Mercurial > p > roundup > code
diff doc/customizing.txt @ 5897:d0aebd4aec72
Provide a method for identifying invalid properties in permissions
issue2551062: roundup-admin security validates all properties in
permissions. It reports invalid properties.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sat, 05 Oct 2019 12:33:23 -0400 |
| parents | 6e341009593b |
| children | c3728772c594 |
line wrap: on
line diff
--- a/doc/customizing.txt Wed Oct 02 22:06:02 2019 -0400 +++ b/doc/customizing.txt Sat Oct 05 12:33:23 2019 -0400 @@ -1258,6 +1258,10 @@ # db.security.addPermissionToRole('Anonymous', 'Create', cl) # db.security.addPermissionToRole('Anonymous', 'Edit', cl) +You can use ``roundup-admin security`` to verify the permissions +defined in the schema. It also verifies that properties specified in +permissions are valid for the class. This helps detect typos that can +cause baffling permission issues. Automatic Permission Checks --------------------------- @@ -1344,6 +1348,15 @@ including properties would be used only for determining the access permission for those properties. + ``roundup-admin security`` will report invalid properties for the + class. For example a permission with an invalid summary property is + presented as:: + + Allowed to see content of object regardless of spam status + (View for "file": ('content', 'summary') only) + + **Invalid properties for file: ['summary'] + Setting ``props_only=True`` will make the permission valid only for those properties.