[Trac] Re: Read only ticket according to custom resolution type
Hi Jared, we need a similar solution. In our case, it's probably named "released" (instead of "signed"). The use-case is that nobody should change ticket properties when the ticket is released (only commenting). Have you created a Trac-Plugin on Trac-hacks [1] for that solution? Thank you, Franz [1] http://trac-hacks.org/ On Sunday, July 27, 2014 1:33:16 AM UTC+2, Jared Bownds wrote: > > Reference: http://trac-hacks.org/ticket/11885 > > I am looking for a solution that will work like this: > >- Create a new permission group called SIGNER >- Add 'signed' as a resolution type >- Users with permission SIGNER are allowed to resolve a request as >'Signed' > > Desired behavior: > >- Once a ticket is resolved as 'Signed', the ticket is now read only >except to TRAC_ADMIN >- Users without TRAC_ADMIN permissions are unable to modify the ticket >in any way. When an attempt is made, the user should receive an error upon >save indicating the ticket is signed and therefore read only. >- Visually distinguish tickets resolved as 'Signed' by either slightly >changing the color of the description body, or add a draft style 'SIGNED' >watermark to the right and left side of the description body. > > -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] CommitTicketUpdate does not seem to be checking permission (Git)
On Fri, Jul 18, 2014 at 8:13 AM, Sylvain Raybaud
wrote:
Dear Trac users community,
>
> I'm facing a problem with my company trac installation. I've got a trac
> installation with a bunch of registered users (usernames and passwords in
> /var/trac/main/digest). But whoever the author of a changeset is he is able
> to close a ticket by including the appropriate command in the commit
> message. Here are the steps to reproduce:
>
> 1) Correctly (I think) set permission checking in trac.ini:
>
> root@dev:~# grep commit_ticket_update_check_perms
> /var/trac/main/conf/trac.ini
> commit_ticket_update_check_perms = true
>
> 2) Clone a test repository and commit and push changes as a user who does
> not appear anywhere in trac configuration (neither does the email address):
>
> toto@sylvain-GC:~/boost-cgi$ git clone ssh://git/boost-cgi
> toto@sylvain-GC:~/boost-cgi$ git config --global user.name "Toto"
> toto@sylvain-GC:~/boost-cgi$ git config --global user.email "x@y.z"
> toto@sylvain-GC:~/boost-cgi$ echo "PLOUF" >> hello && git commit -a -m
> "close #67" && git push
> toto@sylvain-GC:~/boost-cgi$ git log -1
> commit 37bc8cda563c147ad5d3dec3b032a99d90e74566
> Author: Toto
> Date: Fri Jul 18 14:22:10 2014 +0200
>
> close #67
>
> 3) Watch #67 being closed (mail sent by Trac):
>
> #67: test
> ---+--
> Reporter: sylvain| Owner: sylvain
> Type: defect | Status: closed
> Priority: major | Milestone:
> Component: boost-cgi | Resolution: fixed
> Keywords: |
> ---+--
> Changes (by Toto ):
>
> * status: reopened => closed
> * resolution: => fixed
>
>
>
> A peek in source code showed me that Trac checks if the author of the
> changeset ("Toto", I guess. Or maybe x@y.z? Anyway none has any
> permission) has permission TICKET_MODIFY. In our installation only
> "authenticated" users have TICKET_MODIFY permissions.
>
>
> As I could not find this "bug" documented anywhere I'm very much willing
> to admit I'm doing something wrong... but I'm really clueless. Any guidance
> would be appreciated.
>
> Best regards,
>
> Sylvain Raybaud
>
>
You could set log level to DEBUG and post the output that you see when
pushing the changeset and closing the ticket.
http://trac.edgewall.org/wiki/TracLogging
Which version of Trac are you running?
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to trac-users+unsubscr...@googlegroups.com.
To post to this group, send email to trac-users@googlegroups.com.
Visit this group at http://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
I found it, it is case sensitive. According the the class name, style.css
needs to contain:
style.css
body.resolution_is_*S*igned { background-color: #b3caf5; /* soft blue */
}
body tag
resolution_is_signed
On Mon, Jul 28, 2014 at 3:46 PM, Ryan Ollos wrote:
> On Mon, Jul 28, 2014 at 3:42 PM, Jared Bownds
> wrote:
>
>> Is that not the following?
>>
>> Trac[loader] DEBUG: Loading ContextChrome from
>> /srv/trac/trac/plugins/ContextChrome-0.3-py2.6.egg
>>
>
> That looks good.
>
> Does the opening body tag on the ticket page have the class
> "resolution_is_signed"?
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Trac Users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/trac-users/1GNDHTObQKg/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> trac-users+unsubscr...@googlegroups.com.
> To post to this group, send email to trac-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/trac-users.
> For more options, visit https://groups.google.com/d/optout.
>
--
Jared Bownds
c. 916-224-2324
e. Jared.Bownds@g mail.com
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to trac-users+unsubscr...@googlegroups.com.
To post to this group, send email to trac-users@googlegroups.com.
