Mercurial > p > roundup > code
changeset 2747:8b6cd1c5d549 maint-0.7
pydotorg-specific change to mailgw to handle bizzaro permissions ;)
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Mon, 11 Oct 2004 05:20:37 +0000 |
| parents | adce02da25b7 |
| children | fc9b8522a4bc |
| files | CHANGES.txt roundup/mailgw.py |
| diffstat | 2 files changed, 7 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/CHANGES.txt Fri Oct 08 08:10:59 2004 +0000 +++ b/CHANGES.txt Mon Oct 11 05:20:37 2004 +0000 @@ -21,6 +21,7 @@ - handle deleted properties in RDBMS history - apply timezone in correct direction in user input (sf bug 1013097) - more efficient find() in RDBMS (sf bug 1012781) +- pydotorg-specific change to mailgw to handle bizzaro permissions ;) 2004-07-21 0.7.6
--- a/roundup/mailgw.py Fri Oct 08 08:10:59 2004 +0000 +++ b/roundup/mailgw.py Mon Oct 11 05:20:37 2004 +0000 @@ -72,7 +72,7 @@ an exception, the original message is bounced back to the sender with the explanatory message given in the exception. -$Id: mailgw.py,v 1.149.2.3 2004-09-29 08:47:59 a1s Exp $ +$Id: mailgw.py,v 1.149.2.4 2004-10-11 05:20:37 richard Exp $ """ __docformat__ = 'restructuredtext' @@ -572,6 +572,10 @@ m.append(s.getvalue()) self.mailer.bounce_message(message, sendto, m) + def hasPermissions(self, author, classname, nodeid): + # make sure they're allowed to edit this class of information + return self.db.security.hasPermission('Edit', author, classname) + def handle_message(self, message): ''' message - a Message instance @@ -790,8 +794,7 @@ raise Unauthorized, 'You are not permitted to access '\ 'this tracker.' - # make sure they're allowed to edit this class of information - if not self.db.security.hasPermission('Edit', author, classname): + if not self.hasPermissions(author, classname, nodeid): raise Unauthorized, 'You are not permitted to edit %s.'%classname # the author may have been created - make sure the change is