incubator-bloodhound-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrej Golcov <and...@digiverse.si>
Subject Re: [BEP-0003] [RFC] Permissions in product scope
Date Tue, 22 Jan 2013 15:35:22 GMT
Let's take a use case.
Do we want to allow a ProductAdmin to change workflow for the product
and do we want to use existing plugins for this purposes?
If the answer is yes, let's assume, that we decided to use
TracWorkflowAdminPlugin [1] for this purpose.

If we look in TracWorkflowAdminPlugin code [2] we can see:
...
class TracWorkflowAdminModule(Component):
    implements(IAdminPanelProvider, ITemplateProvider,
               IEnvironmentSetupParticipant)
...
    # IAdminPanelProvider methods
    def get_admin_panels(self, req):
        if 'TRAC_ADMIN' in req.perm:
            yield ('ticket', dgettext("messages", ("Ticket System")),
                   'workflowadmin', _("Workflow Admin"))
...

As far as I understand the code,  (TRAC_ADMIN' in req.perm) should be
True if we want the plugin working.
So far, we discussed two possibilities how to solve the problem:
 - ProductAdmin has TRAC_ADMIN permission for product environment
 - ProductAdmin has PRODUC_ADMIN permission but in some circumstances
('TRAC_ADMIN' in req.perm) still returns True.

For sure, there is possibility that I'm missing some important things.

[1] https://trac-hacks.org/wiki/TracWorkflowAdminPlugin
[2] https://trac-hacks.org/browser/tracworkflowadminplugin/0.12/tracworkflowadmin/web_ui.py

Mime
View raw message