Mercurial > p > roundup > code
comparison roundup/mailgw.py @ 928:23c9d4f86380
Added the web access and email access permissions..
...so people can restrict access to users who register through the
email interface (for example). Also added "security" command to the
roundup-admin interface to display the Role/Permission config for an
instance.
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Thu, 01 Aug 2002 00:56:22 +0000 |
| parents | 502a5ae11cc5 |
| children | 8d8db618c2c3 |
comparison
equal
deleted
inserted
replaced
| 927:51519406b73e | 928:23c9d4f86380 |
|---|---|
| 71 set() method to add the message to the item's spool; in the second case we | 71 set() method to add the message to the item's spool; in the second case we |
| 72 are calling the create() method to create a new node). If an auditor raises | 72 are calling the create() method to create a new node). If an auditor raises |
| 73 an exception, the original message is bounced back to the sender with the | 73 an exception, the original message is bounced back to the sender with the |
| 74 explanatory message given in the exception. | 74 explanatory message given in the exception. |
| 75 | 75 |
| 76 $Id: mailgw.py,v 1.79 2002-07-26 08:26:59 richard Exp $ | 76 $Id: mailgw.py,v 1.80 2002-08-01 00:56:22 richard Exp $ |
| 77 ''' | 77 ''' |
| 78 | 78 |
| 79 | 79 |
| 80 import string, re, os, mimetools, cStringIO, smtplib, socket, binascii, quopri | 80 import string, re, os, mimetools, cStringIO, smtplib, socket, binascii, quopri |
| 81 import time, random | 81 import time, random |
| 102 This function is directly invoked by security.Security.__init__() | 102 This function is directly invoked by security.Security.__init__() |
| 103 as a part of the Security object instantiation. | 103 as a part of the Security object instantiation. |
| 104 ''' | 104 ''' |
| 105 newid = security.addPermission(name="Email Registration", | 105 newid = security.addPermission(name="Email Registration", |
| 106 description="Anonymous may register through e-mail") | 106 description="Anonymous may register through e-mail") |
| 107 security.addPermission(name="Email Access", | |
| 108 description="User may use the email interface") | |
| 107 | 109 |
| 108 class Message(mimetools.Message): | 110 class Message(mimetools.Message): |
| 109 ''' subclass mimetools.Message so we can retrieve the parts of the | 111 ''' subclass mimetools.Message so we can retrieve the parts of the |
| 110 message... | 112 message... |
| 111 ''' | 113 ''' |
| 525 create = 1 | 527 create = 1 |
| 526 anonid = self.db.user.lookup('anonymous') | 528 anonid = self.db.user.lookup('anonymous') |
| 527 if not self.db.security.hasPermission('Email Registration', anonid): | 529 if not self.db.security.hasPermission('Email Registration', anonid): |
| 528 create = 0 | 530 create = 0 |
| 529 | 531 |
| 532 # ok, now figure out who the author is - create a new user if the | |
| 533 # "create" flag is true | |
| 530 author = uidFromAddress(self.db, message.getaddrlist('from')[0], | 534 author = uidFromAddress(self.db, message.getaddrlist('from')[0], |
| 531 create=create) | 535 create=create) |
| 536 | |
| 537 # no author? means we're not author | |
| 532 if not author: | 538 if not author: |
| 533 raise Unauthorized, ''' | 539 raise Unauthorized, ''' |
| 534 You are not a registered user. | 540 You are not a registered user. |
| 535 | 541 |
| 536 Unknown address: %s | 542 Unknown address: %s |
| 537 '''%message.getaddrlist('from')[0][1] | 543 '''%message.getaddrlist('from')[0][1] |
| 544 | |
| 545 # make sure the author has permission to use the email interface | |
| 546 if not self.db.security.hasPermission('Email Access', author): | |
| 547 raise Unauthorized, 'You are not permitted to access this tracker.' | |
| 538 | 548 |
| 539 # the author may have been created - make sure the change is | 549 # the author may have been created - make sure the change is |
| 540 # committed before we reopen the database | 550 # committed before we reopen the database |
| 541 self.db.commit() | 551 self.db.commit() |
| 542 | 552 |
| 841 content = '\n\n'.join(l) | 851 content = '\n\n'.join(l) |
| 842 return summary, content | 852 return summary, content |
| 843 | 853 |
| 844 # | 854 # |
| 845 # $Log: not supported by cvs2svn $ | 855 # $Log: not supported by cvs2svn $ |
| 856 # Revision 1.79 2002/07/26 08:26:59 richard | |
| 857 # Very close now. The cgi and mailgw now use the new security API. The two | |
| 858 # templates have been migrated to that setup. Lots of unit tests. Still some | |
| 859 # issue in the web form for editing Roles assigned to users. | |
| 860 # | |
| 846 # Revision 1.78 2002/07/25 07:14:06 richard | 861 # Revision 1.78 2002/07/25 07:14:06 richard |
| 847 # Bugger it. Here's the current shape of the new security implementation. | 862 # Bugger it. Here's the current shape of the new security implementation. |
| 848 # Still to do: | 863 # Still to do: |
| 849 # . call the security funcs from cgi and mailgw | 864 # . call the security funcs from cgi and mailgw |
| 850 # . change shipped templates to include correct initialisation and remove | 865 # . change shipped templates to include correct initialisation and remove |