Visit this group at http://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
I found it, it is case sensitive. According the the class name, resolution_is_signed On Mon, Jul 28, 2014 at 3:46 PM, Ryan Ollos wrote: > On Mon, Jul 28, 2014 at 3:42 PM, Jared Bownds > wrote: > >> Is that not the following? >> >> Trac[loader] DEBUG: Loading ContextChrome from >> /srv/trac/trac/plugins/ContextChrome-0.3-py2.6.egg >> > > That looks good. > > Does the opening body tag on the ticket page have the class > "resolution_is_signed"? > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Trac Users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/trac-users/1GNDHTObQKg/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > trac-users+unsubscr...@googlegroups.com. > To post to this group, send email to trac-users@googlegroups.com. > Visit this group at http://groups.google.com/group/trac-users. > For more options, visit https://groups.google.com/d/optout. > -- Jared Bownds c. 916-224-2324 e. Jared.Bownds@g mail.com -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
resolution_is_signed On Mon, Jul 28, 2014 at 3:46 PM, Ryan Ollos wrote: > On Mon, Jul 28, 2014 at 3:42 PM, Jared Bownds > wrote: > >> Is that not the following? >> >> Trac[loader] DEBUG: Loading ContextChrome from >> /srv/trac/trac/plugins/ContextChrome-0.3-py2.6.egg >> > > That looks good. > > Does the opening body tag on the ticket page have the class > "resolution_is_signed"? > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Trac Users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/trac-users/1GNDHTObQKg/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > trac-users+unsubscr...@googlegroups.com. > To post to this group, send email to trac-users@googlegroups.com. > Visit this group at http://groups.google.com/group/trac-users. > For more options, visit https://groups.google.com/d/optout. > -- Jared Bownds c. 916-224-2324 e. Jared.Bownds@g mail.com -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
On Mon, Jul 28, 2014 at 3:42 PM, Jared Bownds wrote: > Is that not the following? > > Trac[loader] DEBUG: Loading ContextChrome from > /srv/trac/trac/plugins/ContextChrome-0.3-py2.6.egg > That looks good. Does the opening body tag on the ticket page have the class "resolution_is_signed"? -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
Is that not the following? Trac[loader] DEBUG: Loading ContextChrome from /srv/trac/trac/plugins/ContextChrome-0.3-py2.6.egg On Mon, Jul 28, 2014 at 3:16 PM, Ryan Ollos wrote: > On Mon, Jul 28, 2014 at 3:01 PM, Jared Bownds > wrote: > >> DevayedWiki was causing a problem, thanks for pointing that out - below >> is my configuration in trac.ini >> >> I'm still not sure why it's not working. Do you have any other ideas on >> what I can check? >> >> [components] >> contextchrome.cors.crossoriginresourcesharingenabler = disabled >> contextchrome.linkdeco.internalstylesheet = disabled >> contextchrome.linkdeco.intertracticketlinkdecorator = disabled >> contextchrome.linkdeco.ticketlinkdecorator = disabled >> contextchrome.linkdeco.wikilinknewdecolator = disabled >> contextchrome.style.typeclasstoticket = enabled >> contextchrome.ticketvalidator.ticketvalidatordecolator = disabled >> > > Have you confirmed that the ContextChrome entry point is loading when Trac > starts? > > 03:11:52 PM Trac[loader] DEBUG: Loading ContextChrome from > /home/user/Workspace/trachacks.git/contextchromeplugin/0.12 > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Trac Users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/trac-users/1GNDHTObQKg/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > trac-users+unsubscr...@googlegroups.com. > To post to this group, send email to trac-users@googlegroups.com. > Visit this group at http://groups.google.com/group/trac-users. > For more options, visit https://groups.google.com/d/optout. > -- Jared Bownds c. 916-224-2324 e. Jared.Bownds@g mail.com -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
On Mon, Jul 28, 2014 at 3:01 PM, Jared Bownds wrote: > DevayedWiki was causing a problem, thanks for pointing that out - below is > my configuration in trac.ini > > I'm still not sure why it's not working. Do you have any other ideas on > what I can check? > > [components] > contextchrome.cors.crossoriginresourcesharingenabler = disabled > contextchrome.linkdeco.internalstylesheet = disabled > contextchrome.linkdeco.intertracticketlinkdecorator = disabled > contextchrome.linkdeco.ticketlinkdecorator = disabled > contextchrome.linkdeco.wikilinknewdecolator = disabled > contextchrome.style.typeclasstoticket = enabled > contextchrome.ticketvalidator.ticketvalidatordecolator = disabled > Have you confirmed that the ContextChrome entry point is loading when Trac starts? 03:11:52 PM Trac[loader] DEBUG: Loading ContextChrome from /home/user/Workspace/trachacks.git/contextchromeplugin/0.12 -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
DevayedWiki was causing a problem, thanks for pointing that out - below is my configuration in trac.ini I'm still not sure why it's not working. Do you have any other ideas on what I can check? [components] contextchrome.cors.crossoriginresourcesharingenabler = disabled contextchrome.linkdeco.internalstylesheet = disabled contextchrome.linkdeco.intertracticketlinkdecorator = disabled contextchrome.linkdeco.ticketlinkdecorator = disabled contextchrome.linkdeco.wikilinknewdecolator = disabled contextchrome.style.typeclasstoticket = enabled contextchrome.ticketvalidator.ticketvalidatordecolator = disabled On Mon, Jul 28, 2014 at 2:27 PM, Ryan Ollos wrote: > > > > On Mon, Jul 28, 2014 at 2:20 PM, Jared Bownds > wrote: > >> I think your onto something, the plugin may not be loading. Has anyone >> encountered this error before? Also, I opened a ticket regarding the error. >> >> http://trac-hacks.org/ticket/11889 >> >> *Trac detected an internal error:* >> >> >> AttributeError: 'datetime.timedelta' object has no attribute 'total_seconds' >> >> > You can leave the DecayedWiki component disabled if you think it is > causing problems. We just need to make sure the TypeClassToTicket component > is enabled. I had the following: > > [components] > contextchrome.cors. > crossoriginresourcesharingenabler = disabled > contextchrome.linkdeco.internalstylesheet = disabled > contextchrome.linkdeco.intertracticketlinkdecorator = disabled > contextchrome.linkdeco.ticketlinkdecorator = disabled > contextchrome.linkdeco.wikilinknewdecolator = disabled > contextchrome.style.typeclasstoticket = enabled > contextchrome.ticketvalidator.ticketvalidatordecolator = disabled > decayed.wiki.decayedwiki = disabled > > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Trac Users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/trac-users/1GNDHTObQKg/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > trac-users+unsubscr...@googlegroups.com. > To post to this group, send email to trac-users@googlegroups.com. > Visit this group at http://groups.google.com/group/trac-users. > For more options, visit https://groups.google.com/d/optout. > -- Jared Bownds c. 916-224-2324 e. Jared.Bownds@g mail.com -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
