Mercurial > p > roundup > code

annotate share/roundup/templates/devel/schema.py @ 5548:fea11d05110e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Avoid errors from selecting "no selection" on multilink (issue2550722). As discussed in issue 2550722 there are various cases where selecting "no selection" on a multilink can result in inappropriate errors from Roundup: * If selecting "no selection" produces a null edit (a value was set in the multilink in an edit with an error, then removed again, along with all other changes, in the next form submission), so the page is rendered from the form contents including the "-<id>" value for "no selection" for the multilink. * If creating an item with a nonempty value for a multilink has an error, and the resubmission changes that multilink to "no selection" (and this in turn has subcases, according to whether the creation then succeeds or fails on the resubmission, which need fixes in different places in the Roundup code). All of these cases have in common that it is expected and OK to have a "-<id>" value for a submission for a multilink when <id> is not set in that multilink in the database (because the original attempt to set <id> in that multilink had an error), so the hyperdb.py logic to give an error in that case is thus removed. In the subcase of the second case where the resubmission with "no selection" has an error, the templating code tries to produce a menu entry for the "-<id>" multilink value, which also results in an error, hence the templating.py change to ignore such values in the list for a multilink.
author Joseph Myers <jsm@polyomino.org.uk>
date Thu, 27 Sep 2018 11:33:01 +0000
parents 602d544e3a93
children 94a7669677ae
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4434
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
1
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
2 #
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
3 # TRACKER SCHEMA
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
4 #
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
5
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
6 # Class automatically gets these properties:
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
7 # creation = Date()
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
8 # activity = Date()
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
9 # creator = Link('user')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
10 # actor = Link('user')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
11
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
12
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
13 # This is the repository class, then you can see/edit repositories in pages like
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
14 # "http://tracker/url/vcs_repo1"
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
15 vcs_repo = Class(db, "vcs_repo",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
16 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
17 host=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
18 path=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
19 webview_url=String())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
20 vcs_repo.setkey('name')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
21
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
22 # Stores revision data, lets you see/edit revisions in pages like
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
23 # "http://tracker/url/vcs_rev1". The vcs_rev.item.html template is currently
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
24 # broken, but this works fine without it.
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
25 vcs_rev = Class(db, "vcs_rev",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
26 repository=Link('vcs_repo'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
27 revision=String())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
28
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
29
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
30
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
31 # Component
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
32 component = Class(db, 'component',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
33 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
34 description=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
35 order=Number(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
36 assign_to=Link('user'))
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
37 component.setkey('name')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
38
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
39 # Version
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
40 version = Class(db, 'version',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
41 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
42 description=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
43 order=Number())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
44 version.setkey('name')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
45
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
46 # Severity
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
47 severity = Class(db, 'severity',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
48 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
49 description=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
50 order=Number())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
51 severity.setkey('name')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
52
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
53 # Priority
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
54 priority = Class(db, 'priority',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
55 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
56 description=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
57 order=Number())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
58 priority.setkey('name')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
59
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
60 # Status
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
61 status = Class(db, "status",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
62 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
63 description=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
64 order=Number())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
65 status.setkey("name")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
66
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
67 # Resolution
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
68 resolution = Class(db, "resolution",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
69 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
70 description=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
71 order=Number())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
72 resolution.setkey('name')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
73
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
74 # Keyword
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
75 keyword = Class(db, "keyword",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
76 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
77 description=String())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
78 keyword.setkey("name")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
79
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
80
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
81 # User-defined saved searches
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
82 query = Class(db, "query",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
83 klass=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
84 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
85 url=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
86 private_for=Link('user'))
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
87
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
88 # add any additional database schema configuration here
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
89
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
90 user = Class(db, "user",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
91 username=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
92 password=Password(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
93 address=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
94 realname=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
95 phone=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
96 organisation=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
97 alternate_addresses=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
98 queries=Multilink('query'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
99 roles=String(), # comma-separated string of Role names
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
100 timezone=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
101 vcs_name=String())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
102
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
103 user.setkey("username")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
104
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
105 # Permissions for revision creation and repository viewing.
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
106 for role in ('User',):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
107 db.security.addPermissionToRole(role, 'Create', 'vcs_rev')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
108 db.security.addPermissionToRole(role, 'View', 'vcs_repo')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
109
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
110 # FileClass automatically gets this property in addition to the Class ones:
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
111 # content = String() [saved to disk in <tracker home>/db/files/]
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
112 # type = String() [MIME type of the content, default 'text/plain']
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
113 msg = FileClass(db, "msg",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
114 author=Link("user", do_journal='no'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
115 recipients=Multilink("user", do_journal='no'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
116 date=Date(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
117 summary=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
118 files=Multilink("file"),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
119 messageid=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
120 inreplyto=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
121 revision=Link("vcs_rev"))
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
122
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
123 # File
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
124 file = FileClass(db, "file",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
125 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
126 description=String(indexme='yes'))
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
127
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
128 # Patch
5136
602d544e3a93 fixing some mismatched patches/patch references that I borked in a prior checkin. Patch support was not and still is not working. But at least this tracker runs without errors with demo.py -t devel, just missing features.
