Mercurial > p > roundup > code

annotate share/roundup/templates/devel/schema.py @ 4880:ca692423e401

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Different approach to fix XSS in issue2550817 Encapsulate the error/ok message append method as add_ok_message and add_error_message. The new approach escapes the messages when appending -- at a point in the code where we still know where the message comes from. Escaping is the default but can bei turned off. This also fixes issue2550836 where certain messages may contain links. Another advantage of the new fix is that users don't need to change installed trackers and are secure by default.
author Ralf Schlatterbeck <rsc@runtux.com>
date Mon, 31 Mar 2014 18:19:23 +0200
parents d3f8d0be588c
children a403c29ffaf9
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4434
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
1
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
2 #
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
3 # TRACKER SCHEMA
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
4 #
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
5
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
6 # Class automatically gets these properties:
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
7 # creation = Date()
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
8 # activity = Date()
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
9 # creator = Link('user')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
10 # actor = Link('user')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
11
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
12
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
13 # This is the repository class, then you can see/edit repositories in pages like
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
14 # "http://tracker/url/vcs_repo1"
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
15 vcs_repo = Class(db, "vcs_repo",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
16 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
17 host=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
18 path=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
19 webview_url=String())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
20 vcs_repo.setkey('name')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
21
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
22 # Stores revision data, lets you see/edit revisions in pages like
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
23 # "http://tracker/url/vcs_rev1". The vcs_rev.item.html template is currently
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
24 # broken, but this works fine without it.
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
25 vcs_rev = Class(db, "vcs_rev",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
26 repository=Link('vcs_repo'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
27 revision=String())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
28
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
29
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
30
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
31 # Component
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
32 component = Class(db, 'component',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
33 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
34 description=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
35 order=Number(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
36 assign_to=Link('user'))
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
37 component.setkey('name')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
38
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
39 # Version
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
40 version = Class(db, 'version',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
41 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
42 description=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
43 order=Number())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
44 version.setkey('name')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
45
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
46 # Severity
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
47 severity = Class(db, 'severity',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
48 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
49 description=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
50 order=Number())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
51 severity.setkey('name')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
52
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
53 # Priority
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
54 priority = Class(db, 'priority',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
55 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
56 description=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
57 order=Number())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
58 priority.setkey('name')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
59
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
60 # Status
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
61 status = Class(db, "status",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
62 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
63 description=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
64 order=Number())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
65 status.setkey("name")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
66
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
67 # Resolution
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
68 resolution = Class(db, "resolution",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
69 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
70 description=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
71 order=Number())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
72 resolution.setkey('name')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
73
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
74 # Keyword
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
75 keyword = Class(db, "keyword",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
76 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
77 description=String())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
78 keyword.setkey("name")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
79
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
80
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
81 # User-defined saved searches
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
82 query = Class(db, "query",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
83 klass=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
84 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
85 url=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
86 private_for=Link('user'))
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
87
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
88 # add any additional database schema configuration here
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
89
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
90 user = Class(db, "user",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
91 username=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
92 password=Password(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
93 address=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
94 realname=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
95 phone=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
96 organisation=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
97 alternate_addresses=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
98 queries=Multilink('query'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
99 roles=String(), # comma-separated string of Role names
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
100 timezone=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
101 vcs_name=String())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
102
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
103 user.setkey("username")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
104
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
105 # Permissions for revision creation and repository viewing.