I think your onto something, the plugin may not be loading. Has anyone encountered this error before? Also, I opened a ticket regarding the error. http://trac-hacks.org/ticket/11889 *Trac detected an internal error:* AttributeError: 'datetime.timedelta' object has no attribute 'total_seconds' On Mon, Jul 28, 2014 at 2:05 PM, Ryan Ollos wrote: > On Mon, Jul 28, 2014 at 1:54 PM, Jared Bownds > wrote: > >> I left out a step: >> >> [ticket] >> decorate_fields = resolution >> >> I added to trac.ini, it's still not working. I'm at a loss as to why >> it's not working. >> >> [ticket] >> decorate_fields = resolution >> >> Here is a snippet from the log >> >> 2014-07-28 13:53:09,218 Trac[main] DEBUG: Dispatching > "GET '/chrome/site/style.css'"> >> 2014-07-28 13:53:09,219 Trac[chrome] DEBUG: Prepare chrome data for >> request >> 2014-07-28 13:53:09,220 Trac[session] DEBUG: Retrieving session for ID >> u'jbownds' >> 2014-07-28 13:53:09,222 Trac[main] DEBUG: Negotiated locale: None -> en_US >> 2014-07-28 13:53:09,342 Trac[main] DEBUG: Dispatching > "GET '/ticketvalidator.options'"> >> 2014-07-28 13:53:09,343 Trac[chrome] DEBUG: Prepare chrome data for >> request >> 2014-07-28 13:53:09,345 Trac[session] DEBUG: Retrieving session for ID >> u'jbownds' >> 2014-07-28 13:53:09,347 Trac[main] DEBUG: Negotiated locale: None -> en_US >> >> > Does the opening body tag in the page have the class > "resolution_is_signed"? If not, then look at whether ContextChromePlugin is > loading. You should see it loaded with the log level at Debug and > restarting Trac. > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Trac Users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/trac-users/1GNDHTObQKg/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > trac-users+unsubscr...@googlegroups.com. > To post to this group, send email to trac-users@googlegroups.com. > Visit this group at http://groups.google.com/group/trac-users. > For more options, visit https://groups.google.com/d/optout. > -- Jared Bownds c. 916-224-2324 e. Jared.Bownds@g mail.com -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
On Mon, Jul 28, 2014 at 2:20 PM, Jared Bownds wrote: > I think your onto something, the plugin may not be loading. Has anyone > encountered this error before? Also, I opened a ticket regarding the error. > > http://trac-hacks.org/ticket/11889 > > *Trac detected an internal error:* > > AttributeError: 'datetime.timedelta' object has no attribute 'total_seconds' > > You can leave the DecayedWiki component disabled if you think it is causing problems. We just need to make sure the TypeClassToTicket component is enabled. I had the following: [components] contextchrome.cors. crossoriginresourcesharingenabler = disabled contextchrome.linkdeco.internalstylesheet = disabled contextchrome.linkdeco.intertracticketlinkdecorator = disabled contextchrome.linkdeco.ticketlinkdecorator = disabled contextchrome.linkdeco.wikilinknewdecolator = disabled contextchrome.style.typeclasstoticket = enabled contextchrome.ticketvalidator.ticketvalidatordecolator = disabled decayed.wiki.decayedwiki = disabled -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
[Trac] Re: Custom fields in a custim ticket query
On Friday, February 1, 2013 8:15:52 AM UTC-8, Roger Oberholtzer wrote: > > On trac 0.12.3, I am doing a custom ticket query. In that context, > custom ticket fields show up in everything - except the "Group results > by" item. Do I need to do anything to make them available there? > There are some restrictions on the type of field that can be used to group tickets (see code in link below for specifics), but otherwise Custom Fields appear in the Group By list from the testing I've done on 1.0-stable. http://trac.edgewall.org/browser/branches/1.0-stable/trac/ticket/templates/query.html?rev=12660&marks=201#L182 -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
On Mon, Jul 28, 2014 at 1:54 PM, Jared Bownds wrote: > I left out a step: > > [ticket] > decorate_fields = resolution > > I added to trac.ini, it's still not working. I'm at a loss as to why it's > not working. > > [ticket] > decorate_fields = resolution > > Here is a snippet from the log > > 2014-07-28 13:53:09,218 Trac[main] DEBUG: Dispatching "GET '/chrome/site/style.css'"> > 2014-07-28 13:53:09,219 Trac[chrome] DEBUG: Prepare chrome data for request > 2014-07-28 13:53:09,220 Trac[session] DEBUG: Retrieving session for ID > u'jbownds' > 2014-07-28 13:53:09,222 Trac[main] DEBUG: Negotiated locale: None -> en_US > 2014-07-28 13:53:09,342 Trac[main] DEBUG: Dispatching "GET '/ticketvalidator.options'"> > 2014-07-28 13:53:09,343 Trac[chrome] DEBUG: Prepare chrome data for request > 2014-07-28 13:53:09,345 Trac[session] DEBUG: Retrieving session for ID > u'jbownds' > 2014-07-28 13:53:09,347 Trac[main] DEBUG: Negotiated locale: None -> en_US > > Does the opening body tag in the page have the class "resolution_is_signed"? If not, then look at whether ContextChromePlugin is loading. You should see it loaded with the log level at Debug and restarting Trac. -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
Also, it turns out the this bit of code is not working. I thought it was
working, but it turns out the test user (temp1) was not authenticated.
Judging by the log, it seems as though everything is working as you would
expect, temp1 should not be able to edit the request. However, the update
commits and subsequent notifications are sent.
ReadonlySignedTickets.py
{{{
from trac.core import *
from trac.perm import IPermissionPolicy
from trac.ticket.model import Ticket
class ReadonlySignedTickets(Component):
implements(IPermissionPolicy)
def check_permission(self, action, username, resource, perm):
if resource is None or resource.realm != 'ticket' or \
resource.id is None or action == 'TICKET_VIEW' or \
action == 'TRAC_ADMIN' or 'TRAC_ADMIN' in perm:
return None
t = Ticket(self.env, resource.id)
if t['resolution'] == 'signed':
return False
}}}
Trac Log
2014-07-28 14:02:15,937 Trac[blackmagic] DEBUG: Checking permission
TICKET_ADMIN
2014-07-28 14:02:15,938 Trac[blackmagic] DEBUG: type disabled or hidden
2014-07-28 14:02:15,942 Trac[blackmagic] DEBUG: OT: Task
2014-07-28 14:02:15,942 Trac[blackmagic] DEBUG: NEW: Task
2014-07-28 14:02:15,954 Trac[default_workflow] DEBUG:
render_ticket_action_control: action "leave"
2014-07-28 14:02:15,954 Trac[default_workflow] DEBUG:
render_ticket_action_control: action "reopen"
2014-07-28 14:02:15,974 Trac[perm] DEBUG: No policy allowed temp1
performing TICKET_EDIT_COMMENT on
On Mon, Jul 28, 2014 at 11:31 AM, Ryan Ollos wrote:
> On Mon, Jul 28, 2014 at 10:55 AM, Jared Bownds
> wrote:
>
>> You nailed it! The code below works. However, users are still able to
>> 'edit' their own comments once a ticket is resolved as signed.
>>
>> {{{
>> from trac.core import *
>> from trac.perm import IPermissionPolicy
>> from trac.ticket.model import Ticket
>>
>> class ReadonlySignedTickets(Component):
>> implements(IPermissionPolicy)
>>
>> def check_permission(self, action, username, resource, perm):
>> if resource is None or resource.realm != 'ticket' or \
>>resource.id is None or action == 'TICKET_VIEW' or \
>>action == 'TRAC_ADMIN' or 'TRAC_ADMIN' in perm:
>>
>> return None
>>
>> t = Ticket(self.env, resource.id)
>> if t['resolution'] == 'signed':
>> return False
>> }}}
>>
>
> Peter's plugin shown above work for me on 1.0-stable, and users aren't
> able to edit comments even if they have been granted TICKET_ADMIN. I used
> resolution //signed// rather than //Signed// since all of Trac's predefined
> resolutions are in lowercase.
>
> Which Trac version are you running?
>
> In order to implement your other requirements, it sounds like you'll want
> to:
> * Enable ExtraPermissionsProvider
>[components]
>tracopt.perm.config_perm_provider.extrapermissionsprovider = enabled
>
> * Add the signed permission:
>[extra-permissions]
>_perms = TICKET_SIGNED
>
> * Grant TICKET_SIGNED to the appropriate user.
>
> * Modify your workflow to only allow users with TICKET_SIGNED to resolve
> a ticket as signed. This is where things seem to get a bit tricky. You may
> need to have a workflow state signed rather than using a resolution, but
> that might not work since you probably want tickets to end in the closed
> state. You might need to implement a workflow action to replace
> set_resolution, which does permission checking to decide who can resolve a
> ticket as signed ... or perhaps the permission checking can be done in the
> ReadonlySignedTickets policy as well. I'll have to give that more thought.
>
>
>
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Trac Users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/trac-users/1GNDHTObQKg/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> trac-users+unsubscr...@googlegroups.com.
> To post to this group, send email to trac-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/trac-users.
> For more options, visit https://groups.google.com/d/optout.
>
--
Jared Bownds
c. 916-224-2324
e. Jared.Bownds@g mail.com
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to trac-users+unsubscr...@googlegroups.com.
To post to this group, send email to trac-users@googlegroups.com.
Visit this group at http://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
I left out a step: [ticket] decorate_fields = resolution I added to trac.ini, it's still not working. I'm at a loss as to why it's not working. [ticket] decorate_fields = resolution Here is a snippet from the log 2014-07-28 13:53:09,218 Trac[main] DEBUG: Dispatching 2014-07-28 13:53:09,219 Trac[chrome] DEBUG: Prepare chrome data for request 2014-07-28 13:53:09,220 Trac[session] DEBUG: Retrieving session for ID u'jbownds' 2014-07-28 13:53:09,222 Trac[main] DEBUG: Negotiated locale: None -> en_US 2014-07-28 13:53:09,342 Trac[main] DEBUG: Dispatching 2014-07-28 13:53:09,343 Trac[chrome] DEBUG: Prepare chrome data for request 2014-07-28 13:53:09,345 Trac[session] DEBUG: Retrieving session for ID u'jbownds' 2014-07-28 13:53:09,347 Trac[main] DEBUG: Negotiated locale: None -> en_US On Mon, Jul 28, 2014 at 1:34 PM, Ryan Ollos wrote: > > > > On Mon, Jul 28, 2014 at 1:26 PM, Jared Bownds > wrote: > >> Hi Ryan, >> >> I'm using style.css, and it does show up in the source. >> > > The casing of "Signed" might cause an issue, but probably not. > > I left out a step: > > [ticket] > decorate_fields = resolution > > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Trac Users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/trac-users/1GNDHTObQKg/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > trac-users+unsubscr...@googlegroups.com. > To post to this group, send email to trac-users@googlegroups.com. > Visit this group at http://groups.google.com/group/trac-users. > For more options, visit https://groups.google.com/d/optout. > -- Jared Bownds c. 916-224-2324 e. Jared.Bownds@g mail.com -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
On Mon, Jul 28, 2014 at 1:26 PM, Jared Bownds wrote: > Hi Ryan, > > I'm using style.css, and it does show up in the source. > The casing of "Signed" might cause an issue, but probably not. I left out a step: [ticket] decorate_fields = resolution -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
On Mon, Jul 28, 2014 at 1:03 PM, Jared Bownds
wrote:
> Hi Ryan,
>
>
> 2. Add site.html to your Environment templates directory:
> http://trac.edgewall.org/wiki/TracInterfaceCustomization#SiteAppearance (the
> first code snippet in that section is what you want to copy to site.html)
>
> Response: Is this the code I want to add in *site.html* contained within
> my environments template directory?
>
>
> *site.html*
>
> http://www.w3.org/1999/xhtml";
>
> xmlns:py="http://genshi.edgewall.org/";
>
> py:strip="">
>
>
>
>
>
> ${select('*|comment()|text()')}
>
>
> href="${href.chrome('site/style.css')}" />
>
>
>
>
>
>
>
>
>
>
>
>
>
> ${select('*|text()')}
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> 4. Add the following to site.css as a test case:
> body.resolution_is_signed { background-color: #f5deb3; /* wheat */}
>
> Response: I've done this, and also tried variations such as
> *body.resolution_is_closed* and I am not seeing the desired results, with
> any color background i.e. #FF
>
That site.html looks correct.
I can assure you that the recipe does works since I tested it out, so we
just have to debug where things went wrong in your setup. Do you see
site.css on the ticket page when viewing the page source?
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to trac-users+unsubscr...@googlegroups.com.
To post to this group, send email to trac-users@googlegroups.com.
Visit this group at http://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
Peter's plugin shown above work for me on 1.0-stable, and users aren't able
to edit comments even if they have been granted TICKET_ADMIN. I used
resolution //signed// rather than //Signed// since all of Trac's predefined
resolutions are in lowercase.
