Mercurial > p > roundup > code
comparison doc/customizing.txt @ 3126:a2889d22db4a
the cgi templating code now checks item-level
permissions (per alex's suggestion).
The templates themselves do not have row-level checks now.
Cleaned up the msg and file index templates to use batching.
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Fri, 04 Feb 2005 05:25:50 +0000 |
| parents | 5894c7bea8ce |
| children | 021b131bd816 |
comparison
equal
deleted
inserted
replaced
| 3123:5894c7bea8ce | 3126:a2889d22db4a |
|---|---|
| 1 =================== | 1 =================== |
| 2 Customising Roundup | 2 Customising Roundup |
| 3 =================== | 3 =================== |
| 4 | 4 |
| 5 :Version: $Revision: 1.169 $ | 5 :Version: $Revision: 1.170 $ |
| 6 | 6 |
| 7 .. This document borrows from the ZopeBook section on ZPT. The original is at: | 7 .. This document borrows from the ZopeBook section on ZPT. The original is at: |
| 8 http://www.zope.org/Documentation/Books/ZopeBook/current/ZPT.stx | 8 http://www.zope.org/Documentation/Books/ZopeBook/current/ZPT.stx |
| 9 | 9 |
| 10 .. contents:: | 10 .. contents:: |
| 930 the user attempting access and ``itemid`` is the specific item being | 930 the user attempting access and ``itemid`` is the specific item being |
| 931 accessed. | 931 accessed. |
| 932 | 932 |
| 933 Example Scenarios | 933 Example Scenarios |
| 934 ~~~~~~~~~~~~~~~~~ | 934 ~~~~~~~~~~~~~~~~~ |
| 935 | |
| 936 See the `examples`_ section for longer examples of customisation. | |
| 935 | 937 |
| 936 **automatic registration of users in the e-mail gateway** | 938 **automatic registration of users in the e-mail gateway** |
| 937 By giving the "anonymous" user the "Email Registration" Role, any | 939 By giving the "anonymous" user the "Email Registration" Role, any |
| 938 unidentified user will automatically be registered with the tracker | 940 unidentified user will automatically be registered with the tracker |
| 939 (with no password, so they won't be able to log in through the web | 941 (with no password, so they won't be able to log in through the web |
| 4035 ... | 4037 ... |
| 4036 new_web_user_roles = 'Provisional User' | 4038 new_web_user_roles = 'Provisional User' |
| 4037 new_email_user_roles = 'Provisional User' | 4039 new_email_user_roles = 'Provisional User' |
| 4038 | 4040 |
| 4039 | 4041 |
| 4042 All users may only view and edit issues, files and messages they create | |
| 4043 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
| 4044 | |
| 4045 Replace the standard "classic" tracker View and Edit Permission assignments | |
| 4046 for the "issue", "file" and "msg" classes with the following:: | |
| 4047 | |
| 4048 def checker(klass): | |
| 4049 def check(db, userid, itemid, klass=klass): | |
| 4050 return db.getclass(klass).get(itemid, 'creator') == userid | |
| 4051 for cl in 'issue', 'file', 'msg': | |
| 4052 p = db.security.addPermission(name='View', klass=cl, | |
| 4053 check=checker(cl)) | |
| 4054 db.security.addPermissionToRole('User', p) | |
| 4055 p = db.security.addPermission(name='Edit', klass=cl, | |
| 4056 check=checker(cl)) | |
| 4057 db.security.addPermissionToRole('User', p) | |
| 4058 db.security.addPermissionToRole('User', 'Create', cl) | |
| 4059 | |
| 4060 | |
| 4061 | |
| 4040 Changes to the Web User Interface | 4062 Changes to the Web User Interface |
| 4041 --------------------------------- | 4063 --------------------------------- |
| 4042 | 4064 |
| 4043 Adding action links to the index page | 4065 Adding action links to the index page |
| 4044 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | 4066 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |