Mercurial > p > roundup > code


  
2779


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


     1 #


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


     2 # TRACKER SCHEMA


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


     3 #


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


     4 


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


     5 # Class automatically gets these properties:


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


     6 #   creation = Date()


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


     7 #   activity = Date()


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


     8 #   creator = Link('user')


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


     9 #   actor = Link('user')


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    10 


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    11 # The "Minimal" template gets only one class, the required "user"


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    12 # class. That's it. And even that has the bare minimum of properties.


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    13 


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    14 # Note: roles is a comma-separated string of Role names


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    15 user = Class(db, "user", username=String(), password=Password(),


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    16     address=String(), alternate_addresses=String(), roles=String())


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    17 user.setkey("username")


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    18 #


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    19 # TRACKER SECURITY SETTINGS


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    20 #


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    21 # See the configuration and customisation document for information


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    22 # about security setup.


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    23 


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    24 #


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    25 # REGULAR USERS


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    26 #


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    27 # Give the regular users access to the web and email interface


2991


b9a55628a78d
more doc fixes

Richard Jones <richard@users.sourceforge.net>
parents: 
2779
diff
changeset


    28 db.security.addPermissionToRole('User', 'Web Access')


b9a55628a78d
more doc fixes

Richard Jones <richard@users.sourceforge.net>
parents: 
2779
diff
changeset


    29 db.security.addPermissionToRole('User', 'Email Access')


2779


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    30 


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    31 # May users view other user information?


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    32 # Comment these lines out if you don't want them to


2991


b9a55628a78d
more doc fixes

Richard Jones <richard@users.sourceforge.net>
parents: 
2779
diff
changeset


    33 db.security.addPermissionToRole('User', 'View', 'user')


2779


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    34 


2991


b9a55628a78d
more doc fixes

Richard Jones <richard@users.sourceforge.net>
parents: 
2779
diff
changeset


    35 # Users should be able to edit their own details -- this permission is


b9a55628a78d
more doc fixes

Richard Jones <richard@users.sourceforge.net>
parents: 
2779
diff
changeset


    36 # limited to only the situation where the Viewed or Edited item is their own.


2779


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    37 def own_record(db, userid, itemid):


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    38     '''Determine whether the userid matches the item being accessed.'''


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    39     return userid == itemid


2991


b9a55628a78d
more doc fixes

Richard Jones <richard@users.sourceforge.net>
parents: 
2779
diff
changeset


    40 p = db.security.addPermission(name='View Self', klass='user', check=own_record,


2779


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    41     description="User is allowed to view their own user details")


2991


b9a55628a78d
more doc fixes

Richard Jones <richard@users.sourceforge.net>
parents: 
2779
diff
changeset


    42 db.security.addPermissionToRole('User', p)


b9a55628a78d
more doc fixes

Richard Jones <richard@users.sourceforge.net>
parents: 
2779
diff
changeset


    43 p = db.security.addPermission(name='Edit Self', klass='user', check=own_record,


2779


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    44     description="User is allowed to edit their own user details")


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    45 db.security.addPermissionToRole('User', p)


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    46 


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    47 #


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    48 # ANONYMOUS USER PERMISSIONS


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    49 #


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    50 # Let anonymous users access the web interface. Note that almost all


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    51 # trackers will need this Permission. The only situation where it's not


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    52 # required is in a tracker that uses an HTTP Basic Authenticated front-end.


2991


b9a55628a78d
more doc fixes

Richard Jones <richard@users.sourceforge.net>
parents: 
2779
diff
changeset


    53 db.security.addPermissionToRole('Anonymous', 'Web Access')


2779


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    54 


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    55 # Let anonymous users access the email interface (note that this implies


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    56 # that they will be registered automatically, hence they will need the


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    57 # "Create" user Permission below)


2991


b9a55628a78d
more doc fixes

Richard Jones <richard@users.sourceforge.net>
parents: 
2779
diff
changeset


    58 db.security.addPermissionToRole('Anonymous', 'Email Access')


2779


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    59 


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    60 # Assign the appropriate permissions to the anonymous user's


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    61 # Anonymous Role. Choices here are:


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    62 # - Allow anonymous users to register


2991


b9a55628a78d
more doc fixes

Richard Jones <richard@users.sourceforge.net>
parents: 
2779
diff
changeset


    63 db.security.addPermissionToRole('Anonymous', 'Create', 'user')