I'm running version 1.0
On Monday, July 28, 2014 11:31:56 AM UTC-7, RjOllos wrote:
>
> On Mon, Jul 28, 2014 at 10:55 AM, Jared Bownds > wrote:
>
>> You nailed it! The code below works. However, users are still able to
>> 'edit' their own comments once a ticket is resolved as signed.
>>
>> {{{
>> from trac.core import *
>> from trac.perm import IPermissionPolicy
>> from trac.ticket.model import Ticket
>>
>> class ReadonlySignedTickets(Component):
>> implements(IPermissionPolicy)
>>
>> def check_permission(self, action, username, resource, perm):
>> if resource is None or resource.realm != 'ticket' or \
>>resource.id is None or action == 'TICKET_VIEW' or \
>>action == 'TRAC_ADMIN' or 'TRAC_ADMIN' in perm:
>>
>> return None
>>
>> t = Ticket(self.env, resource.id)
>> if t['resolution'] == 'signed':
>> return False
>> }}}
>>
>
> Peter's plugin shown above work for me on 1.0-stable, and users aren't
> able to edit comments even if they have been granted TICKET_ADMIN. I used
> resolution //signed// rather than //Signed// since all of Trac's predefined
> resolutions are in lowercase.
>
> Which Trac version are you running?
>
> I'm running version 1.0
>
>
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to trac-users+unsubscr...@googlegroups.com.
To post to this group, send email to trac-users@googlegroups.com.
Visit this group at http://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
Hi Ryan,
2. Add site.html to your Environment templates directory:
http://trac.edgewall.org/wiki/TracInterfaceCustomization#SiteAppearance (the
first code snippet in that section is what you want to copy to site.html)
Response: Is this the code I want to add in *site.html* contained within
my environments template directory?
*site.html*
http://www.w3.org/1999/xhtml";
xmlns:py="http://genshi.edgewall.org/";
py:strip="">
${select('*|comment()|text()')}
${select('*|text()')}
4. Add the following to site.css as a test case:
body.resolution_is_signed { background-color: #f5deb3; /* wheat */}
Response: I've done this, and also tried variations such as
*body.resolution_is_closed* and I am not seeing the desired results, with
any color background i.e. #FF
On Mon, Jul 28, 2014 at 12:00 PM, Ryan Ollos wrote:
> On Mon, Jul 28, 2014 at 11:26 AM, Jared Bownds
> wrote:
>
>> Next, how do we implement the desired error feedback outlined below?
>>
>>- Visually distinguish tickets resolved as 'Signed' by either
>>slightly changing the color of the description body, or add a draft style
>>'SIGNED' watermark to the right and left side of the description body.
>>
>>
> The following works for me:
>
> 1. Install ContextChromePlugin:
> http://trac-hacks.org/wiki/ContextChromePlugin#TikcetcolorbyType
> 2. Add site.html to your Environment templates directory:
> http://trac.edgewall.org/wiki/TracInterfaceCustomization#SiteAppearance
> (the first code snippet in that section is what you want to copy to
> site.html)
> 3. Add site.css to your Environment htdocs directory.
> 4. Add the following to site.css as a test case:
> body.resolution_is_signed { background-color: #f5deb3; /* wheat */}
> 5. Enabled ContextChromePlugin:
> [components]
> contextchrome.style.typeclasstoticket = enabled
>
> Now you can add whatever CSS rules you want using the selector
> body.resolution_is_signed. For example, you could use any of the background
> properties: http://www.w3schools.com/css/css_background.asp
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Trac Users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/trac-users/1GNDHTObQKg/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> trac-users+unsubscr...@googlegroups.com.
> To post to this group, send email to trac-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/trac-users.
> For more options, visit https://groups.google.com/d/optout.
>
--
Jared Bownds
c. 916-224-2324
e. Jared.Bownds@g mail.com
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to trac-users+unsubscr...@googlegroups.com.
To post to this group, send email to trac-users@googlegroups.com.
Visit this group at http://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
On Mon, Jul 28, 2014 at 11:26 AM, Jared Bownds
wrote:
> Next, how do we implement the desired error feedback outlined below?
>
>- Visually distinguish tickets resolved as 'Signed' by either slightly
>changing the color of the description body, or add a draft style 'SIGNED'
>watermark to the right and left side of the description body.
>
>
The following works for me:
1. Install ContextChromePlugin:
http://trac-hacks.org/wiki/ContextChromePlugin#TikcetcolorbyType
2. Add site.html to your Environment templates directory:
http://trac.edgewall.org/wiki/TracInterfaceCustomization#SiteAppearance
(the first code snippet in that section is what you want to copy to
site.html)
3. Add site.css to your Environment htdocs directory.
4. Add the following to site.css as a test case:
body.resolution_is_signed { background-color: #f5deb3; /* wheat */}
5. Enabled ContextChromePlugin:
[components]
contextchrome.style.typeclasstoticket = enabled
Now you can add whatever CSS rules you want using the selector
body.resolution_is_signed. For example, you could use any of the background
properties: http://www.w3schools.com/css/css_background.asp
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to trac-users+unsubscr...@googlegroups.com.
To post to this group, send email to trac-users@googlegroups.com.
Visit this group at http://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
On Mon, Jul 28, 2014 at 10:55 AM, Jared Bownds
wrote:
> You nailed it! The code below works. However, users are still able to
> 'edit' their own comments once a ticket is resolved as signed.
>
> {{{
> from trac.core import *
> from trac.perm import IPermissionPolicy
> from trac.ticket.model import Ticket
>
> class ReadonlySignedTickets(Component):
> implements(IPermissionPolicy)
>
> def check_permission(self, action, username, resource, perm):
> if resource is None or resource.realm != 'ticket' or \
>resource.id is None or action == 'TICKET_VIEW' or \
>action == 'TRAC_ADMIN' or 'TRAC_ADMIN' in perm:
>
> return None
>
> t = Ticket(self.env, resource.id)
> if t['resolution'] == 'signed':
> return False
> }}}
>
Peter's plugin shown above work for me on 1.0-stable, and users aren't able
to edit comments even if they have been granted TICKET_ADMIN. I used
resolution //signed// rather than //Signed// since all of Trac's predefined
resolutions are in lowercase.
