in user.item ([SF#799842])
Richard Jones <richard@users.sourceforge.net>
parents:
1800
diff
changeset
|
1866 |
|
1388
cd28e3b5db2e
small cleanup, more info on config changes
Richard Jones <richard@users.sourceforge.net>
parents:
1386
diff
changeset
|
1867 0.6.0 Configuration |
|
cd28e3b5db2e
small cleanup, more info on config changes
Richard Jones <richard@users.sourceforge.net>
parents:
1386
diff
changeset
|
1868 ------------------- |
|
cd28e3b5db2e
small cleanup, more info on config changes
Richard Jones <richard@users.sourceforge.net>
parents:
1386
diff
changeset
|
1869 |
| 1638 | 1870 Introduced EMAIL_FROM_TAG config variable. This value is inserted into |
| 1871 the From: line of nosy email. If the sending user is "Foo Bar", the | |
| 1872 From: line is usually:: | |
|
1388
cd28e3b5db2e
small cleanup, more info on config changes
Richard Jones <richard@users.sourceforge.net>
parents:
1386
diff
changeset
|
1873 |
|
cd28e3b5db2e
small cleanup, more info on config changes
Richard Jones <richard@users.sourceforge.net>
parents:
1386
diff
changeset
|
1874 "Foo Bar" <issue_tracker@tracker.example> |
|
cd28e3b5db2e
small cleanup, more info on config changes
Richard Jones <richard@users.sourceforge.net>
parents:
1386
diff
changeset
|
1875 |
| 1638 | 1876 the EMAIL_FROM_TAG goes inside the "Foo Bar" quotes like so:: |
|
1388
cd28e3b5db2e
small cleanup, more info on config changes
Richard Jones <richard@users.sourceforge.net>
parents:
1386
diff
changeset
|
1877 |
|
cd28e3b5db2e
small cleanup, more info on config changes
Richard Jones <richard@users.sourceforge.net>
parents:
1386
diff
changeset
|
1878 "Foo Bar EMAIL_FROM_TAG" <issue_tracker@tracker.example> |
|
cd28e3b5db2e
small cleanup, more info on config changes
Richard Jones <richard@users.sourceforge.net>
parents:
1386
diff
changeset
|
1879 |
|
1455
436eb851045a
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
1439
diff
changeset
|
1880 I've altered the mechanism in the detectors __init__.py module so that it |
|
436eb851045a
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
1439
diff
changeset
|
1881 doesn't cross-import detectors from other trackers (if you run more than one |
|
436eb851045a
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
1439
diff
changeset
|
1882 in a single roundup-server). This change means that you'll need to copy the |
|
436eb851045a
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
1439
diff
changeset
|
1883 __init__.py from roundup/templates/classic/detectors/__init__.py to your |
|
436eb851045a
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
1439
diff
changeset
|
1884 <tracker home>/detectors/__init__.py. Don't worry, the "classic" __init__ is a |
|
436eb851045a
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
1439
diff
changeset
|
1885 one-size-fits-all, so it'll work even if you've added/removed detectors. |
|
436eb851045a
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
1439
diff
changeset
|
1886 |
|
1813
6c2cff78d6a0
added note about hidden :template var in user.item ([SF#799842])
Richard Jones <richard@users.sourceforge.net>
parents:
1800
diff
changeset
|
1887 0.6.0 Templating changes |
|
6c2cff78d6a0
added note about hidden :template var in user.item ([SF#799842])
Richard Jones <richard@users.sourceforge.net>
parents:
1800
diff
changeset
|
1888 ------------------------ |
|
6c2cff78d6a0
added note about hidden :template var in user.item ([SF#799842])
Richard Jones <richard@users.sourceforge.net>
parents:
1800
diff
changeset
|
1889 |
|
6c2cff78d6a0
added note about hidden :template var in user.item ([SF#799842])
Richard Jones <richard@users.sourceforge.net>
parents:
1800
diff
changeset
|
1890 The ``user.item`` template (in the tracker home "templates" directory) |
|
6c2cff78d6a0
added note about hidden :template var in user.item ([SF#799842])
Richard Jones <richard@users.sourceforge.net>
parents:
1800
diff
changeset
|
1891 needs to have the following hidden variable added to its form (between the |
|
6c2cff78d6a0
added note about hidden :template var in user.item ([SF#799842])
Richard Jones <richard@users.sourceforge.net>
parents:
1800
diff
changeset
|
1892 ``<form...>`` and ``</form>`` tags:: |
|
6c2cff78d6a0
added note about hidden :template var in user.item ([SF#799842])
Richard Jones <richard@users.sourceforge.net>
parents:
1800
diff
changeset
|
1893 |
|
6c2cff78d6a0
added note about hidden :template var in user.item ([SF#799842])
Richard Jones <richard@users.sourceforge.net>
parents:
1800
diff
changeset
|
1894 <input type="hidden" name=":template" value="item"> |
|
6c2cff78d6a0
added note about hidden :template var in user.item ([SF#799842])
Richard Jones <richard@users.sourceforge.net>
parents:
1800
diff
changeset
|
1895 |
|
1455
436eb851045a
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
1439
diff
changeset
|
1896 |
| 1423 | 1897 0.6.0 Form handling changes |
| 1898 --------------------------- | |
| 1899 | |
| 1638 | 1900 Roundup's form handling capabilities have been significantly expanded. This |
| 1901 should not affect users of 0.5 installations - but if you find you're | |
| 1902 getting errors from form submissions, please ask for help on the Roundup | |
| 1903 users mailing list: | |
| 1423 | 1904 |
|
5756
e48b039b0ec0
issue2550966: fix suboptimal links in docs.
