Stephen Turnbull <step...@xemacs.org> added the comment:
It's possible to do this, although I don't have a patch offhand. The basic
idea is that given in the attached patch, which uses the existing concepts of
"assigned to" and "admin role" rather than a separate configurable group.
Probably you can just create a security role and substitute that check for
"assigned to".
I don't know if deleting "admin" makes sense or not. Of course admins can add
the security role to themselves anyway, so convenience in dealing with security
issues that need to be deleted because they're spam etc is one consideration.
OTOH, "if I don't need to know I don't wanna see it" is another factor.
Note that the patch defaults to privacy (which is appropriate in my situation).
Probably for Python you would want this dependent on the issue type or
priority of "security".
I also don't know how secure this really is. I know it's more secure than the
people who are using it, which is good enough for me.<wink/>
_______________________________________________________
PSF Meta Tracker <metatrac...@psf.upfronthosting.co.za>
<http://psf.upfronthosting.co.za/roundup/meta/issue393>
_______________________________________________________
diff --git a/html/issue.item.html b/html/issue.item.html
index 3a397c2..6e84f26 100644
--- a/html/issue.item.html
+++ b/html/issue.item.html
@@ -81,6 +81,10 @@ python:db.user.classhelp('username,realname,address',
property='nosy', width='60
<span tal:condition="context/is_edit_ok" tal:replace="structure
python:db.keyword.classhelp(property='keyword')" />
</td>
</tr>
+<tr>
+ <th i18n:translate="">Public</th>
+ <td tal:content="structure context/ispublic/field">is issue public?</td>
+</tr>
<tr tal:condition="context/is_edit_ok">
<th i18n:translate="">Change Note</th>
diff --git a/schema.py b/schema.py
index 9c13df9..4db8c7f 100644
--- a/schema.py
+++ b/schema.py
@@ -75,7 +75,8 @@ issue = IssueClass(db, "issue",
assignedto=Link("user"),
keyword=Multilink("keyword"),
priority=Link("priority"),
- status=Link("status"))
+ status=Link("status")
+ ispublic=Boolean())
#
# TRACKER SECURITY SETTINGS
@@ -90,9 +91,32 @@ issue = IssueClass(db, "issue",
db.security.addPermissionToRole('User', 'Web Access')
db.security.addPermissionToRole('User', 'Email Access')
+# Users should be able to edit and view their assigned issues. They
+# should also be able to view any marked as public. They should not
+# be able to edit others' issues, even if they're public.
+def view_issue(db, userid, itemid):
+ # ispublic checking not implemented yet
+ # if not db.issue.get(itemid, 'ispublic'): return True
+ return userid == db.issue.get(itemid, 'assignedto')
+def edit_issue(db, userid, itemid):
+ return userid == db.issue.get(itemid, 'assignedto')
+p = db.security.addPermission(name='View', klass='issue', check=view_issue,
+ description="User is allowed to view their own and public issues")
+db.security.addPermissionToRole('User', p)
+p = db.security.addPermission(name='Edit', klass='issue', check=edit_issue,
+ description="User is allowed to edit their issues")
+db.security.addPermissionToRole('User', p)
+p = db.security.addPermission(name='Retire', klass='issue', check=edit_issue,
+ description="User is allowed to retire their issues")
+db.security.addPermissionToRole('User', p)
+p = db.security.addPermission(name='Create', klass='issue',
+ description="User is allowed to create issues")
+db.security.addPermissionToRole('User', p)
+
# Assign the access and edit Permissions for issue, file and message
-# to regular users now
-for cl in 'issue', 'file', 'msg', 'keyword':
+# to regular users now. These are way too lenient for files and
+# messages, but it's unlikely that students will figure that out.
+for cl in 'file', 'msg', 'keyword':
db.security.addPermissionToRole('User', 'View', cl)
db.security.addPermissionToRole('User', 'Edit', cl)
db.security.addPermissionToRole('User', 'Create', cl)
_______________________________________________
Tracker-discuss mailing list
Tracker-discuss@python.org
http://mail.python.org/mailman/listinfo/tracker-discuss