Which Trac version are you running?
In order to implement your other requirements, it sounds like you'll want
to:
* Enable ExtraPermissionsProvider
[components]
tracopt.perm.config_perm_provider.extrapermissionsprovider = enabled
* Add the signed permission:
[extra-permissions]
_perms = TICKET_SIGNED
* Grant TICKET_SIGNED to the appropriate user.
* Modify your workflow to only allow users with TICKET_SIGNED to resolve a
ticket as signed. This is where things seem to get a bit tricky. You may
need to have a workflow state signed rather than using a resolution, but
that might not work since you probably want tickets to end in the closed
state. You might need to implement a workflow action to replace
set_resolution, which does permission checking to decide who can resolve a
ticket as signed ... or perhaps the permission checking can be done in the
ReadonlySignedTickets policy as well. I'll have to give that more thought.
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to trac-users+unsubscr...@googlegroups.com.
To post to this group, send email to trac-users@googlegroups.com.
Visit this group at http://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
Peter,
Should this be included, or excluded? For clarity, please provide the
entire block of code that should be used to implement the following
behavior:
- Once a ticket is resolved as 'Signed', the ticket is now read only
except by TRAC_ADMIN
Next, how do we implement the desired error feedback outlined below?
- Visually distinguish tickets resolved as 'Signed' by either slightly
changing the color of the description body, or add a draft style 'SIGNED'
watermark to the right and left side of the description body.
On Mon, Jul 28, 2014 at 10:55 AM, Peter Suter wrote:
> Oops, and now I dropped the `if t['resolution'] == 'Signed':` test by
> mistake..
>
>
> {{{
> from trac.core import *
> from trac.perm import IPermissionPolicy
> from trac.ticket.model import Ticket
>
> class ReadonlySignedTickets(Component):
> implements(IPermissionPolicy)
>
> def check_permission(self, action, username, resource, perm):
> if resource is None or resource.realm != 'ticket' or \
> resource.id is None or action == 'TICKET_VIEW' or \
> action == 'TRAC_ADMIN' or 'TRAC_ADMIN' in perm:
> return None
>
> t = Ticket(self.env, resource.id)
> if t['resolution'] == 'Signed':
> return False
> }}}
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Trac Users" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/
> topic/trac-users/1GNDHTObQKg/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> trac-users+unsubscr...@googlegroups.com.
> To post to this group, send email to trac-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/trac-users.
> For more options, visit https://groups.google.com/d/optout.
>
--
Jared Bownds
c. 916-224-2324
e. Jared.Bownds@g mail.com
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to trac-users+unsubscr...@googlegroups.com.
To post to this group, send email to trac-users@googlegroups.com.
Visit this group at http://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
You nailed it! The code below works. However, users are still able to
'edit' their own comments once a ticket is resolved as signed.
{{{
from trac.core import *
from trac.perm import IPermissionPolicy
from trac.ticket.model import Ticket
class ReadonlySignedTickets(Component):
implements(IPermissionPolicy)
def check_permission(self, action, username, resource, perm):
if resource is None or resource.realm != 'ticket' or \
resource.id is None or action == 'TICKET_VIEW' or \
action == 'TRAC_ADMIN' or 'TRAC_ADMIN' in perm:
return None
t = Ticket(self.env, resource.id)
return False
}}}
On Mon, Jul 28, 2014 at 10:38 AM, Peter Suter wrote:
> On 28.07.2014 08:55, RjOllos wrote:
>
>> I'm encountering the dreaded issue: RuntimeError: maximum recursion
>> depth exceeded while calling a Python object
>>
>> The issue seems to be with the check: 'TRAC_ADMIN' in perm.
>>
>
> Oops, right. I think adding `action == 'TRAC_ADMIN'` to the check (before
> the `'TRAC_ADMIN' in perm` recursion) should be both sufficient to stop the
> recursion and correct in the non-recursive case:
>
> {{{
>
> from trac.core import *
> from trac.perm import IPermissionPolicy
> from trac.ticket.model import Ticket
>
> class ReadonlySignedTickets(Component):
> implements(IPermissionPolicy)
>
> def check_permission(self, action, username, resource, perm):
> if resource is None or resource.realm != 'ticket' or \
>resource.id is None or action == 'TICKET_VIEW' or \
>action == 'TRAC_ADMIN' or 'TRAC_ADMIN' in perm:
>
> return None
>
> t = Ticket(self.env, resource.id)
> return False
>
> }}}
>
>
>
> I tried reworking the conditional checks in various ways, such as making
>> it look as close as possible to SecurityTicketsPolicy:
>> http://trac.edgewall.org/browser/trunk/sample-plugins/
>> permissions/vulnerability_tickets.py
>>
>> Btw, in vulnerable_tickets.py, should the check be changed?:
>> if 'VULNERABILITY_VIEW' not in perm:
>> ->
>>
>> if 'VULNERABILITY_VIEW' not in perm(resource):
>>
>
> Hm, subtle.
>
> Usually in IPermissionPolicy `perm` should already be specific to the
> checked resource, so `perm` is the same as `perm(resource)`.
>
> But in SecurityTicketsPolicy resource might be changed to the parent
> resource (i.e. the ticket) if it was initially a child resource (e.g. an
> attachment). So here changing `perm` to `perm(resource)` would change the
> logic: Instead of the current behaviour where VULNERABILITY_VIEW is
> required on the child resource (attachment), it would be required on the
> parent resource (ticket).
>
> I guess for attachments (assuming the usual LegacyDelegate is used to
> forward the check to the parent anyway) it makes no difference.
>
> To me it sounds slightly better the way it is (require VULNERABILITY_VIEW
> on the child resource), but I've not used fine-grained permissions much.
>
> Or am I on the wrong track? :)
>
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Trac Users" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/
> topic/trac-users/1GNDHTObQKg/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> trac-users+unsubscr...@googlegroups.com.
> To post to this group, send email to trac-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/trac-users.
> For more options, visit https://groups.google.com/d/optout.
>
--
Jared Bownds
c. 916-224-2324
e. Jared.Bownds@g mail.com
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to trac-users+unsubscr...@googlegroups.com.
To post to this group, send email to trac-users@googlegroups.com.