John Rouillard <rouilj@ieee.org>
parents:
5752
diff
changeset
|
1905 https://sourceforge.net/projects/roundup/lists/roundup-users |
| 1638 | 1906 |
|
1741
3d4ad125662b
Added a little text about the new search page structure.?b
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1638
diff
changeset
|
1907 See the customisation doc section on `Form Values`__ for documentation of the |
| 1638 | 1908 new form variables possible. |
|
1439
0634f815b90c
rfc2822-ify the tracker name in mail headers
Richard Jones <richard@users.sourceforge.net>
parents:
1423
diff
changeset
|
1909 |
|
1741
3d4ad125662b
Added a little text about the new search page structure.?b
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1638
diff
changeset
|
1910 __ customizing.html#form-values |
|
3d4ad125662b
Added a little text about the new search page structure.?b
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1638
diff
changeset
|
1911 |
| 1423 | 1912 |
|
1388
cd28e3b5db2e
small cleanup, more info on config changes
Richard Jones <richard@users.sourceforge.net>
parents:
1386
diff
changeset
|
1913 0.6.0 Multilingual character set support |
|
cd28e3b5db2e
small cleanup, more info on config changes
Richard Jones <richard@users.sourceforge.net>
parents:
1386
diff
changeset
|
1914 ---------------------------------------- |
|
1363
f41360211819
oops, forgot upgrade note
Richard Jones <richard@users.sourceforge.net>
parents:
1308
diff
changeset
|
1915 |
| 1638 | 1916 Added internationalization support. This is done via encoding all data |
| 1917 stored in roundup database to utf-8 (unicode encoding). To support utf-8 in | |
| 1918 web interface you should add the folowing line to your tracker's html/page | |
| 1919 and html/_generic.help files inside <head> tag:: | |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
1920 |
|
1386
7ca01821df2c
notes about upgrading to unicode
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1381
diff
changeset
|
1921 <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> |
|
7ca01821df2c
notes about upgrading to unicode
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1381
diff
changeset
|
1922 |
| 1638 | 1923 Since latin characters in utf-8 have the same codes as in ASCII table, this |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
1924 modification is optional for users who use only plain latin characters. |
|
1386
7ca01821df2c
notes about upgrading to unicode
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1381
diff
changeset
|
1925 |
| 1638 | 1926 After this modification, you will be able to see and enter any world |
| 1927 character via web interface. Data received via mail interface also converted | |
| 1928 to utf-8, however only new messages will be converted. If your roundup | |
| 1929 database contains some of non-ASCII characters in one of 8-bit encoding, | |
| 1930 they will not be visible in new unicode environment. Some of such data (e.g. | |
| 1931 user names, keywords, etc) can be edited by administrator, the others | |
| 1932 (e.g. messages' contents) is not editable via web interface. Currently there | |
| 1933 is no tool for converting such data, the only solution is to close | |
| 1934 appropriate old issues and create new ones with the same content. | |
|
1386
7ca01821df2c
notes about upgrading to unicode
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1381
diff
changeset
|
1935 |
|
1813
6c2cff78d6a0
added note about hidden :template var in user.item ([SF#799842])
Richard Jones <richard@users.sourceforge.net>
parents:
1800
diff
changeset
|
1936 |
| 1638 | 1937 0.6.0 User timezone support |
| 1938 --------------------------- | |
|
1402
27586da5557c
Added users' timezone support
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1388
diff
changeset
|
1939 |
| 1638 | 1940 From version 0.6.0 roundup supports displaying of Date data in user' local |
| 1941 timezone if he/she has provided timezone information. To make it possible | |
| 1942 some modification to tracker's schema and HTML templates are required. | |
|
1769
5fed70f96d2b
various minor bugfixes
Richard Jones <richard@users.sourceforge.net>
parents:
1758
diff
changeset
|
1943 First you must add string property 'timezone' to user class in dbinit.py |
| 1638 | 1944 like this:: |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
1945 |
|
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
1946 user = Class(db, "user", |
|
1402
27586da5557c
Added users' timezone support
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1388
diff
changeset
|
1947 username=String(), password=Password(), |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
1948 address=String(), realname=String(), |
|
1402
27586da5557c
Added users' timezone support
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1388
diff
changeset
|
1949 phone=String(), organisation=String(), |
|
27586da5557c
Added users' timezone support
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1388
diff
changeset
|
1950 alternate_addresses=String(), |
|
27586da5557c
Added users' timezone support
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1388
diff
changeset
|
1951 queries=Multilink('query'), roles=String(), |
|
27586da5557c
Added users' timezone support
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1388
diff
changeset
|
1952 timezone=String()) |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
1953 |
| 1638 | 1954 And second - html interface. Add following lines to |
| 1955 $TRACKER_HOME/html/user.item template:: | |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
1956 |
| 1560 | 1957 <tr> |
| 1958 <th>Timezone</th> | |
| 1959 <td tal:content="structure context/timezone/field">timezone</td> | |
| 1960 </tr> | |
|
1402
27586da5557c
Added users' timezone support
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1388
diff
changeset
|
1961 |
| 1638 | 1962 After that all users should be able to provide their timezone information. |
| 1963 Timezone should be a positive or negative integer - offset from GMT. | |
|
1402
27586da5557c
Added users' timezone support
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1388
diff
changeset
|
1964 |
| 1638 | 1965 After providing timezone, roundup will show all dates values, found in web |
| 1966 and mail interfaces in local time. It will also accept any Date info in | |
| 1967 local time, convert and store it in GMT. | |
|
1402
27586da5557c
Added users' timezone support
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1388
diff
changeset
|
1968 |
|
1813
6c2cff78d6a0
added note about hidden :template var in user.item ([SF#799842])
Richard Jones <richard@users.sourceforge.net>
parents:
1800
diff
changeset
|
1969 |
|
1741
3d4ad125662b
Added a little text about the new search page structure.?b
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1638
diff
changeset
|
1970 0.6.0 Search page structure |
|
3d4ad125662b
Added a little text about the new search page structure.?b
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1638
diff
changeset
|
1971 --------------------------- |
|
3d4ad125662b
Added a little text about the new search page structure.?b
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1638
diff
changeset
|
1972 |
|
3d4ad125662b
Added a little text about the new search page structure.?b
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1638
diff
changeset
|
1973 In order to accomodate query editing the search page has been restructured. If |
|
3d4ad125662b
Added a little text about the new search page structure.?b
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1638
diff
changeset
|
1974 you want to provide your users with query editing, you should update your |
|
3d4ad125662b
Added a little text about the new search page structure.?b
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1638
diff
changeset
|
1975 search page using the macros detailed in the customisation doc section |
|
3d4ad125662b
Added a little text about the new search page structure.?b
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1638
diff
changeset
|
1976 `Searching on categories`__. |
|
3d4ad125662b
Added a little text about the new search page structure.?b
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1638
diff
changeset
|
1977 |
|
3d4ad125662b
Added a little text about the new search page structure.?b
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1638
diff
changeset
|
1978 __ customizing.html#searching-on-categories |
|
3d4ad125662b
Added a little text about the new search page structure.?b
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1638
diff
changeset
|
1979 |
|
1758
5e1680c11bed
Added text about removing '?' from url field when upgrading [SF#790326].