John Rouillard <rouilj@ieee.org>
parents: 5134
diff changeset
129 patches = FileClass(db, "patches",
4434
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
130 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
131 description=String(indexme='yes'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
132 repository=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
133 revision=String())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
134
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
135 # Bug Type
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
136 bug_type = Class(db, 'bug_type',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
137 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
138 description=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
139 order=Number())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
140 bug_type.setkey('name')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
141
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
142 # IssueClass automatically gets these properties in addition to the Class ones:
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
143 # title = String()
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
144 # messages = Multilink("msg")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
145 # files = Multilink("file")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
146 # patches = Multilink("patches")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
147 # nosy = Multilink("user")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
148 # superseder = Multilink("issue")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
149 bug = IssueClass(db, "bug",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
150 type=Link('bug_type'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
151 components=Multilink('component'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
152 versions=Multilink('version'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
153 severity=Link('severity'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
154 priority=Link('priority'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
155 dependencies=Multilink('bug'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
156 assignee=Link('user'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
157 status=Link('status'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
158 resolution=Link('resolution'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
159 superseder=Link('bug'),
5049
29bd12331b86 issue2550601: add multilink to patches to the bug issue. The doc string above the definition already included the code.
John Rouillard <rouilj@ieee.org>
parents: 4902
diff changeset
160 keywords=Multilink('keyword'),
29bd12331b86 issue2550601: add multilink to patches to the bug issue. The doc string above the definition already included the code.
John Rouillard <rouilj@ieee.org>
parents: 4902
diff changeset
161 patches=Multilink('patches'))
4434
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
162
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
163 # Task Type
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
164 task_type = Class(db, 'task_type',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
165 name=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
166 description=String(),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
167 order=Number())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
168 task_type.setkey('name')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
169
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
170 # IssueClass automatically gets these properties in addition to the Class ones:
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
171 # title = String()
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
172 # messages = Multilink("msg")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
173 # files = Multilink("file")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
174 # nosy = Multilink("user")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
175 # superseder = Multilink("issue")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
176 task = IssueClass(db, "task",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
177 type=Link('task_type'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
178 components=Multilink('component'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
179 priority=Link('priority'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
180 dependencies=Multilink('task'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
181 assignee=Multilink('user'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
182 status=Link('status'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
183 resolution=Link('resolution'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
184 solves=Link('bug'))
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
185
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
186 milestone = IssueClass(db, "milestone",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
187 bugs=Multilink("bug"),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
188 tasks=Multilink("task"),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
189 status=Link("status"),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
190 release_date=String())
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
191
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
192 #
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
193 # TRACKER SECURITY SETTINGS
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
194 #
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
195 # See the configuration and customisation document for information
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
196 # about security setup.
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
197
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
198 db.security.addRole(name='Developer', description='A developer')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
199 db.security.addRole(name='Coordinator', description='A coordinator')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
200
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
201 #
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
202 # REGULAR USERS
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
203 #
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
204 # Give the regular users access to the web and email interface
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
205 for r in 'User', 'Developer', 'Coordinator':
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
206 db.security.addPermissionToRole(r, 'Web Access')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
207 db.security.addPermissionToRole(r, 'Email Access')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
208
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
209 ##########################
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
210 # User permissions
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
211 ##########################
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
212
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
213 for cl in ('severity', 'component',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
214 'version', 'priority', 'status', 'resolution',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
215 'bug_type', 'bug', 'task_type', 'task', 'milestone',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
216 'keyword', 'file', 'msg'):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
217 db.security.addPermissionToRole('User', 'View', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
218 db.security.addPermissionToRole('Anonymous', 'View', cl)
4457
89dd446af2a8 Don't allow users to create tasks and milestones.
Stefan Seefeld <stefan@seefeld.name>
parents: 4454
diff changeset
219
89dd446af2a8 Don't allow users to create tasks and milestones.
Stefan Seefeld <stefan@seefeld.name>
parents: 4454
diff changeset
220 for cl in ('severity', 'component',
89dd446af2a8 Don't allow users to create tasks and milestones.
Stefan Seefeld <stefan@seefeld.name>
parents: 4454
diff changeset
221 'version', 'priority', 'status', 'resolution',
89dd446af2a8 Don't allow users to create tasks and milestones.