Visit this group at http://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
Oops, and now I dropped the `if t['resolution'] == 'Signed':` test by
mistake..
{{{
from trac.core import *
from trac.perm import IPermissionPolicy
from trac.ticket.model import Ticket
class ReadonlySignedTickets(Component):
implements(IPermissionPolicy)
def check_permission(self, action, username, resource, perm):
if resource is None or resource.realm != 'ticket' or \
resource.id is None or action == 'TICKET_VIEW' or \
action == 'TRAC_ADMIN' or 'TRAC_ADMIN' in perm:
return None
t = Ticket(self.env, resource.id)
if t['resolution'] == 'Signed':
return False
}}}
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to trac-users+unsubscr...@googlegroups.com.
To post to this group, send email to trac-users@googlegroups.com.
Visit this group at http://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
On 28.07.2014 08:55, RjOllos wrote:
I'm encountering the dreaded issue: RuntimeError: maximum recursion
depth exceeded while calling a Python object
The issue seems to be with the check: 'TRAC_ADMIN' in perm.
Oops, right. I think adding `action == 'TRAC_ADMIN'` to the check
(before the `'TRAC_ADMIN' in perm` recursion) should be both sufficient
to stop the recursion and correct in the non-recursive case:
{{{
from trac.core import *
from trac.perm import IPermissionPolicy
from trac.ticket.model import Ticket
class ReadonlySignedTickets(Component):
implements(IPermissionPolicy)
def check_permission(self, action, username, resource, perm):
if resource is None or resource.realm != 'ticket' or \
resource.id is None or action == 'TICKET_VIEW' or \
action == 'TRAC_ADMIN' or 'TRAC_ADMIN' in perm:
return None
t = Ticket(self.env, resource.id)
return False
}}}
I tried reworking the conditional checks in various ways, such as making
it look as close as possible to SecurityTicketsPolicy:
http://trac.edgewall.org/browser/trunk/sample-plugins/permissions/vulnerability_tickets.py
Btw, in vulnerable_tickets.py, should the check be changed?:
if 'VULNERABILITY_VIEW' not in perm:
->
if 'VULNERABILITY_VIEW' not in perm(resource):
Hm, subtle.
Usually in IPermissionPolicy `perm` should already be specific to the
checked resource, so `perm` is the same as `perm(resource)`.
But in SecurityTicketsPolicy resource might be changed to the parent
resource (i.e. the ticket) if it was initially a child resource (e.g. an
attachment). So here changing `perm` to `perm(resource)` would change
the logic: Instead of the current behaviour where VULNERABILITY_VIEW is
required on the child resource (attachment), it would be required on the
parent resource (ticket).
I guess for attachments (assuming the usual LegacyDelegate is used to
forward the check to the parent anyway) it makes no difference.
To me it sounds slightly better the way it is (require
VULNERABILITY_VIEW on the child resource), but I've not used
fine-grained permissions much.
Or am I on the wrong track? :)
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to trac-users+unsubscr...@googlegroups.com.
To post to this group, send email to trac-users@googlegroups.com.
Visit this group at http://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Read only ticket according to custom resolution type
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 28.07.2014 08:55, RjOllos wrote: > Btw, in vulnerable_tickets.py, should the check be changed?: > if 'VULNERABILITY_VIEW' not in perm: > -> > > if 'VULNERABILITY_VIEW' not in perm(resource): It depends on the intention. From earlier discussion I remember, that recommended, performance conscious practice of Trac permission checking involves a rather cheep pre-check, if the required permission is assigned to the SID at all. That's what the first line would be good for. The suggested replacement does the fine-grained check, that required the resource object. I've been testing with 'only' 30.000+ tickets in my Trac development environment to learn, that constructing resource objects IS a costly task that shall be avoided, if possible. Just my 2 cents. Steffen Hoffmann -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Icedove - http://www.enigmail.net/ iEYEARECAAYFAlPWcDoACgkQ31DJeiZFuHfkdgCg1mOSo/WP+SIhnFbOQgAoomac GpsAnA3jTWSLj6fkz5E+3+6IrnwQqBVd =UsxY -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Unable to complete upgrade to 1.0.1
On Jul 28, 2014 7:22 AM, "Anton Piatek" wrote:
>
> I just upgraded my Ubuntu 12.04 server to 14.04.1 and as part of that
upgraded trac. I get the following error trying to complete the upgrade of
trac when running the "trac-admin ... upgrade" command
>
>> The upgrade failed. Please fix the issue and try again.
>> AttributeError:
>
>
> I have enabled the log and it shows
>>
>> ...