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1741
diff
changeset
|
1980 Also, the url field in the query class no longer starts with a '?'. You'll need |
|
1850
6e80f8f760a4
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
1837
diff
changeset
|
1981 to remove this question mark from the url field to support queries. There's |
|
6e80f8f760a4
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
1837
diff
changeset
|
1982 a script in the "tools" directory called ``migrate-queries.py`` that should |
|
6e80f8f760a4
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
1837
diff
changeset
|
1983 automatically change any existing queries for you. As always, make a backup |
|
6e80f8f760a4
*** empty log message ***
Richard Jones <richard@users.sourceforge.net>
parents:
1837
diff
changeset
|
1984 of your database before running such a script. |
|
1758
5e1680c11bed
Added text about removing '?' from url field when upgrading [SF#790326].
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1741
diff
changeset
|
1985 |
|
1596
33a0d94c7658
searching on ranges of intervals is implemented
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1560
diff
changeset
|
1986 |
|
33a0d94c7658
searching on ranges of intervals is implemented
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1560
diff
changeset
|
1987 0.6.0 Notes for metakit backend users |
|
33a0d94c7658
searching on ranges of intervals is implemented
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1560
diff
changeset
|
1988 ------------------------------------- |
|
33a0d94c7658
searching on ranges of intervals is implemented
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1560
diff
changeset
|
1989 |
| 1638 | 1990 Roundup 0.6.0 introduced searching on ranges of dates and intervals. To |
| 1991 support it, some modifications to interval storing routine were made. So if | |
| 1992 your tracker uses metakit backend and your db schema contains intervals | |
| 1993 property, searches on that property will not be accurate for db items that | |
| 1994 was stored before roundup' upgrade. However all new records should be | |
| 1995 searchable on intervals. | |
|
1596
33a0d94c7658
searching on ranges of intervals is implemented
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1560
diff
changeset
|
1996 |
| 1638 | 1997 It is possible to convert your database to new format: you can export and |
| 1998 import back all your data (consult "Migrating backends" in "Maintenance" | |
| 1999 documentation). After this operation all your interval properties should | |
| 2000 become searchable. | |
|
1596
33a0d94c7658
searching on ranges of intervals is implemented
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1560
diff
changeset
|
2001 |
| 1638 | 2002 Users of backends others than metakit should not worry about this issue. |
|
1596
33a0d94c7658
searching on ranges of intervals is implemented
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1560
diff
changeset
|
2003 |
|
33a0d94c7658
searching on ranges of intervals is implemented
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1560
diff
changeset
|
2004 |
|
825
0779ea9f1f18
More indexer work:
Richard Jones <richard@users.sourceforge.net>
parents:
798
diff
changeset
|
2005 Migrating from 0.4.x to 0.5.0 |
|
0779ea9f1f18
More indexer work:
Richard Jones <richard@users.sourceforge.net>
parents:
798
diff
changeset
|
2006 ============================= |
|
0779ea9f1f18
More indexer work:
Richard Jones <richard@users.sourceforge.net>
parents:
798
diff
changeset
|
2007 |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2008 This has been a fairly major revision of Roundup: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2009 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2010 1. Brand new, much more powerful, flexible, tasty and nutritious templating. |
| 1091 | 2011 Unfortunately, this means all your current templates are useless. Hopefully |
| 2012 the new documentation and examples will be enough to help you make the | |
| 2013 transition. Please don't hesitate to ask on roundup-users for help (or | |
| 2014 complete conversions if you're completely stuck)! | |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2015 2. The database backed got a lot more flexible, allowing Metakit and SQL |
|
1227
92d8e1aad2e9
added mention of the new "minimal" template...
Richard Jones <richard@users.sourceforge.net>
parents:
1096
diff
changeset
|
2016 databases! The only decent SQL database implemented at present is sqlite, |
|
92d8e1aad2e9
added mention of the new "minimal" template...
Richard Jones <richard@users.sourceforge.net>
parents:
1096
diff
changeset
|
2017 but others shouldn't be a whole lot more work. |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2018 3. A brand new, highly flexible and much more robust security system including |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2019 a system of Permissions, Roles and Role assignments to users. You may now |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2020 define your own Permissions that may be checked in CGI transactions. |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2021 4. Journalling has been made less storage-hungry, so has been turned on |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2022 by default *except* for author, recipient and nosy link/unlink events. You |
|
1089
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2023 are advised to turn it off in your trackers too. |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2024 5. We've changed the terminology from "instance" to "tracker", to ease the |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2025 learning curve/impact for new users. |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2026 6. Because of the above changes, the tracker configuration has seen some |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2027 major changes. See below for the details. |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2028 |
| 1091 | 2029 Please, **back up your database** before you start the migration process. This |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2030 is as simple as copying the "db" directory and all its contents from your |
|
1089
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2031 tracker to somewhere safe. |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2032 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2033 |
|
825
0779ea9f1f18
More indexer work:
Richard Jones <richard@users.sourceforge.net>
parents:
798
diff
changeset
|
2034 0.5.0 Configuration |
|
0779ea9f1f18
More indexer work:
Richard Jones <richard@users.sourceforge.net>
parents:
798
diff
changeset
|
2035 ------------------- |
|
0779ea9f1f18
More indexer work:
Richard Jones <richard@users.sourceforge.net>
parents:
798
diff
changeset
|
2036 |
|
1089
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2037 First up, rename your ``instance_config.py`` file to just ``config.py``. |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2038 |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2039 Then edit your tracker's ``__init__.py`` module. It'll currently look |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2040 like this:: |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2041 |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2042 from instance_config import * |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2043 try: |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2044 from dbinit import * |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2045 except ImportError: |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2046 pass # in installdir (probably :) |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2047 from interfaces import * |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2048 |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2049 and it needs to be:: |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2050 |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2051 import config |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2052 from dbinit import open, init |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2053 from interfaces import Client, MailGW |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2054 |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2055 Due to the new templating having a top-level ``page`` that defines links for |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2056 searching, indexes, adding items etc, the following variables are no longer |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2057 used: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2058 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2059 - HEADER_INDEX_LINKS |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2060 - HEADER_ADD_LINKS |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2061 - HEADER_SEARCH_LINKS |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2062 - SEARCH_FILTERS |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2063 - DEFAULT_INDEX |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2064 - UNASSIGNED_INDEX |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2065 - USER_INDEX |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2066 - ISSUE_FILTER |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2067 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2068 The new security implementation will require additions to the dbinit module, |
|
1089
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2069 but also removes the need for the following tracker config variables: |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2070 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2071 - ANONYMOUS_ACCESS |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2072 - ANONYMOUS_REGISTER |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2073 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2074 but requires two new variables which define the Roles assigned to users who |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2075 register through the web and e-mail interfaces: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2076 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2077 - NEW_WEB_USER_ROLES |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2078 - NEW_EMAIL_USER_ROLES |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2079 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2080 in both cases, 'User' is a good initial setting. To emulate |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2081 ``ANONYMOUS_ACCESS='deny'``, remove all "View" Permissions from the |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2082 "Anonymous" Role. To emulate ``ANONYMOUS_REGISTER='deny'``, remove the "Web |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2083 Registration" and/or the "Email Registration" Permission from the "Anonymous" |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2084 Role. See the section on customising security in the `customisation |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2085 documentation`_ for more information. |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2086 |
|
1096
fa7df238e2d4
More cleaning up of configuration, and the "instance" -> "tracker" renaming.
