svn commit: r1489442 - /bloodhound/trunk/bloodhound_multiproduct/multiproduct/api.py

Tue, 04 Jun 2013 06:38:32 -0700 

Author: matevz
Date: Tue Jun  4 13:37:49 2013
New Revision: 1489442

URL: http://svn.apache.org/r1489442
Log:
Ref. #402 - PRODUCT_VIEW permission was missing for 'anonymous' and 
'authenticated' users

Modified:
    bloodhound/trunk/bloodhound_multiproduct/multiproduct/api.py

Modified: bloodhound/trunk/bloodhound_multiproduct/multiproduct/api.py
URL: 
http://svn.apache.org/viewvc/bloodhound/trunk/bloodhound_multiproduct/multiproduct/api.py?rev=1489442&r1=1489441&r2=1489442&view=diff
==============================================================================
--- bloodhound/trunk/bloodhound_multiproduct/multiproduct/api.py (original)
+++ bloodhound/trunk/bloodhound_multiproduct/multiproduct/api.py Tue Jun  4 
13:37:49 2013
@@ -369,6 +369,9 @@ class MultiProductSystem(Component):
         # - populate system tables with global configuration for each product
         # - exception is permission table where permissions
         #   are also populated in global scope
+        #
+        # permission table specifics: 'anonymous' and 'authenticated' users
+        # should by default have a PRODUCT_VIEW permission for all products
         self.log.info("Migrating system tables to a new schema")
         for table in self.MIGRATE_TABLES:
             if table == 'wiki':
@@ -379,11 +382,24 @@ class MultiProductSystem(Component):
                               table, product.name, product.prefix)
                 db("""INSERT INTO %s (%s, product) SELECT %s,'%s' FROM %s""" %
                    (table, cols, cols, product.prefix, temp_table_name))
+                if table == 'permission':
+                    db.executemany(
+                        """INSERT INTO permission (username, action, product)
+                           VALUES (%s, %s, %s)""",
+                        [('anonymous', 'PRODUCT_VIEW', product.prefix),
+                         ('authenticated', 'PRODUCT_VIEW', product.prefix)])
+
             if table == 'permission':
                 self.log.info("Populating table '%s' for global scope", table)
                 db("""INSERT INTO %s (%s, product) SELECT %s,'%s' FROM %s""" %
                    (table, cols, cols, '', temp_table_name))
             self._drop_temp_table(db, temp_table_name)
+        db.executemany(
+            """INSERT INTO permission (username, action, product)
+                VALUES (%s, %s, %s)""",
+            [('anonymous', 'PRODUCT_VIEW', ''),
+             ('authenticated', 'PRODUCT_VIEW', '')])
+
 
     def _upgrade_wikis(self, db, create_temp_table):
         # migrate wiki table

Reply via email to