Mercurial > p > roundup > code
diff doc/customizing.txt @ 3126:a2889d22db4a
the cgi templating code now checks item-level
permissions (per alex's suggestion).
The templates themselves do not have row-level checks now.
Cleaned up the msg and file index templates to use batching.
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Fri, 04 Feb 2005 05:25:50 +0000 |
| parents | 5894c7bea8ce |
| children | 021b131bd816 |
line wrap: on
line diff
--- a/doc/customizing.txt Fri Jan 28 05:09:44 2005 +0000 +++ b/doc/customizing.txt Fri Feb 04 05:25:50 2005 +0000 @@ -2,7 +2,7 @@ Customising Roundup =================== -:Version: $Revision: 1.169 $ +:Version: $Revision: 1.170 $ .. This document borrows from the ZopeBook section on ZPT. The original is at: http://www.zope.org/Documentation/Books/ZopeBook/current/ZPT.stx @@ -933,6 +933,8 @@ Example Scenarios ~~~~~~~~~~~~~~~~~ +See the `examples`_ section for longer examples of customisation. + **automatic registration of users in the e-mail gateway** By giving the "anonymous" user the "Email Registration" Role, any unidentified user will automatically be registered with the tracker @@ -4037,6 +4039,26 @@ new_email_user_roles = 'Provisional User' +All users may only view and edit issues, files and messages they create +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Replace the standard "classic" tracker View and Edit Permission assignments +for the "issue", "file" and "msg" classes with the following:: + + def checker(klass): + def check(db, userid, itemid, klass=klass): + return db.getclass(klass).get(itemid, 'creator') == userid + for cl in 'issue', 'file', 'msg': + p = db.security.addPermission(name='View', klass=cl, + check=checker(cl)) + db.security.addPermissionToRole('User', p) + p = db.security.addPermission(name='Edit', klass=cl, + check=checker(cl)) + db.security.addPermissionToRole('User', p) + db.security.addPermissionToRole('User', 'Create', cl) + + + Changes to the Web User Interface ---------------------------------