Richard Jones <richard@users.sourceforge.net>
parents:
1091
diff
changeset
|
2087 Finally, the following config variables have been renamed to make more sense: |
|
fa7df238e2d4
More cleaning up of configuration, and the "instance" -> "tracker" renaming.
Richard Jones <richard@users.sourceforge.net>
parents:
1091
diff
changeset
|
2088 |
|
fa7df238e2d4
More cleaning up of configuration, and the "instance" -> "tracker" renaming.
Richard Jones <richard@users.sourceforge.net>
parents:
1091
diff
changeset
|
2089 - INSTANCE_HOME -> TRACKER_HOME |
|
fa7df238e2d4
More cleaning up of configuration, and the "instance" -> "tracker" renaming.
Richard Jones <richard@users.sourceforge.net>
parents:
1091
diff
changeset
|
2090 - INSTANCE_NAME -> TRACKER_NAME |
|
fa7df238e2d4
More cleaning up of configuration, and the "instance" -> "tracker" renaming.
Richard Jones <richard@users.sourceforge.net>
parents:
1091
diff
changeset
|
2091 - ISSUE_TRACKER_WEB -> TRACKER_WEB |
|
fa7df238e2d4
More cleaning up of configuration, and the "instance" -> "tracker" renaming.
Richard Jones <richard@users.sourceforge.net>
parents:
1091
diff
changeset
|
2092 - ISSUE_TRACKER_EMAIL -> TRACKER_EMAIL |
|
fa7df238e2d4
More cleaning up of configuration, and the "instance" -> "tracker" renaming.
Richard Jones <richard@users.sourceforge.net>
parents:
1091
diff
changeset
|
2093 |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2094 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2095 0.5.0 Schema Specification |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2096 -------------------------- |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2097 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2098 0.5.0 Database backend changes |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2099 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2100 |
|
1089
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2101 Your select_db module in your tracker has changed a fair bit. Where it used |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2102 to contain:: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2103 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2104 # WARNING: DO NOT EDIT THIS FILE!!! |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2105 from roundup.backends.back_anydbm import Database |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2106 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2107 it must now contain:: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2108 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2109 # WARNING: DO NOT EDIT THIS FILE!!! |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2110 from roundup.backends.back_anydbm import Database, Class, FileClass, IssueClass |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2111 |
|
1051
a0c7df67dd9c
Allow a page request to include a :contentonly variable.
Richard Jones <richard@users.sourceforge.net>
parents:
1034
diff
changeset
|
2112 Yes, I realise the irony of the "DO NOT EDIT THIS FILE" statement :) |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2113 Note the addition of the Class, FileClass, IssueClass imports. These are very |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2114 important, as they're going to make the next change work too. You now need to |
|
1089
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2115 modify the top of the dbinit module in your tracker from:: |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2116 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2117 import instance_config |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2118 from roundup import roundupdb |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2119 from select_db import Database |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2120 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2121 from roundup.roundupdb import Class, FileClass |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2122 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2123 class Database(roundupdb.Database, select_db.Database): |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2124 ''' Creates a hybrid database from: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2125 . the selected database back-end from select_db |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2126 . the roundup extensions from roundupdb |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2127 ''' |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2128 pass |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2129 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2130 class IssueClass(roundupdb.IssueClass): |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2131 ''' issues need the email information |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2132 ''' |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2133 pass |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2134 |
|
1089
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2135 to:: |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2136 |
|
1089
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2137 import config |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2138 from select_db import Database, Class, FileClass, IssueClass |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2139 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2140 Yes, remove the Database and IssueClass definitions and those other imports. |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2141 They're not needed any more! |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2142 |
|
1089
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2143 Look for places in dbinit.py where ``instance_config`` is used too, and |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2144 rename them ``config``. |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2145 |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2146 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2147 0.5.0 Journalling changes |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2148 ~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2149 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2150 Journalling has been optimised for storage. Journalling of links has been |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2151 turned back on by default. If your tracker has a large user base, you may wish |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2152 to turn off journalling of nosy list, message author and message recipient |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2153 link and unlink events. You do this by adding ``do_journal='no'`` to the Class |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2154 initialisation in your dbinit. For example, your *msg* class initialisation |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2155 probably looks like this:: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2156 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2157 msg = FileClass(db, "msg", |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2158 author=Link("user"), recipients=Multilink("user"), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2159 date=Date(), summary=String(), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2160 files=Multilink("file"), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2161 messageid=String(), inreplyto=String()) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2162 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2163 to turn off journalling of author and recipient link events, add |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2164 ``do_journal='no'`` to the ``author=Link("user")`` part of the statement, |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2165 like so:: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2166 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2167 msg = FileClass(db, "msg", |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2168 author=Link("user", do_journal='no'), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2169 recipients=Multilink("user", do_journal='no'), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2170 date=Date(), summary=String(), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2171 files=Multilink("file"), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2172 messageid=String(), inreplyto=String()) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2173 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2174 Nosy list link event journalling is actually turned off by default now. If you |
|
1227
92d8e1aad2e9
added mention of the new "minimal" template...
