Mercurial > p > roundup > code

comparison website/issues/schema.py @ 4566:b8119ba37707

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Merge branch 'website'
author Eric S. Raymond <esr@thyrsus.com>
date Sun, 13 Nov 2011 11:18:42 -0500
parents a4dc087f3088
children a403c29ffaf9
comparison
equal deleted inserted replaced
4564:6327b1b21593 4566:b8119ba37707
1
2 #
3 # TRACKER SCHEMA
4 #
5
6 # Class automatically gets these properties:
7 # creation = Date()
8 # activity = Date()
9 # creator = Link('user')
10 # actor = Link('user')
11
12 # Issue Type
13 issue_type = Class(db, 'issue_type',
14 name=String(),
15 description=String(),
16 order=Number())
17 issue_type.setkey('name')
18
19 # Component
20 component = Class(db, 'component',
21 name=String(),
22 description=String(),
23 order=Number(),
24 assign_to=Link('user'))
25 component.setkey('name')
26
27 # Version
28 version = Class(db, 'version',
29 name=String(),
30 description=String(),
31 order=Number())
32 version.setkey('name')
33
34 # Severity
35 severity = Class(db, 'severity',
36 name=String(),
37 description=String(),
38 order=Number())
39 severity.setkey('name')
40
41 # Priority
42 priority = Class(db, 'priority',
43 name=String(),
44 description=String(),
45 order=Number())
46 priority.setkey('name')
47
48 # Status
49 status = Class(db, "status",
50 name=String(),
51 description=String(),
52 order=Number())
53 status.setkey("name")
54
55 # Resolution
56 resolution = Class(db, "resolution",
57 name=String(),
58 description=String(),
59 order=Number())
60 resolution.setkey('name')
61
62 # Keyword
63 keyword = Class(db, "keyword",
64 name=String(),
65 description=String())
66 keyword.setkey("name")
67
68
69 # User-defined saved searches
70 query = Class(db, "query",
71 klass=String(),
72 name=String(),
73 url=String(),
74 private_for=Link('user'))
75
76 # add any additional database schema configuration here
77
78 user = Class(db, "user",
79 username=String(),
80 password=Password(),
81 address=String(),
82 realname=String(),
83 phone=String(),
84 organisation=String(),
85 alternate_addresses=String(),
86 queries=Multilink('query'),
87 roles=String(), # comma-separated string of Role names
88 timezone=String())
89 user.setkey("username")
90
91 # FileClass automatically gets this property in addition to the Class ones:
92 # content = String() [saved to disk in <tracker home>/db/files/]
93 # type = String() [MIME type of the content, default 'text/plain']
94 msg = FileClass(db, "msg",
95 author=Link("user", do_journal='no'),
96 recipients=Multilink("user", do_journal='no'),
97 date=Date(),
98 summary=String(),
99 files=Multilink("file"),
100 messageid=String(),
101 inreplyto=String(),
102 spambayes_score=Number(),
103 spambayes_misclassified=Boolean(),)
104
105 file = FileClass(db, "file",
106 name=String(),
107 description=String(indexme='yes'),
108 spambayes_score=Number(),
109 spambayes_misclassified=Boolean(),)
110
111 # IssueClass automatically gets these properties in addition to the Class ones:
112 # title = String()
113 # messages = Multilink("msg")
114 # files = Multilink("file")
115 # nosy = Multilink("user")
116 # superseder = Multilink("issue")
117 issue = IssueClass(db, "issue",
118 type=Link('issue_type'),
119 components=Multilink('component'),
120 versions=Multilink('version'),
121 severity=Link('severity'),
122 priority=Link('priority'),
123 dependencies=Multilink('issue'),
124 assignee=Link('user'),
125 status=Link('status'),
126 resolution=Link('resolution'),
127 superseder=Link('issue'),
128 keywords=Multilink("keyword"))
129 db.security.addPermission(name='Register', klass='user',
130 description='User is allowed to register new user')
131
132
133 #
134 # TRACKER SECURITY SETTINGS
135 #
136 # See the configuration and customisation document for information
137 # about security setup.