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
106 for role in ('User',):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
107 db.security.addPermissionToRole(role, 'Create', 'vcs_rev')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
108 db.security.addPermissionToRole(role, 'View', 'vcs_repo')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
109
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
110 # FileClass automatically gets this property in addition to the Class ones:
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
111 # content = String() [saved to disk in <tracker home>/db/files/]
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
112 # type = String() [MIME type of the content, default 'text/plain']
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
113 msg = FileClass(db, "msg",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
114 author=Link("user", do_journal='no'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
115 recipients=Multilink("user", do_journal='no'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
116 date=Date(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
117 summary=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
118 files=Multilink("file"),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
119 messageid=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
120 inreplyto=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
121 revision=Link("vcs_rev"))
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
122
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
123 # File
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
124 file = FileClass(db, "file",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
125 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
126 description=String(indexme='yes'))
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
127
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
128 # Patch
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
129 patch = FileClass(db, "patch",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
130 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
131 description=String(indexme='yes'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
132 repository=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
133 revision=String())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
134
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
135 # Bug Type
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
136 bug_type = Class(db, 'bug_type',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
137 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
138 description=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
139 order=Number())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
140 bug_type.setkey('name')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
141
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
142 # IssueClass automatically gets these properties in addition to the Class ones:
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
143 # title = String()
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
144 # messages = Multilink("msg")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
145 # files = Multilink("file")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
146 # patches = Multilink("patches")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
147 # nosy = Multilink("user")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
148 # superseder = Multilink("issue")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
149 bug = IssueClass(db, "bug",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
150 type=Link('bug_type'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
151 components=Multilink('component'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
152 versions=Multilink('version'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
153 severity=Link('severity'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
154 priority=Link('priority'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
155 dependencies=Multilink('bug'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
156 assignee=Link('user'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
157 status=Link('status'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
158 resolution=Link('resolution'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
159 superseder=Link('bug'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
160 keywords=Multilink('keyword'))
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
161
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
162 # Task Type
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
163 task_type = Class(db, 'task_type',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
164 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
165 description=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
166 order=Number())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
167 task_type.setkey('name')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
168
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
169 # IssueClass automatically gets these properties in addition to the Class ones:
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
170 # title = String()
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
171 # messages = Multilink("msg")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
172 # files = Multilink("file")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
173 # nosy = Multilink("user")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
174 # superseder = Multilink("issue")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
175 task = IssueClass(db, "task",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
176 type=Link('task_type'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
177 components=Multilink('component'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
178 priority=Link('priority'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
179 dependencies=Multilink('task'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
180 assignee=Multilink('user'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
181 status=Link('status'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
182 resolution=Link('resolution'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
183 solves=Link('bug'))
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
184
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
185 milestone = IssueClass(db, "milestone",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
186 bugs=Multilink("bug"),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
187 tasks=Multilink("task"),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
188 status=Link("status"),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
189 release_date=String())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
190
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
191 #
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
192 # TRACKER SECURITY SETTINGS
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
193 #
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
194 # See the configuration and customisation document for information
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
195 # about security setup.
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
196
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
197 db.security.addRole(name='Developer', description='A developer')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
198 db.security.addRole(name='Coordinator', description='A coordinator')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
199
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
200 #
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
201 # REGULAR USERS
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
202 #
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
203 # Give the regular users access to the web and email interface
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
204 for r in 'User', 'Developer', 'Coordinator':
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
205 db.security.addPermissionToRole(r, 'Web Access')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
206 db.security.addPermissionToRole(r, 'Email Access')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
207
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
208 ##########################
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
209 # User permissions
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
210 ##########################
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
211
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
212 for cl in ('severity', 'component',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
213 'version', 'priority', 'status', 'resolution',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
214 'bug_type', 'bug', 'task_type', 'task', 'milestone',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
215 'keyword', 'file', 'msg'):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
216 db.security.addPermissionToRole('User', 'View', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
217 db.security.addPermissionToRole('Anonymous', 'View', cl)
4457
89dd446af2a8 Don't allow users to create tasks and milestones.
Stefan Seefeld <stefan@seefeld.name>
parents: 4454
diff changeset
218
89dd446af2a8 Don't allow users to create tasks and milestones.
Stefan Seefeld <stefan@seefeld.name>
parents: 4454
diff changeset
219 for cl in ('severity', 'component',
89dd446af2a8 Don't allow users to create tasks and milestones.
Stefan Seefeld <stefan@seefeld.name>
parents: 4454
diff changeset
220 'version', 'priority', 'status', 'resolution',
89dd446af2a8 Don't allow users to create tasks and milestones.