Richard Jones <richard@users.sourceforge.net>
parents:
1096
diff
changeset
|
2175 want to turn it on, change to your issue class' nosy list, change its |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2176 definition from:: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2177 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2178 issue = IssueClass(db, "issue", |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2179 assignedto=Link("user"), topic=Multilink("keyword"), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2180 priority=Link("priority"), status=Link("status")) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2181 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2182 to:: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2183 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2184 issue = IssueClass(db, "issue", nosy=Multilink("user", do_journal='yes'), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2185 assignedto=Link("user"), topic=Multilink("keyword"), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2186 priority=Link("priority"), status=Link("status")) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2187 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2188 noting that your definition of the nosy Multilink will override the normal one. |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2189 |
|
1009
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2190 |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2191 0.5.0 User schema changes |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2192 ~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2193 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2194 Users have two more properties, "queries" and "roles". You'll have something |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2195 like this in your dbinit module now:: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2196 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2197 user = Class(db, "user", |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2198 username=String(), password=Password(), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2199 address=String(), realname=String(), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2200 phone=String(), organisation=String(), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2201 alternate_addresses=String()) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2202 user.setkey("username") |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2203 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2204 and you'll need to add the new properties and the new "query" class to it |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2205 like so:: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2206 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2207 query = Class(db, "query", |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2208 klass=String(), name=String(), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2209 url=String()) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2210 query.setkey("name") |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2211 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2212 # Note: roles is a comma-separated string of Role names |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2213 user = Class(db, "user", |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2214 username=String(), password=Password(), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2215 address=String(), realname=String(), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2216 phone=String(), organisation=String(), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2217 alternate_addresses=String(), |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2218 queries=Multilink('query'), roles=String()) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2219 user.setkey("username") |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2220 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2221 The "queries" property is used to store off the user's favourite database |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2222 queries. The "roles" property is explained below in `0.5.0 Security |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2223 Settings`_. |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2224 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2225 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2226 0.5.0 Security Settings |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2227 ~~~~~~~~~~~~~~~~~~~~~~~ |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2228 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2229 See the `security documentation`_ for an explanation of how the new security |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2230 system works. In a nutshell though, the security is handled as a four step |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2231 process: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2232 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2233 1. Permissions are defined as having a name and optionally a hyperdb class |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2234 they're specific to, |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2235 2. Roles are defined that have one or more Permissions, |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2236 3. Users are assigned Roles in their "roles" property, and finally |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2237 4. Roundup checks that users have appropriate Permissions at appropriate times |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2238 (like editing issues). |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2239 |
|
1089
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2240 Your tracker dbinit module's *open* function now has to define any |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2241 Permissions that are specific to your tracker, and also the assignment |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2242 of Permissions to Roles. At the moment, your open function |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2243 ends with:: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2244 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2245 import detectors |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2246 detectors.init(db) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2247 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2248 return db |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2249 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2250 and what we need to do is insert some commands that will set up the security |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2251 parameters. Right above the ``import detectors`` line, you'll want to insert |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2252 these lines:: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2253 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2254 # |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2255 # SECURITY SETTINGS |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2256 # |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2257 # new permissions for this schema |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2258 for cl in 'issue', 'file', 'msg', 'user': |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2259 db.security.addPermission(name="Edit", klass=cl, |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2260 description="User is allowed to edit "+cl) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2261 db.security.addPermission(name="View", klass=cl, |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2262 description="User is allowed to access "+cl) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2263 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2264 # Assign the access and edit permissions for issue, file and message |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2265 # to regular users now |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2266 for cl in 'issue', 'file', 'msg': |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2267 p = db.security.getPermission('View', cl) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2268 db.security.addPermissionToRole('User', p) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2269 p = db.security.getPermission('Edit', cl) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2270 db.security.addPermissionToRole('User', p) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2271 # and give the regular users access to the web and email interface |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2272 p = db.security.getPermission('Web Access') |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2273 db.security.addPermissionToRole('User', p) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2274 p = db.security.getPermission('Email Access') |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2275 db.security.addPermissionToRole('User', p) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2276 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2277 # May users view other user information? Comment these lines out |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2278 # if you don't want them to |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2279 p = db.security.getPermission('View', 'user') |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2280 db.security.addPermissionToRole('User', p) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2281 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2282 # Assign the appropriate permissions to the anonymous user's Anonymous |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2283 # Role. Choices here are: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2284 # - Allow anonymous users to register through the web |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2285 p = db.security.getPermission('Web Registration') |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2286 db.security.addPermissionToRole('Anonymous', p) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2287 # - Allow anonymous (new) users to register through the email gateway |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2288 p = db.security.getPermission('Email Registration') |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2289 db.security.addPermissionToRole('Anonymous', p) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2290 # - Allow anonymous users access to the "issue" class of data |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2291 # Note: this also grants access to related information like files, |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2292 # messages, statuses etc that are linked to issues |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2293 #p = db.security.getPermission('View', 'issue') |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2294 #db.security.addPermissionToRole('Anonymous', p) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2295 # - Allow anonymous users access to edit the "issue" class of data |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2296 # Note: this also grants access to create related information like |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2297 # files and messages etc that are linked to issues |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2298 #p = db.security.getPermission('Edit', 'issue') |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2299 #db.security.addPermissionToRole('Anonymous', p) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2300 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2301 # oh, g'wan, let anonymous access the web interface too |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2302 p = db.security.getPermission('Web Access') |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2303 db.security.addPermissionToRole('Anonymous', p) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2304 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2305 Note in the comments there the places where you might change the permissions |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2306 to restrict users or grant users more access. If you've created additional |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2307 classes that users should be able to edit and view, then you should add them |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2308 to the "new permissions for this schema" section at the start of the security |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2309 block. Then add them to the "Assign the access and edit permissions" section |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2310 too, so people actually have the new Permission you've created. |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2311 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2312 One final change is needed that finishes off the security system's |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2313 initialisation. We need to add a call to ``db.post_init()`` at the end of the |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2314 dbinit open() function. Add it like this:: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2315 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2316 import detectors |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2317 detectors.init(db) |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2318 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2319 # schema is set up - run any post-initialisation |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2320 db.post_init() |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2321 return db |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2322 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2323 You may verify the setup of Permissions and Roles using the new |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2324 "``roundup-admin security``" command. |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2325 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2326 |
|
1009
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2327 0.5.0 User changes |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2328 ~~~~~~~~~~~~~~~~~~ |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2329 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2330 To support all those schema changes, you'll need to massage your user database |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2331 a little too, to: |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2332 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2333 1. make sure there's an "anonymous" user - this user is mandatory now and is |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2334 the one that unknown users are logged in as. |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2335 2. make sure all users have at least one Role. |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2336 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2337 If you don't have the "anonymous" user, create it now with the command:: |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2338 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2339 roundup-admin create user username=anonymous roles=Anonymous |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2340 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2341 making sure the capitalisation is the same as above. Once you've done that, |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2342 you'll need to set the roles property on all users to a reasonable default. |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2343 The admin user should get "Admin", the anonymous user "Anonymous" |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2344 and all other users "User". The ``fixroles.py`` script in the tools directory |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2345 will do this. Run it like so (where python is your python 2+ binary):: |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2346 |
| 1271 | 2347 python tools/fixroles.py -i <tracker home> fixroles |
|
1009
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2348 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2349 |
|
fc55426544b5
more upgrading docco and a tool to fix roles
Richard Jones <richard@users.sourceforge.net>
parents:
1008
diff
changeset
|
2350 |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2351 0.5.0 CGI interface changes |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2352 --------------------------- |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2353 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2354 The CGI interface code was completely reorganised and largely rewritten. The |
|
1089
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2355 end result is that this section of your tracker interfaces module will need |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2356 changing from:: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2357 |
|
1308
bd71c43f0911
fixed upgrading doc to have CGI changes in the correct order
Richard Jones <richard@users.sourceforge.net>
parents:
1271
diff
changeset
|
2358 from roundup import cgi_client, mailgw |
|
bd71c43f0911
fixed upgrading doc to have CGI changes in the correct order
Richard Jones <richard@users.sourceforge.net>
parents:
1271
diff
changeset
|
2359 from roundup.i18n import _ |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
2360 |
|
1308
bd71c43f0911
fixed upgrading doc to have CGI changes in the correct order
Richard Jones <richard@users.sourceforge.net>
parents:
1271
diff
changeset
|
2361 class Client(cgi_client.Client): |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2362 ''' derives basic CGI implementation from the standard module, |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2363 with any specific extensions |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2364 ''' |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2365 pass |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2366 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2367 to:: |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2368 |
|
1308
bd71c43f0911
fixed upgrading doc to have CGI changes in the correct order
Richard Jones <richard@users.sourceforge.net>
parents:
1271
diff
changeset
|
2369 from roundup import mailgw |
|
bd71c43f0911
fixed upgrading doc to have CGI changes in the correct order
Richard Jones <richard@users.sourceforge.net>
parents:
1271
diff
changeset
|
2370 from roundup.cgi import client |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
2371 |
|
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
2372 class Client(client.Client): |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2373 ''' derives basic CGI implementation from the standard module, |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2374 with any specific extensions |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2375 ''' |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2376 pass |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2377 |
|
1034
6afef8529d6c
mention cgi script update
Richard Jones <richard@users.sourceforge.net>
parents:
1009
diff
changeset
|
2378 You will also need to install the new version of roundup.cgi from the source |
|
6afef8529d6c
mention cgi script update
Richard Jones <richard@users.sourceforge.net>
parents:
1009
diff
changeset
|
2379 cgi-bin directory if you're using it. |
|
6afef8529d6c
mention cgi script update
Richard Jones <richard@users.sourceforge.net>
parents:
1009
diff
changeset
|
2380 |
|
6afef8529d6c
mention cgi script update
Richard Jones <richard@users.sourceforge.net>
parents:
1009
diff
changeset
|
2381 |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2382 0.5.0 HTML templating |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2383 --------------------- |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2384 |
|
1089
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2385 You'll want to make a backup of your current tracker html directory. You |
| 1091 | 2386 should then copy the html directory from the Roundup source "classic" template |
| 2387 and modify it according to your local schema changes. | |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2388 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2389 If you need help with the new templating system, please ask questions on the |
|
4510
bce9aaf19a3b
Updated the url to point to www.roundup-tracker.org in two places in the docs.
Bernhard Reiter <Bernhard.Reiter@intevation.de>
parents:
4503
diff
changeset
|
2390 roundup-users mailing list (available through the roundup web page on |
|
bce9aaf19a3b
Updated the url to point to www.roundup-tracker.org in two places in the docs.
Bernhard Reiter <Bernhard.Reiter@intevation.de>
parents:
4503
diff
changeset
|
2391 sourceforge, http://www.roundup-tracker.org/. |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2392 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2393 |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2394 0.5.0 Detectors |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2395 --------------- |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2396 |
|
1089
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2397 The nosy reactor has been updated to handle the tracker not having an |
|
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2398 "assignedto" property on issues. You may want to copy it into your tracker's |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2399 detectors directory. Chances are you've already fixed it though :) |
|
825
0779ea9f1f18
More indexer work:
Richard Jones <richard@users.sourceforge.net>
parents:
798
diff
changeset
|
2400 |
|
0779ea9f1f18
More indexer work:
Richard Jones <richard@users.sourceforge.net>
parents:
798
diff
changeset
|
2401 |
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2402 Migrating from 0.4.1 to 0.4.2 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2403 ============================= |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2404 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2405 0.4.2 Configuration |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2406 ------------------- |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2407 The USER_INDEX definition introduced in 0.4.1 was too restrictive in its |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2408 allowing replacement of 'assignedto' with the user's userid. Users must change |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2409 the None value of 'assignedto' to 'CURRENT USER' (the string, in quotes) for |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2410 the replacement behaviour to occur now. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2411 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2412 The new configuration variables are: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2413 |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
2414 - EMAIL_KEEP_QUOTED_TEXT |
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2415 - EMAIL_LEAVE_BODY_UNCHANGED |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2416 - ADD_RECIPIENTS_TO_NOSY |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2417 |
|
798
faf164ab8ed9
Docco changes.