138
139 db.security.addRole(name='Developer', description='A developer')
140 db.security.addRole(name='Coordinator', description='A coordinator')
141
142 db.security.addPermission(name="SB: May Classify")
143 db.security.addPermission(name="SB: May Report Misclassified")
144
145 #
146 # REGULAR USERS
147 #
148 # Give the regular users access to the web and email interface
149 for r in 'User', 'Developer', 'Coordinator':
150 db.security.addPermissionToRole(r, 'Web Access')
151 db.security.addPermissionToRole(r, 'Email Access')
152
153 ##########################
154 # User permissions
155 ##########################
156
157 for cl in ('issue_type', 'severity', 'component',
158 'version', 'priority', 'status', 'resolution',
159 'issue', 'keyword'):
160 db.security.addPermissionToRole('User', 'View', cl)
161 db.security.addPermissionToRole('Anonymous', 'View', cl)
162
163 class may_view_spam:
164 def __init__(self, klassname):
165 self.klassname = klassname
166
167 def __call__(self, db, userid, itemid):
168 cutoff_score = float(db.config.detectors['SPAMBAYES_SPAM_CUTOFF'])
169 klass = db.getclass(self.klassname)
170
171 try:
172 score = klass.get(itemid, 'spambayes_score')
173 except KeyError:
174 return True
175
176 if score > cutoff_score:
177 return False
178
179 return True
180
181 for cl in ('file', 'msg'):
182 p = db.security.addPermission(name='View', klass=cl,
183 description="allowed to see metadata object regardless of spam status",
184 properties=('creation', 'activity',
185 'creator', 'actor',
186 'name', 'spambayes_score',
187 'spambayes_misclassified',
188 'author', 'recipients',
189 'date', 'files', 'messageid',
190 'inreplyto', 'type',
191 'description',
192 ))
193
194 db.security.addPermissionToRole('Anonymous', p)
195 db.security.addPermissionToRole('User', p)
196
197 db.security.addPermissionToRole('User', 'Create', cl)
198
199 p = db.security.addPermission(name='View', klass=cl,
200 description="Allowed to see content of object regardless of spam status",
201 properties = ('content', 'summary'))
202
203 db.security.addPermissionToRole('User', p)
204
205 #spamcheck = db.security.addPermission(name='View', klass=cl,
206 # description="allowed to see content if not spam",
207 # properties=('content', 'summary'),
208 # check=may_view_spam(cl))
209
210 #db.security.addPermissionToRole('Anonymous', spamcheck)
211
212 def may_edit_file(db, userid, itemid):
213 return userid == db.file.get(itemid, "creator")
214 p = db.security.addPermission(name='Edit', klass='file', check=may_edit_file,
215 description="User is allowed to remove their own files")
216 db.security.addPermissionToRole('User', p)
217
218 p = db.security.addPermission(name='Create', klass='issue',
219 properties=('title', 'type',
220 'components', 'versions',
221 'severity',
222 'messages', 'files', 'nosy'),
223 description='User can report and discuss issues')
224 db.security.addPermissionToRole('User', p)
225
226 p = db.security.addPermission(name='Edit', klass='issue',
227 properties=('title', 'type',
228 'components', 'versions',
229 'severity',
230 'messages', 'files', 'nosy'),
231 description='User can report and discuss issues')
232 db.security.addPermissionToRole('User', p)
233
234 #db.security.addPermissionToRole('User', 'SB: May Report Misclassified')
235
236
237
238 ##########################
239 # Developer permissions
240 ##########################
241 for cl in ('issue_type', 'severity', 'component',
242 'version', 'priority', 'status', 'resolution',
243 'issue', 'file', 'msg', 'keyword'):
244 db.security.addPermissionToRole('Developer', 'View', cl)
245
246 for cl in ('issue', 'file', 'msg', 'keyword'):
247 db.security.addPermissionToRole('Developer', 'Edit', cl)
248 db.security.addPermissionToRole('Developer', 'Create', cl)
249
250
251 ##########################
252 # Coordinator permissions
253 ##########################
254 for cl in ('issue_type', 'severity', 'component',
255 'version', 'priority', 'status', 'resolution', 'issue', 'file', 'msg'):
256 db.security.addPermissionToRole('Coordinator', 'View', cl)
257 db.security.addPermissionToRole('Coordinator', 'Edit', cl)
258 db.security.addPermissionToRole('Coordinator', 'Create', cl)
259
260 db.security.addPermissionToRole('Coordinator', 'SB: May Classify')
261
262 # May users view other user information? Comment these lines out
263 # if you don't want them to
264 db.security.addPermissionToRole('User', 'View', 'user')
265 db.security.addPermissionToRole('Developer', 'View', 'user')
266 db.security.addPermissionToRole('Coordinator', 'View', 'user')
267
268 # Allow Coordinator to edit any user, including their roles.
