Mercurial > p > roundup > code
comparison roundup/hyperdb.py @ 5315:5a014410f254
Fix issue2550954: History display breaks
.. on removed properties: Now changes to removed properties, and
link/unlink events from non-existing properties or classes no longer
trigger a traceback. Concerning the visibility: We have a new
config-item obsolete_history_roles in the main section that defines
which roles may see removed properties. By default only role Admin is
allowed to see these.
| author | Ralf Schlatterbeck <rsc@runtux.com> |
|---|---|
| date | Thu, 19 Apr 2018 12:59:23 +0200 |
| parents | 20084e2b48c3 |
| children | 506c7ee9a385 |
comparison
equal
deleted
inserted
replaced
| 5314:7bcbcdd719a8 | 5315:5a014410f254 |
|---|---|
| 1013 not be shown. This can be disabled by setting skipquiet=False. | 1013 not be shown. This can be disabled by setting skipquiet=False. |
| 1014 | 1014 |
| 1015 If the user requesting the history does not have View access | 1015 If the user requesting the history does not have View access |
| 1016 to the property, the journal entry will not be shown. This can | 1016 to the property, the journal entry will not be shown. This can |
| 1017 be disabled by setting enforceperm=False. | 1017 be disabled by setting enforceperm=False. |
| 1018 | |
| 1019 Note that there is a check for obsolete properties and classes | |
| 1020 resulting from history changes. These are also only checked if | |
| 1021 enforceperm is True. | |
| 1018 """ | 1022 """ |
| 1019 if not self.do_journal: | 1023 if not self.do_journal: |
| 1020 raise ValueError('Journalling is disabled for this class') | 1024 raise ValueError('Journalling is disabled for this class') |
| 1021 | 1025 |
| 1022 perm = self.db.security.hasPermission | 1026 perm = self.db.security.hasPermission |
| 1023 journal = [] | 1027 journal = [] |
| 1024 | 1028 |
| 1025 uid=self.db.getuid() # id of the person requesting the history | 1029 uid=self.db.getuid() # id of the person requesting the history |
| 1030 | |
| 1031 # Roles of the user and the configured obsolete_history_roles | |
| 1032 hr = set(iter_roles(self.db.config.OBSOLETE_HISTORY_ROLES)) | |
| 1033 ur = set(self.db.user.get_roles(uid)) | |
| 1034 allow_obsolete = bool(hr & ur) | |
| 1026 | 1035 |
| 1027 for j in self.db.getjournal(self.classname, nodeid): | 1036 for j in self.db.getjournal(self.classname, nodeid): |
| 1028 # hide/remove journal entry if: | 1037 # hide/remove journal entry if: |
| 1029 # property is quiet | 1038 # property is quiet |
| 1030 # property is not (viewable or editable) | 1039 # property is not (viewable or editable) |
| 1040 # property is obsolete and not allow_obsolete | |
| 1031 id, evt_date, user, action, args = j | 1041 id, evt_date, user, action, args = j |
| 1032 if logger.isEnabledFor(logging.DEBUG): | 1042 if logger.isEnabledFor(logging.DEBUG): |
| 1033 j_repr = "%s"%(j,) | 1043 j_repr = "%s"%(j,) |
| 1034 else: | 1044 else: |
| 1035 j_repr='' | 1045 j_repr='' |
| 1036 if args and type(args) == type({}): | 1046 if args and type(args) == type({}): |
| 1037 for key in args.keys(): | 1047 for key in args.keys(): |
| 1048 if key not in self.properties : | |
| 1049 if enforceperm and not allow_obsolete: | |
| 1050 del j[4][key] | |
| 1051 continue | |
| 1038 if skipquiet and self.properties[key].quiet: | 1052 if skipquiet and self.properties[key].quiet: |
| 1039 logger.debug("skipping quiet property" | 1053 logger.debug("skipping quiet property" |
| 1040 " %s::%s in %s", | 1054 " %s::%s in %s", |
| 1041 self.classname, key, j_repr) | 1055 self.classname, key, j_repr) |
| 1042 del j[4][key] | 1056 del j[4][key] |
| 1046 self.classname, | 1060 self.classname, |
| 1047 property=key ) or perm("Edit", | 1061 property=key ) or perm("Edit", |
| 1048 uid, | 1062 uid, |
| 1049 self.classname, | 1063 self.classname, |
| 1050 property=key )): | 1064 property=key )): |
| 1051 logger.debug("skipping unaccessible property %s::%s seen by user%s in %s", | 1065 logger.debug("skipping unaccessible property " |
| 1066 "%s::%s seen by user%s in %s", | |
| 1052 self.classname, key, uid, j_repr) | 1067 self.classname, key, uid, j_repr) |
| 1053 del j[4][key] | 1068 del j[4][key] |
| 1054 continue | 1069 continue |
| 1055 if not args: | 1070 if not args: |
| 1056 logger.debug("Omitting journal entry for %s%s" | 1071 logger.debug("Omitting journal entry for %s%s" |
| 1076 if len(args) == 3: | 1091 if len(args) == 3: |
| 1077 # e.g. for issue3 blockedby adds link to issue5 with: | 1092 # e.g. for issue3 blockedby adds link to issue5 with: |
| 1078 # j = id, evt_date, user, action, args | 1093 # j = id, evt_date, user, action, args |
| 1079 # 3|20170528045201.484|5|link|('issue', '5', 'blockedby') | 1094 # 3|20170528045201.484|5|link|('issue', '5', 'blockedby') |
| 1080 linkcl, linkid, key = args | 1095 linkcl, linkid, key = args |
| 1081 cls = self.db.getclass(linkcl) | 1096 cls = None |
| 1097 try: | |
| 1098 cls = self.db.getclass(linkcl) | |
| 1099 except KeyError: | |
| 1100 pass | |
| 1101 # obsolete property or class | |
| 1102 if not cls or key not in cls.properties: | |
| 1103 if not enforceperm or allow_obsolete: | |
| 1104 journal.append(j) | |
| 1105 continue | |
| 1082 # is the updated property quiet? | 1106 # is the updated property quiet? |
| 1083 if skipquiet and cls.properties[key].quiet: | 1107 if skipquiet and cls.properties[key].quiet: |
| 1084 logger.debug("skipping quiet property: " | 1108 logger.debug("skipping quiet property: " |
| 1085 "%s %sed %s%s", | 1109 "%s %sed %s%s", |
| 1086 j_repr, action, self.classname, nodeid) | 1110 j_repr, action, self.classname, nodeid) |