Stefan Seefeld <stefan@seefeld.name>
parents: 4454
diff changeset
221 'bug_type', 'bug', 'file', 'msg'):
4434
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
222 db.security.addPermissionToRole('User', 'Create', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
223
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
224
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
225 def may_edit_file(db, userid, itemid):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
226 return userid == db.file.get(itemid, "creator")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
227
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
228 p = db.security.addPermission(name='Edit', klass='file', check=may_edit_file,
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
229 description="User is allowed to remove their own files")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
230 db.security.addPermissionToRole('User', p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
231
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
232 p = db.security.addPermission(name='Create', klass='bug',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
233 properties=('title', 'bug_type',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
234 'components', 'versions',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
235 'severity',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
236 'messages', 'files', 'nosy'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
237 description='User can report and discuss bugs')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
238 db.security.addPermissionToRole('User', p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
239
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
240 p = db.security.addPermission(name='Edit', klass='bug',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
241 properties=('title', 'bug_type',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
242 'components', 'versions',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
243 'severity',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
244 'messages', 'files', 'nosy'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
245 description='User can report and discuss bugs')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
246 db.security.addPermissionToRole('User', p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
247
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
248 p = db.security.addPermission(name='Create', klass='task',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
249 properties=('title', 'task_type',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
250 'components',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
251 'messages', 'files', 'nosy'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
252 description='Developer can create and discuss tasks')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
253 db.security.addPermissionToRole('Developer', p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
254
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
255 p = db.security.addPermission(name='Edit', klass='task',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
256 properties=('title', 'task_type',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
257 'components',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
258 'messages', 'files', 'nosy'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
259 description='Developer can create and discuss tasks')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
260 db.security.addPermissionToRole('Developer', p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
261
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
262 p = db.security.addPermission(name='Create', klass='milestone',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
263 description='Coordinator can create and discuss milestones')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
264 db.security.addPermissionToRole('Coordinator', p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
265
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
266 p = db.security.addPermission(name='Edit', klass='milestone',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
267 description='Coordinator can create and discuss milestones')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
268 db.security.addPermissionToRole('Coordinator', p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
269
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
270
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
271 ##########################
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
272 # Developer permissions
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
273 ##########################
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
274 for cl in ('bug_type', 'severity', 'component',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
275 'version', 'priority', 'status', 'resolution',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
276 'bug', 'file', 'msg', 'keyword'):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
277 db.security.addPermissionToRole('Developer', 'View', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
278
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
279 for cl in ('bug', 'file', 'msg', 'keyword'):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
280 db.security.addPermissionToRole('Developer', 'Edit', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
281 db.security.addPermissionToRole('Developer', 'Create', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
282
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
283
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
284 ##########################
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
285 # Coordinator permissions
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
286 ##########################
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
287 for cl in ('bug_type', 'task_type', 'severity', 'component',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
288 'version', 'priority', 'status', 'resolution', 'bug', 'task', 'file', 'msg'):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
289 db.security.addPermissionToRole('Coordinator', 'View', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
290 db.security.addPermissionToRole('Coordinator', 'Edit', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
291 db.security.addPermissionToRole('Coordinator', 'Create', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
292
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
293 # May users view other user information? Comment these lines out
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
294 # if you don't want them to
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
295 db.security.addPermissionToRole('User', 'View', 'user')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
296 db.security.addPermissionToRole('Developer', 'View', 'user')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
297 db.security.addPermissionToRole('Coordinator', 'View', 'user')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
298
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
299 # Allow Coordinator to edit any user, including their roles.
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
300 db.security.addPermissionToRole('Coordinator', 'Edit', 'user')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
301 db.security.addPermissionToRole('Coordinator', 'Web Roles')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
302
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
303 # Users should be able to edit their own details -- this permission is
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
304 # limited to only the situation where the Viewed or Edited item is their own.
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
305 def own_record(db, userid, itemid):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
306 '''Determine whether the userid matches the item being accessed.'''
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
307 return userid == itemid
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
308 p = db.security.addPermission(name='View', klass='user', check=own_record,
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
309 description="User is allowed to view their own user details")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
310 for r in 'User', 'Developer', 'Coordinator':
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
311 db.security.addPermissionToRole(r, p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
312 p = db.security.addPermission(name='Edit', klass='user', check=own_record,
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
313 description="User is allowed to edit their own user details",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
314 properties=('username', 'password',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
315 'address', 'realname',
4676
d3f8d0be588c Issue2550783 - change spelling of organization to organisation so that
rouilj
parents: 4457
diff changeset
316 'phone', 'organisation',
4434
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
317 'alternate_addresses',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
318 'queries',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
319 'timezone')) # Note: 'roles' excluded - users should not be able to edit their own roles.
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
320 for r in 'User', 'Developer':
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
321 db.security.addPermissionToRole(r, p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
322
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
323 # Users should be able to edit and view their own queries. They should also
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
324 # be able to view any marked as not private. They should not be able to
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
325 # edit others' queries, even if they're not private
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
326 def view_query(db, userid, itemid):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
327 private_for = db.query.get(itemid, 'private_for')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
328 if not private_for: return True
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
329 return userid == private_for
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
330 def edit_query(db, userid, itemid):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
331 return userid == db.query.get(itemid, 'creator')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
332 p = db.security.addPermission(name='View', klass='query', check=view_query,
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
333 description="User is allowed to view their own and public queries")
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4434
diff changeset
334 p = db.security.addPermission(name='Search', klass='query')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4434
diff changeset
335 db.security.addPermissionToRole('User', p)
4434
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
336 for r in 'User', 'Developer', 'Coordinator':
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
337 db.security.addPermissionToRole(r, p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
338 p = db.security.addPermission(name='Edit', klass='query', check=edit_query,
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
339 description="User is allowed to edit their queries")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
340 for r in 'User', 'Developer', 'Coordinator':
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
341 db.security.addPermissionToRole(r, p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
342 p = db.security.addPermission(name='Create', klass='query',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
343 description="User is allowed to create queries")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
344 for r in 'User', 'Developer', 'Coordinator':
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
345 db.security.addPermissionToRole(r, p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
346
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
347
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
348 #
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
349 # ANONYMOUS USER PERMISSIONS
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
350 #
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
351 # Let anonymous users access the web interface. Note that almost all
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
352 # trackers will need this Permission. The only situation where it's not
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
353 # required is in a tracker that uses an HTTP Basic Authenticated front-end.
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
354 db.security.addPermissionToRole('Anonymous', 'Web Access')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
355
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
356 # Let anonymous users access the email interface (note that this implies
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
357 # that they will be registered automatically, hence they will need the
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
358 # "Create" user Permission below)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
359 # This is disabled by default to stop spam from auto-registering users on
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
360 # public trackers.
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
361 #db.security.addPermissionToRole('Anonymous', 'Email Access')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
362
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
363 # Assign the appropriate permissions to the anonymous user's Anonymous
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
364 # Role. Choices here are:
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
365 # - Allow anonymous users to register
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
366 db.security.addPermissionToRole('Anonymous', 'Create', 'user')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
367
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
368 # Allow anonymous users access to view issues (and the related, linked
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
369 # information).
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
370
4454
cc402f5ad93e Anonymous can only see bugs, but neither tasks nor milestones.
Stefan Seefeld <stefan@seefeld.name>
parents: 4437
diff changeset
371 for cl in 'bug', 'severity', 'status', 'resolution', 'msg', 'file':
4434
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
372 db.security.addPermissionToRole('Anonymous', 'View', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
373
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
374 # [OPTIONAL]
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
375 # Allow anonymous users access to create or edit "issue" items (and the
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
376 # related file and message items)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
377 #for cl in 'issue', 'file', 'msg':
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
378 # db.security.addPermissionToRole('Anonymous', 'Create', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
379 # db.security.addPermissionToRole('Anonymous', 'Edit', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
380
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
381
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
382 # vim: set filetype=python sts=4 sw=4 et si :
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
383
Roundup Issue Tracker: http://roundup-tracker.org/