On Jul 13, 9:17 pm, Jeroen Ruigrok van der Werven <[EMAIL PROTECTED]
nomine.org> wrote:
> -On [20080713 19:54], Scott Bussinger ([EMAIL PROTECTED]) wrote:
>
> >> I want to hide the attachment list of wiki pages to anonymous user.
>
> >I'm afraid I can't help with that, but once you figure it out, would you
> >please share it with this list? I'd find that feature useful myself!
>
> The key lies in:
>
> trac/wiki/templates/wiki_view.html
>
> ${list_of_attachments(attachments, compact=True)}
>
> You probably need to wrap that one in a permission check.
> Most likely moving this line under this one:
>
> <py:if test="admin_perm or (not page.readonly and (modify_perm or
> delete_perm))">
>
> will only make the attachment list visible for those with wiki modify rights
> or higher.
>
> --
> Jeroen Ruigrok van der Werven <asmodai(-at-)in-nomine.org> / asmodai
> イェルーン ラウフロック ヴァン デル ウェルヴェンhttp://www.in-nomine.org/|http://www.rangaku.org/|
> GPG: 2EAC625B
> The way you're bathed in Light, reminds me of that Night, god laid me
> down into your rose garden of Trust...
Well, my recommendation is to write an IPermissionPolicy plugin, and
put it first in your trac.ini [trac] permission_policies = .... chain.
This will work for attachment access in any context.
Basically a single-file plugin will look like this - totally untested
as it is just written out in the email below. Be sure to turn on
debugging to catch any obvious mistakes... :-)
from trac.core import *
from trac.perm import IPermissionPolicy
NoAnonymousWikiAttachmentView(Component):
""" trac.ini - [trac] section:
permission_policies = NoAnonymousWikiAttachmentView,
DefaultPermissionPolicy, LegacyAttachmentPolicy """
implements(IPermissionPolicy)
def check_permission(self, action, username, resource, perm):
if action == 'ATTACHMENT_VIEW' and \
resource and resource.realm == 'attachment' \
and resource.parent \
and resource.parent.realm == 'wiki' \
and username == 'anonymous':
return False
else:
return None # Leave decision to the rest of the chain
Check out the TracFineGrainedPermissions and original
(TracDev/?)SecurityBranch for more details on the permission policies.
:::simon
https://www.coderesort.com
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/trac-users?hl=en
-~----------~----~----~----~------~----~------~--~---