269 db.security.addPermissionToRole('Coordinator', 'Edit', 'user')
270 db.security.addPermissionToRole('Coordinator', 'Web Roles')
271
272 # Users should be able to edit their own details -- this permission is
273 # limited to only the situation where the Viewed or Edited item is their own.
274 def own_record(db, userid, itemid):
275 '''Determine whether the userid matches the item being accessed.'''
276 return userid == itemid
277 p = db.security.addPermission(name='View', klass='user', check=own_record,
278 description="User is allowed to view their own user details")
279 for r in 'User', 'Developer', 'Coordinator':
280 db.security.addPermissionToRole(r, p)
281 p = db.security.addPermission(name='Edit', klass='user', check=own_record,
282 description="User is allowed to edit their own user details",
283 properties=('username', 'password',
284 'address', 'realname',
285 'phone', 'organization',
286 'alternate_addresses',
287 'queries',
288 'timezone')) # Note: 'roles' excluded - users should not be able to edit their own roles.
289 for r in 'User', 'Developer':
290 db.security.addPermissionToRole(r, p)
291
292 # Users should be able to edit and view their own queries. They should also
293 # be able to view any marked as not private. They should not be able to
294 # edit others' queries, even if they're not private
295 def view_query(db, userid, itemid):
296 private_for = db.query.get(itemid, 'private_for')
297 if not private_for: return True
298 return userid == private_for
299 def edit_query(db, userid, itemid):
300 return userid == db.query.get(itemid, 'creator')
301 p = db.security.addPermission(name='View', klass='query', check=view_query,
302 description="User is allowed to view their own and public queries")
303 for r in 'User', 'Developer', 'Coordinator':
304 db.security.addPermissionToRole(r, p)
305 p = db.security.addPermission(name='Edit', klass='query', check=edit_query,
306 description="User is allowed to edit their queries")
307 for r in 'User', 'Developer', 'Coordinator':
308 db.security.addPermissionToRole(r, p)
309 p = db.security.addPermission(name='Create', klass='query',
310 description="User is allowed to create queries")
311 for r in 'User', 'Developer', 'Coordinator':
312 db.security.addPermissionToRole(r, p)
313
314
315 #
316 # ANONYMOUS USER PERMISSIONS
317 #
318 # Let anonymous users access the web interface. Note that almost all
319 # trackers will need this Permission. The only situation where it's not
320 # required is in a tracker that uses an HTTP Basic Authenticated front-end.
321 db.security.addPermissionToRole('Anonymous', 'Web Access')
322
323 # Let anonymous users access the email interface (note that this implies
324 # that they will be registered automatically, hence they will need the
325 # "Create" user Permission below)
326 # This is disabled by default to stop spam from auto-registering users on
327 # public trackers.
328 #db.security.addPermissionToRole('Anonymous', 'Email Access')
329
330 # Assign the appropriate permissions to the anonymous user's Anonymous
331 # Role. Choices here are:
332 # - Allow anonymous users to register
333 db.security.addPermissionToRole('Anonymous', 'Register', 'user')
334
335 # Allow anonymous users access to view issues (and the related, linked
336 # information).
337
338 for cl in 'issue', 'severity', 'status', 'resolution', 'msg', 'file':
339 db.security.addPermissionToRole('Anonymous', 'View', cl)
340
341 # [OPTIONAL]
342 # Allow anonymous users access to create or edit "issue" items (and the
343 # related file and message items)
344 #for cl in 'issue', 'file', 'msg':
345 # db.security.addPermissionToRole('Anonymous', 'Create', cl)
346 # db.security.addPermissionToRole('Anonymous', 'Edit', cl)
347
348
349 # vim: set filetype=python sts=4 sw=4 et si :
350
Roundup Issue Tracker: http://roundup-tracker.org/