On Wednesday, September 21, 2016 at 11:27:34 PM UTC-7, Peter Suter wrote: > > > I also posted modifications to SignedTickets, but I don't expect they > > will fix this "interaction" issue: > > > https://trac.edgewall.org/wiki/CookBook/Configuration/SignedTickets?version=9 > > >>> - 'TICKET_ADMIN' in perm: > >>> + any(a in perm for a in self.admin_actions): > > This change seems unnecessary and maybe even more problematic than before. > Unnecessary because TRAC_ADMIN implies TICKET_ADMIN anyway, so there's > no need to check for TRAC_ADMIN explicitly. (But there may be more > subtle details I'm missing.) > Problematic because checking more permissions leads to more potentially > problematic interactions (and possible mutual recursion) with other > policies. >
That sounds right, I reverted the change. https://trac.edgewall.org/wiki/CookBook/Configuration/SignedTickets?version=10 - Ryan -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