Stefan Seefeld <stefan@seefeld.name>
parents: 4454
diff changeset
222 'bug_type', 'bug', 'file', 'msg'):
4434
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
223 db.security.addPermissionToRole('User', 'Create', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
224
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
225
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
226 def may_edit_file(db, userid, itemid):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
227 return userid == db.file.get(itemid, "creator")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
228
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
229 p = db.security.addPermission(name='Edit', klass='file', check=may_edit_file,
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
230 description="User is allowed to remove their own files")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
231 db.security.addPermissionToRole('User', p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
232
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
233 p = db.security.addPermission(name='Create', klass='bug',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
234 properties=('title', 'bug_type',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
235 'components', 'versions',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
236 'severity',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
237 'messages', 'files', 'nosy'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
238 description='User can report and discuss bugs')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
239 db.security.addPermissionToRole('User', p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
240
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
241 p = db.security.addPermission(name='Edit', klass='bug',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
242 properties=('title', 'bug_type',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
243 'components', 'versions',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
244 'severity',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
245 'messages', 'files', 'nosy'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
246 description='User can report and discuss bugs')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
247 db.security.addPermissionToRole('User', p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
248
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
249 p = db.security.addPermission(name='Create', klass='task',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
250 properties=('title', 'task_type',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
251 'components',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
252 'messages', 'files', 'nosy'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
253 description='Developer can create and discuss tasks')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
254 db.security.addPermissionToRole('Developer', p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
255
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
256 p = db.security.addPermission(name='Edit', klass='task',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
257 properties=('title', 'task_type',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
258 'components',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
259 'messages', 'files', 'nosy'),
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
260 description='Developer can create and discuss tasks')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
261 db.security.addPermissionToRole('Developer', p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
262
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
263 p = db.security.addPermission(name='Create', klass='milestone',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
264 description='Coordinator can create and discuss milestones')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
265 db.security.addPermissionToRole('Coordinator', p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
266
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
267 p = db.security.addPermission(name='Edit', klass='milestone',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
268 description='Coordinator can create and discuss milestones')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
269 db.security.addPermissionToRole('Coordinator', p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
270
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
271
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
272 ##########################
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
273 # Developer permissions
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
274 ##########################
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
275 for cl in ('bug_type', 'severity', 'component',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
276 'version', 'priority', 'status', 'resolution',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
277 'bug', 'file', 'msg', 'keyword'):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
278 db.security.addPermissionToRole('Developer', 'View', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
279
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
280 for cl in ('bug', 'file', 'msg', 'keyword'):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
281 db.security.addPermissionToRole('Developer', 'Edit', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
282 db.security.addPermissionToRole('Developer', 'Create', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
283
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
284
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
285 ##########################
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
286 # Coordinator permissions
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
287 ##########################
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
288 for cl in ('bug_type', 'task_type', 'severity', 'component',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
289 'version', 'priority', 'status', 'resolution', 'bug', 'task', 'file', 'msg'):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
290 db.security.addPermissionToRole('Coordinator', 'View', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
291 db.security.addPermissionToRole('Coordinator', 'Edit', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
292 db.security.addPermissionToRole('Coordinator', 'Create', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
293
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
294 # May users view other user information? Comment these lines out
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
295 # if you don't want them to
4902
a403c29ffaf9 Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4676
diff changeset
296 p = db.security.addPermission(name='View', klass='user',
a403c29ffaf9 Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4676
diff changeset
297 properties=('id', 'organisation', 'phone', 'realname', 'timezone',
a403c29ffaf9 Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4676
diff changeset
298 'vcs_name', 'username'))
a403c29ffaf9 Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4676
diff changeset
299 db.security.addPermissionToRole('User', p)
a403c29ffaf9 Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4676
diff changeset
300 db.security.addPermissionToRole('Developer', p)
a403c29ffaf9 Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4676
diff changeset
301
a403c29ffaf9 Security fix default user permissions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4676
diff changeset
302 # Coordinator may also edit users, so they may see everything:
4434
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
303 db.security.addPermissionToRole('Coordinator', 'View', 'user')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
304
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
305 # Allow Coordinator to edit any user, including their roles.
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
306 db.security.addPermissionToRole('Coordinator', 'Edit', 'user')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
307 db.security.addPermissionToRole('Coordinator', 'Web Roles')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
308
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
309 # Users should be able to edit their own details -- this permission is
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
310 # limited to only the situation where the Viewed or Edited item is their own.
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
311 def own_record(db, userid, itemid):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
312 '''Determine whether the userid matches the item being accessed.'''
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
313 return userid == itemid
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
314 p = db.security.addPermission(name='View', klass='user', check=own_record,
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
315 description="User is allowed to view their own user details")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
316 for r in 'User', 'Developer', 'Coordinator':
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
317 db.security.addPermissionToRole(r, p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
318 p = db.security.addPermission(name='Edit', klass='user', check=own_record,
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
319 description="User is allowed to edit their own user details",
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
320 properties=('username', 'password',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
321 'address', 'realname',
4676
d3f8d0be588c Issue2550783 - change spelling of organization to organisation so that
rouilj
parents: 4457
diff changeset
322 'phone', 'organisation',
4434
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
323 'alternate_addresses',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
324 'queries',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
325 'timezone')) # Note: 'roles' excluded - users should not be able to edit their own roles.