2779


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    64 


45c65345e909
migrate to new layout

Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 
diff
changeset


    65 # vim: set et sts=4 sw=4 :
author	Richard Jones <richard@users.sourceforge.net>
date	Tue, 07 Dec 2004 23:32:50 +0000
parents	45c65345e909
children	a4393350e4eb
rev	line source
2779 45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	1 #
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	2 # TRACKER SCHEMA
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	3 #
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	4
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	5 # Class automatically gets these properties:
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	6 # creation = Date()
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	7 # activity = Date()
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	8 # creator = Link('user')
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	9 # actor = Link('user')
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	10
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	11 # The "Minimal" template gets only one class, the required "user"
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	12 # class. That's it. And even that has the bare minimum of properties.
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	13
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	14 # Note: roles is a comma-separated string of Role names
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	15 user = Class(db, "user", username=String(), password=Password(),
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	16 address=String(), alternate_addresses=String(), roles=String())
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	17 user.setkey("username")
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	18 #
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	19 # TRACKER SECURITY SETTINGS
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	20 #
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	21 # See the configuration and customisation document for information
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	22 # about security setup.
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	23
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	24 #
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	25 # REGULAR USERS
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	26 #
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	27 # Give the regular users access to the web and email interface
2991 b9a55628a78d more doc fixes Richard Jones <richard@users.sourceforge.net> parents: 2779 diff changeset	28 db.security.addPermissionToRole('User', 'Web Access')
b9a55628a78d more doc fixes Richard Jones <richard@users.sourceforge.net> parents: 2779 diff changeset	29 db.security.addPermissionToRole('User', 'Email Access')
2779 45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	30
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	31 # May users view other user information?
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	32 # Comment these lines out if you don't want them to
2991 b9a55628a78d more doc fixes Richard Jones <richard@users.sourceforge.net> parents: 2779 diff changeset	33 db.security.addPermissionToRole('User', 'View', 'user')
2779 45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	34
2991 b9a55628a78d more doc fixes Richard Jones <richard@users.sourceforge.net> parents: 2779 diff changeset	35 # Users should be able to edit their own details -- this permission is
b9a55628a78d more doc fixes Richard Jones <richard@users.sourceforge.net> parents: 2779 diff changeset	36 # limited to only the situation where the Viewed or Edited item is their own.
2779 45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	37 def own_record(db, userid, itemid):
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	38 '''Determine whether the userid matches the item being accessed.'''
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	39 return userid == itemid
2991 b9a55628a78d more doc fixes Richard Jones <richard@users.sourceforge.net> parents: 2779 diff changeset	40 p = db.security.addPermission(name='View Self', klass='user', check=own_record,
2779 45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	41 description="User is allowed to view their own user details")
2991 b9a55628a78d more doc fixes Richard Jones <richard@users.sourceforge.net> parents: 2779 diff changeset	42 db.security.addPermissionToRole('User', p)
b9a55628a78d more doc fixes Richard Jones <richard@users.sourceforge.net> parents: 2779 diff changeset	43 p = db.security.addPermission(name='Edit Self', klass='user', check=own_record,
2779 45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	44 description="User is allowed to edit their own user details")
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	45 db.security.addPermissionToRole('User', p)
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	46
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	47 #
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	48 # ANONYMOUS USER PERMISSIONS
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	49 #
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	50 # Let anonymous users access the web interface. Note that almost all
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	51 # trackers will need this Permission. The only situation where it's not
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	52 # required is in a tracker that uses an HTTP Basic Authenticated front-end.
2991 b9a55628a78d more doc fixes Richard Jones <richard@users.sourceforge.net> parents: 2779 diff changeset	53 db.security.addPermissionToRole('Anonymous', 'Web Access')
2779 45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	54
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	55 # Let anonymous users access the email interface (note that this implies
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	56 # that they will be registered automatically, hence they will need the
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	57 # "Create" user Permission below)
2991 b9a55628a78d more doc fixes Richard Jones <richard@users.sourceforge.net> parents: 2779 diff changeset	58 db.security.addPermissionToRole('Anonymous', 'Email Access')
2779 45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	59
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	60 # Assign the appropriate permissions to the anonymous user's
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	61 # Anonymous Role. Choices here are:
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	62 # - Allow anonymous users to register
2991 b9a55628a78d more doc fixes Richard Jones <richard@users.sourceforge.net> parents: 2779 diff changeset	63 db.security.addPermissionToRole('Anonymous', 'Create', 'user')
2779 45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	64
45c65345e909 migrate to new layout Alexander Smishlajev <a1s@users.sourceforge.net> parents: diff changeset	65 # vim: set et sts=4 sw=4 :