-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 28.07.2014 08:55, RjOllos wrote: > Btw, in vulnerable_tickets.py, should the check be changed?: > if 'VULNERABILITY_VIEW' not in perm: > -> > > if 'VULNERABILITY_VIEW' not in perm(resource):
It depends on the intention. From earlier discussion I remember, that recommended, performance conscious practice of Trac permission checking involves a rather cheep pre-check, if the required permission is assigned to the SID at all. That's what the first line would be good for. The suggested replacement does the fine-grained check, that required the resource object. I've been testing with 'only' 30.000+ tickets in my Trac development environment to learn, that constructing resource objects IS a costly task that shall be avoided, if possible. Just my 2 cents. Steffen Hoffmann -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Icedove - http://www.enigmail.net/ iEYEARECAAYFAlPWcDoACgkQ31DJeiZFuHfkdgCg1mOSo/WP+SIhnFbOQgAoomac GpsAnA3jTWSLj6fkz5E+3+6IrnwQqBVd =UsxY -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
