Hi, list.
We are trying to integrate trac with LDAP for accessing the environments.
We have succeded using LDAP groups for accessing SVN (using a custom apache
module instead of svn Authz file) and we want to use the same approach for the
browser to access them through Trac.
The problem we face right now is that the integrated browser uses the authz
file for getting both the users and the groups (along with the paths) and we
cannot define those groups under LDAP and feed them to the trac browser.
I will try to explain it on a diagram:
This file used to contain the group @group
+---------------+
| authz.txt |
+---------------+
| [svn:path] |<------> SVN <------> [LDAP: @group::members]
| @group = rw | ^ ^
| ... | | |
+---------------+ (Browser) |
^ | |
+---------------> Trac <---------
However, Trac cannot retrieve the groups from LDAP, and uses the one defined
in the authz.txt
One of my workmates posted some patch with an initial idea on how to move to
LDAP groups, but he said his understanding of the issue is very limited, and i
am not myself any good with python.
The patch is attached, and I would like to know if it is possible to get the
idea developed so that it could be integrated under trac proper.
Thanks,
--
Jesus Climent info:pumuki.org dj:triplestereo.com
Unix SysAdm|Linux User #66350|Debian Developer|2.6.18|Helsinki Finland
GPG: 1024D/86946D69 BB64 2339 1CAA 7064 E429 7E18 66FC 1D7F 8694 6D69
You're just jealous because I'm a real freak and you have to wear a mask.
--Penguin (Batman Returns)
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Trac Development" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/trac-dev?hl=en
-~----------~----~----~----~------~----~------~--~---
Index: trac/versioncontrol/svn_authz.py
===================================================================
--- trac/versioncontrol/svn_authz.py (revision 4001)
+++ trac/versioncontrol/svn_authz.py (working copy)
@@ -16,7 +16,7 @@
# Author: Francois Harvey <[EMAIL PROTECTED]>
# Matthew Good <[EMAIL PROTECTED]>
-from trac.config import Option
+from trac.config import Option, BoolOption
from trac.core import *
from trac.versioncontrol import Authorizer
@@ -31,15 +31,19 @@
authz_module_name = Option('trac', 'authz_module_name', '',
"""The module prefix used in the authz_file.""")
+ authz_use_trac_groups = BoolOption('trac', 'authz_use_trac_groups',
'false',
+ """...""")
+
def SubversionAuthorizer(env, authname):
authz_file = env.config.get('trac', 'authz_file')
if not authz_file:
return Authorizer()
module_name = env.config.get('trac', 'authz_module_name')
+ use_trac_groups = env.config.getbool('trac', 'authz_use_trac_groups')
db = env.get_db_cnx()
- return RealSubversionAuthorizer(db, authname, module_name, authz_file)
+ return RealSubversionAuthorizer(db, authname, module_name, authz_file,
use_trac_groups)
def parent_iter(path):
path = path.strip('/')
@@ -64,10 +68,11 @@
module_name = ''
conf_authz = None
- def __init__(self, db, auth_name, module_name, cfg_file, cfg_fp=None):
+ def __init__(self, db, auth_name, module_name, cfg_file, use_trac_groups,
cfg_fp=None):
self.db = db
self.auth_name = auth_name
self.module_name = module_name
+ self.use_trac_groups = use_trac_groups
from ConfigParser import ConfigParser
self.conf_authz = ConfigParser()
