Mercurial > p > roundup > code
comparison roundup/templates/classic/dbinit.py @ 928:23c9d4f86380
Added the web access and email access permissions..
...so people can restrict access to users who register through the
email interface (for example). Also added "security" command to the
roundup-admin interface to display the Role/Permission config for an
instance.
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Thu, 01 Aug 2002 00:56:22 +0000 |
| parents | 502a5ae11cc5 |
| children | e02093543d59 |
comparison
equal
deleted
inserted
replaced
| 927:51519406b73e | 928:23c9d4f86380 |
|---|---|
| 13 # BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS | 13 # BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
| 14 # FOR A PARTICULAR PURPOSE. THE CODE PROVIDED HEREUNDER IS ON AN "AS IS" | 14 # FOR A PARTICULAR PURPOSE. THE CODE PROVIDED HEREUNDER IS ON AN "AS IS" |
| 15 # BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE, | 15 # BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE, |
| 16 # SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. | 16 # SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. |
| 17 # | 17 # |
| 18 # $Id: dbinit.py,v 1.21 2002-07-26 08:26:59 richard Exp $ | 18 # $Id: dbinit.py,v 1.22 2002-08-01 00:56:22 richard Exp $ |
| 19 | 19 |
| 20 import os | 20 import os |
| 21 | 21 |
| 22 import instance_config | 22 import instance_config |
| 23 from select_db import Database, Class, FileClass, IssueClass | 23 from select_db import Database, Class, FileClass, IssueClass |
| 95 for cl in 'issue', 'file', 'msg': | 95 for cl in 'issue', 'file', 'msg': |
| 96 db.security.addPermission(name="Edit", klass=cl, | 96 db.security.addPermission(name="Edit", klass=cl, |
| 97 description="User is allowed to edit "+cl) | 97 description="User is allowed to edit "+cl) |
| 98 db.security.addPermission(name="View", klass=cl, | 98 db.security.addPermission(name="View", klass=cl, |
| 99 description="User is allowed to access "+cl) | 99 description="User is allowed to access "+cl) |
| 100 | |
| 101 # Assign the access and edit permissions for issue, file and message | |
| 102 # to regular users now | |
| 103 for cl in 'issue', 'file', 'msg': | |
| 104 p = db.security.getPermission('View', cl) | |
| 105 db.security.addPermissionToRole('User', p) | |
| 106 p = db.security.getPermission('Edit', cl) | |
| 107 db.security.addPermissionToRole('User', p) | |
| 108 # and give the regular users access to the web and email interface | |
| 109 p = db.security.getPermission('Web Access') | |
| 110 db.security.addPermissionToRole('User', p) | |
| 111 p = db.security.getPermission('Email Access') | |
| 112 db.security.addPermissionToRole('User', p) | |
| 100 | 113 |
| 101 # Assign the appropriate permissions to the anonymous user's Anonymous | 114 # Assign the appropriate permissions to the anonymous user's Anonymous |
| 102 # Role. Choices here are: | 115 # Role. Choices here are: |
| 103 # - Allow anonymous users to register through the web | 116 # - Allow anonymous users to register through the web |
| 104 p = db.security.getPermission('Web Registration') | 117 p = db.security.getPermission('Web Registration') |
| 115 # Note: this also grants access to create related information like | 128 # Note: this also grants access to create related information like |
| 116 # files and messages etc that are linked to issues | 129 # files and messages etc that are linked to issues |
| 117 #p = db.security.getPermission('Edit', 'issue') | 130 #p = db.security.getPermission('Edit', 'issue') |
| 118 #db.security.addPermissionToRole('Anonymous', p) | 131 #db.security.addPermissionToRole('Anonymous', p) |
| 119 | 132 |
| 120 # Assign the access and edit permissions for issue, file and message | 133 # oh, g'wan, let anonymous access the web interface too |
| 121 # to regular users now | 134 p = db.security.getPermission('Web Access') |
| 122 for cl in 'issue', 'file', 'msg': | 135 db.security.addPermissionToRole('Anonymous', p) |
| 123 p = db.security.getPermission('View', cl) | |
| 124 db.security.addPermissionToRole('User', p) | |
| 125 p = db.security.getPermission('Edit', cl) | |
| 126 db.security.addPermissionToRole('User', p) | |
| 127 | 136 |
| 128 import detectors | 137 import detectors |
| 129 detectors.init(db) | 138 detectors.init(db) |
| 130 | 139 |
| 131 # schema is set up - run any post-initialisation | 140 # schema is set up - run any post-initialisation |
| 174 | 183 |
| 175 db.commit() | 184 db.commit() |
| 176 | 185 |
| 177 # | 186 # |
| 178 # $Log: not supported by cvs2svn $ | 187 # $Log: not supported by cvs2svn $ |
| 188 # Revision 1.21 2002/07/26 08:26:59 richard | |
| 189 # Very close now. The cgi and mailgw now use the new security API. The two | |
| 190 # templates have been migrated to that setup. Lots of unit tests. Still some | |
| 191 # issue in the web form for editing Roles assigned to users. | |
| 192 # | |
| 179 # Revision 1.20 2002/07/17 12:39:10 gmcm | 193 # Revision 1.20 2002/07/17 12:39:10 gmcm |
| 180 # Saving, running & editing queries. | 194 # Saving, running & editing queries. |
| 181 # | 195 # |
| 182 # Revision 1.19 2002/07/14 02:05:54 richard | 196 # Revision 1.19 2002/07/14 02:05:54 richard |
| 183 # . all storage-specific code (ie. backend) is now implemented by the backends | 197 # . all storage-specific code (ie. backend) is now implemented by the backends |