I'm a bit confused by what is required to get a username to appear in the drop
down list when the trac.ini ticket/restrict_owner flag is set to true.
My intent is to have any user that has logged into the system appear in the
drop down list. The actual authentication mechanism is LDAP by way of a
Microsoft Active Directory store.
At one point this seemed to be working (the autopopulation of the drop down
list that is), but since I've updated from 0.10.3 to 0.11dev-r5823 and locked
down the system so that only members of the built in group "authenticated" have
permissions to play around in our setup, the drop-down list only seems to be
populated with the names of users that I explicitly placed in the TRAC_ADMIN
permission.
Based on the documentation, there are a couple of requirements to appear in the
drop down.
1. Have session data available as a user that has logged into the project.
2. The user should have TICKET_MODIFY permissions.
I looked at the code here and it's unclear to me whether or not this function
takes into account checking whether or not these users are members of the
authenticated group and the appropriate permissions.
As I thought about it, I guess it comes down to what you mean the
"authenticated" user group to be. If you mean, ONLY the people that are
actually authenticated at the moment, then I need to come up with another alias
that will allow me to get the list of users that I need... users that have
authenticated at some point in time.
I tried "tricking" Trac by giving anonymous the TICKET_MODIFY permission
without anything else, but it comes down to --- I have over 100 users in my
system. I don't want to have to create a specific Trac entry for each user to
get this to work. I want anyone who has ever authenticated to be part of the
drop down list.... any ideas? I'm thinking about hacking the ticket/api.py
file (maybe around the get_ticket_fields function where the drop down list is
generated...
What's confusing me most of all is that I could have sworn that this was
working fine (i.e. I didn't have to specifically give users a TICKET_MODIFY
permission) in 0.10.3. Any ideas/thoughts here?
When I look at the code below, it seems like there's a disconnect between the
group notion and the permission notion.
Thanks,
Vincent
:
{{{
def get_users_with_permissions(self, permissions):
"""Retrieve a list of users that have any of the specified permissions
Users are returned as a list of usernames.
"""
db = self.env.get_db_cnx()
cursor = db.cursor()
groups = permissions
users = set([u[0] for u in self.env.get_known_users()])
result = set()
# First iteration finds all users and groups that have any of the
# needed permissions. Subsequent iterations expand groups recursively
# and merge the results
while len(groups):
cursor.execute("SELECT p.username, COUNT(m.username) "
"FROM permission AS p "
"LEFT JOIN permission AS m ON m.action = p.username "
"WHERE p.action IN (%s) GROUP BY p.username"
% (', '.join(['%s'] * len(groups))), groups)
groups = []
for username, nummembers in cursor:
if username in users:
result.add(username)
elif nummembers:
groups.append(username)
return list(result)
}}}
---------------------------------
Got a little couch potato?
Check out fun summer activities for kids.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/trac-users?hl=en
-~----------~----~----~----~------~----~------~--~---