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
326 for r in 'User', 'Developer':
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
327 db.security.addPermissionToRole(r, p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
328
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
329 # Users should be able to edit and view their own queries. They should also
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
330 # be able to view any marked as not private. They should not be able to
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
331 # edit others' queries, even if they're not private
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
332 def view_query(db, userid, itemid):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
333 private_for = db.query.get(itemid, 'private_for')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
334 if not private_for: return True
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
335 return userid == private_for
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
336 def edit_query(db, userid, itemid):
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
337 return userid == db.query.get(itemid, 'creator')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
338 p = db.security.addPermission(name='View', klass='query', check=view_query,
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
339 description="User is allowed to view their own and public queries")
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4434
diff changeset
340 p = db.security.addPermission(name='Search', klass='query')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4434
diff changeset
341 db.security.addPermissionToRole('User', p)
4434
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
342 for r in 'User', 'Developer', 'Coordinator':
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
343 db.security.addPermissionToRole(r, p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
344 p = db.security.addPermission(name='Edit', klass='query', check=edit_query,
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
345 description="User is allowed to edit their queries")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
346 for r in 'User', 'Developer', 'Coordinator':
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
347 db.security.addPermissionToRole(r, p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
348 p = db.security.addPermission(name='Create', klass='query',
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
349 description="User is allowed to create queries")
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
350 for r in 'User', 'Developer', 'Coordinator':
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
351 db.security.addPermissionToRole(r, p)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
352
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
353
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
354 #
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
355 # ANONYMOUS USER PERMISSIONS
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
356 #
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
357 # Let anonymous users access the web interface. Note that almost all
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
358 # trackers will need this Permission. The only situation where it's not
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
359 # required is in a tracker that uses an HTTP Basic Authenticated front-end.
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
360 db.security.addPermissionToRole('Anonymous', 'Web Access')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
361
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
362 # Let anonymous users access the email interface (note that this implies
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
363 # that they will be registered automatically, hence they will need the
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
364 # "Create" user Permission below)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
365 # This is disabled by default to stop spam from auto-registering users on
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
366 # public trackers.
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
367 #db.security.addPermissionToRole('Anonymous', 'Email Access')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
368
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
369 # Assign the appropriate permissions to the anonymous user's Anonymous
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
370 # Role. Choices here are:
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
371 # - Allow anonymous users to register
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
372 db.security.addPermissionToRole('Anonymous', 'Create', 'user')
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
373
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
374 # Allow anonymous users access to view issues (and the related, linked
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
375 # information).
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
376
4454
cc402f5ad93e Anonymous can only see bugs, but neither tasks nor milestones.
Stefan Seefeld <stefan@seefeld.name>
parents: 4437
diff changeset
377 for cl in 'bug', 'severity', 'status', 'resolution', 'msg', 'file':
4434
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
378 db.security.addPermissionToRole('Anonymous', 'View', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
379
5113
cf112b90fa8d issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents: 5049
diff changeset
380 # Allow the anonymous user to use the "Show Unassigned" search.
cf112b90fa8d issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents: 5049
diff changeset
381 # It acts like "Show Open" if this permission is not available.
cf112b90fa8d issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents: 5049
diff changeset
382 # If you are running a tracker that does not allow read access for
cf112b90fa8d issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents: 5049
diff changeset
383 # anonymous, you should remove this entry as it can be used to perform
cf112b90fa8d issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents: 5049
diff changeset
384 # a username guessing attack against a roundup install.
cf112b90fa8d issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents: 5049
diff changeset
385 p = db.security.addPermission(name='Search', klass='user')
cf112b90fa8d issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents: 5049
diff changeset
386 db.security.addPermissionToRole ('Anonymous', p)
cf112b90fa8d issue2550855: added search perms for anonymous to the user class.
John Rouillard <rouilj@ieee.org>
parents: 5049
diff changeset
387
4434
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
388 # [OPTIONAL]
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
389 # Allow anonymous users access to create or edit "issue" items (and the
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
390 # related file and message items)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
391 #for cl in 'issue', 'file', 'msg':
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
392 # db.security.addPermissionToRole('Anonymous', 'Create', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
393 # db.security.addPermissionToRole('Anonymous', 'Edit', cl)
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
394
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
395
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
396 # vim: set filetype=python sts=4 sw=4 et si :
b419f29b1e2f Add new tracker template.
Stefan Seefeld <stefan@seefeld.name>
parents:
diff changeset
397
Roundup Issue Tracker: http://roundup-tracker.org/