On Jul 9, 2013 10:10 PM, "Olemis Lang" <[email protected]> wrote: > > On 7/9/13, Ryan Ollos <[email protected]> wrote: > > On Tue, Jul 9, 2013 at 2:57 PM, John Oliver > > <[email protected]>wrote: > > > [...] > > > > This led to a suggestion from him that we might consider, that the message > > presented in the browser include information about needing to run the > > activate script. We might be able to help the user in an even simpler way > > though, by providing the full path to `trac-admin` in the message. > > > > Rather than, The Trac Environment needs to be upgraded. Run "trac-admin > > /home/foo/bloodhound/apache-bloodhound-0.5.3/installer/bloodhound/environments/main > > upgrade") > > > > the message could be: The Trac Environment needs to be upgraded. Run > > "/home/foo/bloodhound/bh/bin/trac-admin > > /home/foo/bloodhound/apache-bloodhound-0.5.3/installer/bloodhound/environments/main > > upgrade") > > > > This change should probably be made in the Trac core. > > > > IMO, in the general case this will reveal server paths to users, which > are not in a position to do anything about that . I'm not sure of how > much beneficial it will be in practice. Indeed I'm of the opinion that > such messages are only effective for trac admins. It'd be very nice to > determine whether target user is granted with TRAC_ADMIN permission > and only then show such a message. Regular users might only see a HTTP > 503 ''Service unavailable'' response with body «Under maintenance» , > or alike. > > -- > Regards, > > Olemis.
Yeah that makes sense. In regards to revealing the path, this crossed my mind, but since the path to the env directory is revealed it didn't seem any worse to reveal the path to trac-admin. Your idea to hide them both from regular users sounds even better though. I also haven't looked into whether the path to trac-admin is readily available where the upgrade message is generated, in order to make showing the full path feasible.
