On Thu, Jan 11, 2007 at 05:36:01PM +0100, Christian Boos wrote: > +1, that could be done ASAP on trunk, together with the move to > trac.resource, I think.
Excellent. > In particular, I'd like to see how we'll convert the attachment module, > in a way that would allow generic attachments (see #3068). This > shouldn't require any additional interface (i.e. /not/ the > IAttachmentPointProvider way) but should result from the ability to add > attachment to any kind of resource (this doesn't mean we'll add an UI to > do this for every kind of resource!). I agree with the idea, but I don't think this need be done before merging the branch. This is functionality additional to the main security features. That being said, I'd be happy to work on this after the merge, as it would be very useful. Or maybe Noah could? He's been keen for this feature for some time I believe? I think the main difficulty will be the permissions. TICKET_APPEND is required for tickets, while WIKI_MODIFY for wiki pages. I guess we can maybe just assume that every other object requires `'MODIFY' in context.perm`. > Note that most of the time we /already/ have the resource at hand when > building the Context, so care must be taken to provide it to the context > when possible (as you already do in wiki/web_ui.py), and to keep it > while creating similar contexts (i.e. ctxt(abs_urls=True)). 100% agreed. > > page = WikiPage(env, 'WikiStart') > > context = Context.from_resource(env, req, page) > ... or simply `context = page.get_context(req)`, instead of the more > complex hops through the IResourceMapper implementations which will end > in the `identify_resource(req, resource)` of the module? The only real reason I didn't do that was that it would ideally be in a base "Trac Object" and, if we have that, lots of other stuff could/should go in it, just like your old TracObject branch. I don't really have a problem with adding it, but... > Ok. Also, what about allowing to check for "unqualified" permission names? > E.g.<py:if test="'ADMIN' in context.perm"> which would translate to > WIKI_ADMIN if context's realm is 'wiki', TICKET_ADMIN if the context's > realm is 'ticket', etc. Agreed. Good idea, and this could be the first step towards getting rid of the current permission naming system entirely. -- Evolution: Taking care of those too stupid to take care of themselves. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Trac Development" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/trac-dev?hl=en -~----------~----~----~----~------~----~------~--~---
