Mercurial > p > roundup > code
comparison doc/upgrading.txt @ 8544:e738377b4ffe
feature: add detector that prevents file content changes by Admin and other users.
New detector and upgrading announcement. Also example of stripping
content editing from the User role.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Tue, 24 Mar 2026 22:11:27 -0400 |
| parents | 1ffa1f42e1da |
| children | e4191aa7b402 |
comparison
equal
deleted
inserted
replaced
| 8543:1ffa1f42e1da | 8544:e738377b4ffe |
|---|---|
| 300 Malformed mime types assigned to files/messages could cause a crash, | 300 Malformed mime types assigned to files/messages could cause a crash, |
| 301 now they are just ignored. | 301 now they are just ignored. |
| 302 | 302 |
| 303 There have been some internal refactorings and improvements in the | 303 There have been some internal refactorings and improvements in the |
| 304 REST code that will make it a bit faster. | 304 REST code that will make it a bit faster. |
| 305 | |
| 306 Make File Contents Immutable for Everybody (optional) | |
| 307 ----------------------------------------------------- | |
| 308 | |
| 309 The HTML based interface for files and messages doesn't provide a way | |
| 310 to change file content. However it is possible for privileged people | |
| 311 to modify the content via the web. In most cases, this change will not | |
| 312 be recorded in the audit log. It can be detected by looking at the | |
| 313 change time of the file. Then compare it to the change time of files | |
| 314 before and after it. Since files are created in order, the file | |
| 315 ``msg50`` should have a change timestamp after ``msg49`` and before | |
| 316 ``msg51``. | |
| 317 | |
| 318 The 2.6.0 release includes an immutable_file_contents.py | |
| 319 detector. If you copy the detector into your tracker's detector | |
| 320 directory nobody, including users with admin rights, can change | |
| 321 file/msg contents via Roundup. Changes to files would have to be | |
| 322 done by logging into the Roundup server and editing the files | |
| 323 locally. | |
| 324 | |
| 325 For non-admin user's the following edit permission for FileClass based | |
| 326 classes will prevent regular users from changing file content via | |
| 327 Roundup. Remove the existing ``Edit`` permission from your FileClass | |
| 328 based classes. Then add your classname to the loop. The permission | |
| 329 strips ``content`` from the list of editable properties and permits | |
| 330 editing of the other properties:: | |
| 331 | |
| 332 for cl in 'file', 'msg': | |
| 333 properties = list(x for x in | |
| 334 db.getclass(cl).getprops(protected=False).keys() | |
| 335 if x != 'content') | |
| 336 | |
| 337 file_edit_perm = db.security.addPermission( | |
| 338 name='Edit', klass=cl, | |
| 339 properties=properties, | |
| 340 description="User is allowed to edit all %s props except content" % cl) | |
| 341 | |
| 342 db.security.addPermissionToRole('User', file_edit_perm) | |
| 305 | 343 |
| 306 .. index:: Upgrading; 2.4.0 to 2.5.0 | 344 .. index:: Upgrading; 2.4.0 to 2.5.0 |
| 307 | 345 |
| 308 Migrating from 2.4.0 to 2.5.0 | 346 Migrating from 2.4.0 to 2.5.0 |
| 309 ============================= | 347 ============================= |