Richard Jones <richard@users.sourceforge.net>
parents:
782
diff
changeset
|
2418 See the sample configuration files in:: |
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2419 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2420 <roundup source>/roundup/templates/classic/instance_config.py |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2421 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2422 and:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2423 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2424 <roundup source>/roundup/templates/extended/instance_config.py |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2425 |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2426 and the `customisation documentation`_ for information on how they're used. |
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2427 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2428 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2429 0.4.2 Changes to detectors |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2430 -------------------------- |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2431 You will need to copy the detectors from the distribution into your instance |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2432 home "detectors" directory. If you used the classic schema, the detectors |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2433 are in:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2434 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2435 <roundup source>/roundup/templates/classic/detectors/ |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2436 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2437 If you used the extended schema, the detectors are in:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2438 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2439 <roundup source>/roundup/templates/extended/detectors/ |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2440 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2441 The change means that schema-specific code has been removed from the |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2442 mail gateway and cgi interface and made into auditors: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2443 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2444 - nosyreactor.py has now got an updatenosy auditor which updates the nosy |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2445 list with author, recipient and assignedto information. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2446 - statusauditor.py makes the unread or resolved -> chatting changes and |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2447 presets the status of an issue to unread. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2448 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2449 There's also a bug or two fixed in the nosyreactor code. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2450 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2451 0.4.2 HTML templating changes |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2452 ----------------------------- |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2453 The link() htmltemplate function now has a "showid" option for links and |
|
1089
43ab730ee194
instance -> tracker, node -> item
Richard Jones <richard@users.sourceforge.net>
parents:
1051
diff
changeset
|
2454 multilinks. When true, it only displays the linked item id as the anchor |
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2455 text. The link value is displayed as a tooltip using the title anchor |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2456 attribute. To use in eg. the superseder field, have something like this:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2457 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2458 <td> |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2459 <display call="field('superseder', showid=1)"> |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2460 <display call="classhelp('issue', 'id,title', label='list', width=500)"> |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2461 <property name="superseder"> |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2462 <br>View: <display call="link('superseder', showid=1)"> |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2463 </property> |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2464 </td> |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2465 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2466 The stylesheets have been cleaned up too. You may want to use the newer |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2467 versions in:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2468 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2469 <roundup source>/roundup/templates/<template>/html/default.css |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2470 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2471 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2472 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2473 Migrating from 0.4.0 to 0.4.1 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2474 ============================= |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2475 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2476 0.4.1 Files storage |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2477 ------------------- |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2478 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2479 Messages and files from newly created issues will be put into subdierectories |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2480 in thousands e.g. msg123 will be put into files/msg/0/msg123, file2003 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2481 will go into files/file/2/file2003. Previous messages are still found, but |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2482 could be put into this structure. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2483 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2484 0.4.1 Configuration |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2485 ------------------- |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2486 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2487 To allow more fine-grained access control, the variable used to check |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2488 permission to auto-register users in the mail gateway is now called |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2489 ANONYMOUS_REGISTER_MAIL rather than overloading ANONYMOUS_REGISTER. If the |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2490 variable doesn't exist, then ANONYMOUS_REGISTER is tested as before. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2491 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2492 Configuring the links in the web header is now easier too. The following |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2493 variables have been added to the classic instance_config.py:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2494 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2495 HEADER_INDEX_LINKS - defines the "index" links to be made available |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2496 HEADER_ADD_LINKS - defines the "add" links |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2497 DEFAULT_INDEX - specifies the index view for DEFAULT |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2498 UNASSIGNED_INDEX - specifies the index view for UNASSIGNED |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2499 USER_INDEX - specifies the index view for USER |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2500 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2501 See the <roundup source>/roundup/templates/classic/instance_config.py for more |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2502 information - including how the variables are to be set up. Most users will |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2503 just be able to copy the variables from the source to their instance home. If |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2504 you've modified the header by changing the source of the interfaces.py file in |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2505 the instance home, you'll need to remove that customisation and move it into |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2506 the appropriate variables in instance_config.py. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2507 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2508 The extended schema has similar variables added too - see the source for more |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2509 info. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2510 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2511 0.4.1 Alternate E-Mail Addresses |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2512 -------------------------------- |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2513 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2514 If you add the property "alternate_addresses" to your user class, your users |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2515 will be able to register alternate email addresses that they may use to |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2516 communicate with roundup as. All email from roundup will continue to be sent |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2517 to their primary address. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2518 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2519 If you have not edited the dbinit.py file in your instance home directory, |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2520 you may simply copy the new dbinit.py file from the core code. If you used |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2521 the classic schema, the interfaces file is in:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2522 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2523 <roundup source>/roundup/templates/classic/dbinit.py |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2524 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2525 If you used the extended schema, the file is in:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2526 |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
2527 <roundup source>/roundup/templates/extended/dbinit.py |
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2528 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2529 If you have modified your dbinit.py file, you need to edit the dbinit.py |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2530 file in your instance home directory. Find the lines which define the user |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2531 class:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2532 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2533 user = Class(db, "msg", |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2534 username=String(), password=Password(), |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
2535 address=String(), realname=String(), |
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2536 phone=String(), organisation=String(), |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2537 alternate_addresses=String()) |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2538 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2539 You will also want to add the property to the user's details page. The |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2540 template for this is the "user.item" file in your instance home "html" |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2541 directory. Similar to above, you may copy the file from the roundup source if |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2542 you haven't modified it. Otherwise, add the following to the template:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2543 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2544 <display call="multiline('alternate_addresses')"> |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2545 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2546 with appropriate labelling etc. See the standard template for an idea. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2547 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2548 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2549 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2550 Migrating from 0.3.x to 0.4.0 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2551 ============================= |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2552 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2553 0.4.0 Message-ID and In-Reply-To addition |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2554 ----------------------------------------- |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2555 0.4.0 adds the tracking of messages by message-id and allows threading |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2556 using in-reply-to. Most e-mail clients support threading using this |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2557 feature, and we hope to add support for it to the web gateway. If you |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2558 have not edited the dbinit.py file in your instance home directory, you may |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2559 simply copy the new dbinit.py file from the core code. If you used the |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2560 classic schema, the interfaces file is in:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2561 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2562 <roundup source>/roundup/templates/classic/dbinit.py |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2563 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2564 If you used the extended schema, the file is in:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2565 |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
2566 <roundup source>/roundup/templates/extended/dbinit.py |
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2567 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2568 If you have modified your dbinit.py file, you need to edit the dbinit.py |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2569 file in your instance home directory. Find the lines which define the msg |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2570 class:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2571 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2572 msg = FileClass(db, "msg", |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2573 author=Link("user"), recipients=Multilink("user"), |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2574 date=Date(), summary=String(), |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2575 files=Multilink("file")) |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2576 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2577 and add the messageid and inreplyto properties like so:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2578 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2579 msg = FileClass(db, "msg", |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2580 author=Link("user"), recipients=Multilink("user"), |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2581 date=Date(), summary=String(), |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2582 files=Multilink("file"), |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2583 messageid=String(), inreplyto=String()) |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2584 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2585 Also, configuration is being cleaned up. This means that your dbinit.py will |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2586 also need to be changed in the open function. If you haven't changed your |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2587 dbinit.py, the above copy will be enough. If you have, you'll need to change |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2588 the line (round line 50):: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2589 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2590 db = Database(instance_config.DATABASE, name) |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2591 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2592 to:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2593 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2594 db = Database(instance_config, name) |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2595 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2596 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2597 0.4.0 Configuration |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2598 -------------------- |
|
1096
fa7df238e2d4
More cleaning up of configuration, and the "instance" -> "tracker" renaming.
