On Sunday, November 10, 2013 4:48:37 AM UTC-8, Joost Kraaijeveld wrote: > > Hi, > > I am having troubles configuring FineGrainedPermissions in Trac. I have > tried configuring it manually, using an authzpolicy.conf with he > following content: > > [wiki:*] > [wiki:WikiStart*] > [wiki:WikiStart@*] > [wiki:WikiStart] > jkr = WIKI_VIEW > * = !WIKI_VIEW > > I expected that jkr could see the WikiStart and nobody else. But > everyone can see it, it looks as if the conf file is ignored. The > trac.log file shows the following when I access Trac with an anonymous > user: > > root@panoramix:/var/lib/trac/testtrac/log# tail -f trac.log | egrep > '\[perm\]|\[authz_policy\]' | grep WikiStart > 2013-11-10 13:37:05,016 Trac[authz_policy] DEBUG: Checking WIKI_VIEW on > wiki:WikiStart@* > 2013-11-10 13:37:05,025 Trac[authz_policy] DEBUG: Checking > ATTACHMENT_CREATE on wiki:WikiStart@*/attachment:*@* > 2013-11-10 13:37:05,025 Trac[authz_policy] DEBUG: Checking WIKI_MODIFY on > wiki:WikiStart@* > 2013-11-10 13:37:05,025 Trac[perm] DEBUG: No policy allowed anonymous > performing WIKI_MODIFY on <Resource u'wiki:WikiStart'> > 2013-11-10 13:37:05,025 Trac[perm] DEBUG: LegacyAttachmentPolicy denies > anonymous performing ATTACHMENT_CREATE on <Resource u'wiki:WikiStart, > attachment'> > 2013-11-10 13:37:05,041 Trac[authz_policy] DEBUG: Checking WIKI_ADMIN on > wiki:WikiStart@* > 2013-11-10 13:37:05,041 Trac[perm] DEBUG: No policy allowed anonymous > performing WIKI_ADMIN on <Resource u'wiki:WikiStart'> > 2013-11-10 13:37:05,063 Trac[authz_policy] DEBUG: Checking WIKI_DELETE on > wiki:WikiStart@* > 2013-11-10 13:37:05,063 Trac[perm] DEBUG: No policy allowed anonymous > performing WIKI_DELETE on <Resource u'wiki:WikiStart'> > 2013-11-10 13:37:05,063 Trac[authz_policy] DEBUG: Checking WIKI_RENAME on > wiki:WikiStart@* > 2013-11-10 13:37:05,063 Trac[perm] DEBUG: No policy allowed anonymous > performing WIKI_RENAME on <Resource u'wiki:WikiStart'> >
Have you followed all of the steps at?: http://trac.edgewall.org/wiki/TracFineGrainedPermissions You'll need to enable the plugin, add the permission policy, install the ConfigObj package and add the `authz_file` configuration directive to trac.ini. What version of Trac are you running? There have been several improvements to handling error conditions in the configuration of TracFineGrainedPermissions on 1.0-stable, but they haven't been packages in a formal release yet. > I also have the FineGrainedPageAuthzEditorPlugin installed. It does not > not show the contents of my authzpolicy.conf . Entering the text above > leads to an Oops: > > Trac detected an internal error: > TypeError: coercing to Unicode: need string or buffer, NoneType found > FineGrainedPageAuthzEditorPlugin doesn't handle conditions well when TracFineGrainedPermissions is not properly configured. I'll take a look at improving it. The ideas in ticket #11172 may eventually help you: http://trac-hacks.org/ticket/11172 > And my last problem is the groups file. What is the syntax of that file? > Is there a working example available? I don't have any experience with the groups file, but you'll probably want to consult the Apache documentation. I'm not certain this is the correct page, but it looks right to me: http://httpd.apache.org/docs/2.2/mod/mod_authz_groupfile.html > I have the HtGroupEditorPlugin installed, but if I use the following as > content, it refuses to read the file and gives me an error: > > [groups] > admins = jkr > devs = jkr > > And the error is: > > Trac detected an internal error: > IndexError: list index out of range > > > Anyone any idea how I could sole thsi? > > TIA > > Joost > > > -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/groups/opt_out.