Richard Jones <richard@users.sourceforge.net>
parents:
1091
diff
changeset
|
2599 ``TRACKER_NAME`` and ``EMAIL_SIGNATURE_POSITION`` have been added to the |
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2600 instance_config.py. The simplest solution is to copy the default values |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2601 from template in the core source. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2602 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2603 The mail gateway now checks ``ANONYMOUS_REGISTER`` to see if unknown users |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2604 are to be automatically registered with the tracker. If it is set to "deny" |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2605 then unknown users will not have access. If it is set to "allow" they will be |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2606 automatically registered with the tracker. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2607 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2608 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2609 0.4.0 CGI script roundup.cgi |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2610 ---------------------------- |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2611 The CGI script has been updated with some features and a bugfix, so you should |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2612 copy it from the roundup cgi-bin source directory again. Make sure you update |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2613 the ROUNDUP_INSTANCE_HOMES after the copy. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2614 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2615 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2616 0.4.0 Nosy reactor |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2617 ------------------ |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2618 The nosy reactor has also changed - copy the nosyreactor.py file from the core |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2619 source:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2620 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2621 <roundup source>/roundup/templates/<template>/detectors/nosyreactor.py |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2622 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2623 to your instance home "detectors" directory. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2624 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2625 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2626 0.4.0 HTML templating |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2627 --------------------- |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2628 The field() function was incorrectly implemented - links and multilinks now |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2629 display as text fields when rendered using field(). To display a menu (drop- |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2630 down or select box) you need to use the menu() function. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2631 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2632 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2633 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2634 Migrating from 0.2.x to 0.3.x |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2635 ============================= |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2636 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2637 0.3.x Cookie Authentication changes |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2638 ----------------------------------- |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2639 0.3.0 introduces cookie authentication - you will need to copy the |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2640 interfaces.py file from the roundup source to your instance home to enable |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2641 authentication. If you used the classic schema, the interfaces file is in:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2642 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2643 <roundup source>/roundup/templates/classic/interfaces.py |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2644 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2645 If you used the extended schema, the file is in:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2646 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2647 <roundup source>/roundup/templates/extended/interfaces.py |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2648 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2649 If you have modified your interfaces.Client class, you will need to take |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2650 note of the login/logout functionality provided in roundup.cgi_client.Client |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2651 (classic schema) or roundup.cgi_client.ExtendedClient (extended schema) and |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2652 modify your instance code apropriately. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2653 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2654 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2655 0.3.x Password encoding |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2656 ----------------------- |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2657 This release also introduces encoding of passwords in the database. If you |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2658 have not edited the dbinit.py file in your instance home directory, you may |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2659 simply copy the new dbinit.py file from the core code. If you used the |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2660 classic schema, the interfaces file is in:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2661 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2662 <roundup source>/roundup/templates/classic/dbinit.py |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2663 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2664 If you used the extended schema, the file is in:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2665 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2666 <roundup source>/roundup/templates/extended/dbinit.py |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2667 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2668 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2669 If you have modified your dbinit.py file, you may use encoded passwords: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2670 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2671 1. Edit the dbinit.py file in your instance home directory |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2672 a. At the first code line of the open() function:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2673 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2674 from roundup.hyperdb import String, Date, Link, Multilink |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2675 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2676 alter to include Password, as so:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2677 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2678 from roundup.hyperdb import String, Password, Date, Link, Multilink |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2679 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2680 b. Where the password property is defined (around line 66):: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2681 |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
2682 user = Class(db, "user", |
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2683 username=String(), password=String(), |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
2684 address=String(), realname=String(), |
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2685 phone=String(), organisation=String()) |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2686 user.setkey("username") |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2687 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2688 alter the "password=String()" to "password=Password()":: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2689 |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
2690 user = Class(db, "user", |
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2691 username=String(), password=Password(), |
|
4663
519a22c1858b
Rephrase sentence and clean up whitespace.
Ezio Melotti <ezio.melotti@gmail.com>
parents:
4643
diff
changeset
|
2692 address=String(), realname=String(), |
|
782
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2693 phone=String(), organisation=String()) |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2694 user.setkey("username") |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2695 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2696 2. Any existing passwords in the database will remain cleartext until they |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2697 are edited. It is recommended that at a minimum the admin password be |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2698 changed immediately:: |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2699 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2700 roundup-admin -i <instance home> set user1 password=<new password> |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2701 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2702 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2703 0.3.x Configuration |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2704 ------------------- |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2705 FILTER_POSITION, ANONYMOUS_ACCESS, ANONYMOUS_REGISTER have been added to |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2706 the instance_config.py. Simplest solution is to copy the default values from |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2707 template in the core source. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2708 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2709 MESSAGES_TO_AUTHOR has been added to the IssueClass in dbinit.py. Set to 'yes' |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2710 to send nosy messages to the author. Default behaviour is to not send nosy |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2711 messages to the author. You will need to add MESSAGES_TO_AUTHOR to your |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2712 dbinit.py in your instance home. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2713 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2714 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2715 0.3.x CGI script roundup.cgi |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2716 ---------------------------- |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2717 There have been some structural changes to the roundup.cgi script - you will |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2718 need to install it again from the cgi-bin directory of the source |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2719 distribution. Make sure you update the ROUNDUP_INSTANCE_HOMES after the |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2720 copy. |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2721 |
|
6f6eb43d9d86
Moved the MIGRATION text in with the rest of the docco, fixed up for 0.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2722 |
|
1008
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2723 .. _`customisation documentation`: customizing.html |
|
10ed4791f969
Wrote most of the upgrading documentation (please read!)
Richard Jones <richard@users.sourceforge.net>
parents:
979
diff
changeset
|
2724 .. _`security documentation`: security.html |
| 2409 | 2725 .. _`administration guide`: admin_guide.html |
|
5298
6efa6d44c27a
Add doc for xmlrpc changes and errors related to anti-csrf protections.
John Rouillard <rouilj@ieee.org>
parents:
5295
diff
changeset
|
2726 .. _`xmlrpc guide`: xmlrpc.html |