>> 2014-07-28 14:58:26,841 Trac[loader] DEBUG: Loading tractags from
/usr/local/lib/python2.7/dist-packages/TracTags-0.6-py2.7.egg
>> 2014-07-28 14:58:26,845 Trac[default_workflow] DEBUG: Workflow actions
at initialization: {u'resolve': {u'operations': [u'set_resolution'],
'name': u'resolve', 'default': 0, 'newstate': u'closed', 'oldstates':
[u'new', u'assigned', u'accepted', u'reopened'], u'permissions':
[u'TICKET_MODIFY']}, u'accept': {u'operations': [u'set_owner_to_self'],
'name': u'accept', 'default': 0, 'newstate': u'accepted', 'oldstates':
[u'new', u'assigned', u'accepted', u'reopened'], u'permissions':
[u'TICKET_MODIFY']}, u'leave': {u'operations': [u'leave_status'], 'name':
u'leave', u'default': 1, 'newstate': u'*', 'oldstates': [u'*'],
'permissions': []}, u'reopen': {u'operations': [u'del_resolution'], 'name':
u'reopen', 'default': 0, 'newstate': u'reopened', 'oldstates': [u'closed'],
u'permissions': [u'TICKET_CREATE']}, u'reassign': {u'operations':
[u'set_owner'], 'name': u'reassign', 'default': 0, 'newstate': u'assigned',
'oldstates': [u'new', u'assigned', u'accepted', u'reopened'],
u'permissions': [u'TICKET_MODIFY']}, '_reset': {'operations':
['reset_workflow'], 'name': 'reset', 'default': 0, 'newstate': 'new',
'oldstates': [], 'permissions': []}}
>>
>> 2014-07-28 14:58:26,847 Trac[env] INFO: Trac database schema version is
26, should be 29
>> 2014-07-28 14:58:26,847 Trac[env] WARNING: Component
requires environment
upgrade
>> 2014-07-28 14:58:26,847 Trac[env] INFO: Trac database schema version is
26, should be 29
>> 2014-07-28 14:58:26,847 Trac[env] WARNING: Component
requires environment
upgrade
>> 2014-07-28 14:58:26,848 Trac[env] INFO: Trac database schema version is
26, should be 29
>> 2014-07-28 14:58:26,848 Trac[model] ERROR: DatabaseError: no such table:
wiki_namespace
>> 2014-07-28 14:58:26,850 Trac[console] ERROR: Exception in trac-admin
command:
>> Traceback (most recent call last):
>> File "/usr/lib/python2.7/dist-packages/trac/admin/console.py", line
109, in onecmd
>> rv = cmd.Cmd.onecmd(self, line) or 0
>> File "/usr/lib/python2.7/cmd.py", line 220, in onecmd
>> return self.default(line)
>> File "/usr/lib/python2.7/dist-packages/trac/admin/console.py", line
285, in default
>> return cmd_mgr.execute_command(*args)
>> File "/usr/lib/python2.7/dist-packages/trac/admin/api.py", line 124,
in execute_command
>> return f(*fargs)
>> File "/usr/lib/python2.7/dist-packages/trac/env.py", line 982, in
_do_upgrade
>> self.env.upgrade(backup=no_backup is None)
File
"/usr/lib/python2.7/dist-packages/trac/env.py", line 698, in upgrade
if
participant.environment_needs_upgrade(db):
File
"/usr/local/lib/python2.7/dist-packages/TracTags-0.6-py2.7.egg/tractags/model.py",
line 23, in environment_needs_upgrade
if self._need_migration(db):
File
"/usr/local/lib/python2.7/dist-packages/TracTags-0.6-py2.7.egg/tractags/model.py",
line 47, in _need_migration
>> db.rollback()
>> File "/usr/lib/python2.7/dist-packages/trac/db/util.py", line 107, in
__getattr__
>> raise AttributeError
>> AttributeError:
>
>
> But now I'm out of ideas... Anyone have any hints for me? The DB is
sqlite.
>
> --
Upgrading your TagsPlugin installation to 0.7 should fix the issue.
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to trac-users+unsubscr...@googlegroups.com.
To post to this group, send email to trac-users@googlegroups.com.
Visit this group at http://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
Re: [Trac] Unable to complete upgrade to 1.0.1
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 28.07.2014 16:02, Anton Piatek wrote: > I just upgraded my Ubuntu 12.04 server to 14.04.1 and as part of that > upgraded trac. I get the following error trying to complete the upgrade > of trac when running the "trac-admin ... upgrade" command > > The upgrade failed. Please fix the issue and try again. > AttributeError: > > > I have enabled the log and it shows Smart move. Now you only need to read with an informed eye. So it was the right thing to post here too. > > "/usr/local/lib/python2.7/dist-packages/TracTags-0.6-py2.7.egg/tractags/model.py", > line 23, in environment_needs_upgrade >if > self._need_migration(db): > > > File > > "/usr/local/lib/python2.7/dist-packages/TracTags-0.6-py2.7.egg/tractags/model.py", > line 47, in _need_migration > > db.rollback() Your version of TagsPlugin [1] is rather old an well-known to be incompatible with Trac>=1.0. But this is not a problem, because the issue has been resolved for you months ago and you'll get an even better plugin by upgrading. Just do it. :-) Be sure to handle further issues similarly by looking at locally installed plugins first. I remember that we found a number of plugins that shared the troublesome upgrade check code, so chances are you have some of these installed at well. Sincerely, Steffen Hoffmann -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Icedove - http://www.enigmail.net/ iEYEARECAAYFAlPWbgcACgkQ31DJeiZFuHeiHQCZARI3JZatn19l3enO3KKAHEZm xk4AoOiWoX6yFHARicqngxrLi4EiF/tb =gVsp -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
[Trac] Unable to complete upgrade to 1.0.1
I just upgraded my Ubuntu 12.04 server to 14.04.1 and as part of that
upgraded trac. I get the following error trying to complete the upgrade of
trac when running the "trac-admin ... upgrade" command
The upgrade failed. Please fix the issue and try again.
> AttributeError:
I have enabled the log and it shows
> ...
> 2014-07-28 14:58:26,841 Trac[loader] DEBUG: Loading tractags from
> /usr/local/lib/python2.7/dist-packages/TracTags-0.6-py2.7.egg
>
> 2014-07-28 14:58:26,845 Trac[default_workflow] DEBUG: Workflow actions at
> initialization: {u'resolve': {u'operations': [u'set_resolution'], 'name':
> u'resolve', 'default': 0, 'newstate': u'closed', 'oldstates': [u'new',
> u'assigned', u'accepted', u'reopened'], u'permissions':
> [u'TICKET_MODIFY']}, u'accept': {u'operations': [u'set_owner_to_self'],
> 'name': u'accept', 'default': 0, 'newstate': u'accepted', 'oldstates':
> [u'new', u'assigned', u'accepted', u'reopened'], u'permissions':
> [u'TICKET_MODIFY']}, u'leave': {u'operations': [u'leave_status'], 'name':
> u'leave', u'default': 1, 'newstate': u'*', 'oldstates': [u'*'],
> 'permissions': []}, u'reopen': {u'operations': [u'del_resolution'], 'name':
> u'reopen', 'default': 0, 'newstate': u'reopened', 'oldstates': [u'closed'],
> u'permissions': [u'TICKET_CREATE']}, u'reassign': {u'operations':
> [u'set_owner'], 'name': u'reassign', 'default': 0, 'newstate': u'assigned',
> 'oldstates': [u'new', u'assigned', u'accepted', u'reopened'],
> u'permissions': [u'TICKET_MODIFY']}, '_reset': {'operations':
> ['reset_workflow'], 'name': 'reset', 'default': 0, 'newstate': 'new',
> 'oldstates': [], 'permissions': []}}
>
>
>
>
> 2014-07-28 14:58:26,847 Trac[env] INFO: Trac database schema version is
> 26, should be 29
>
> 2014-07-28 14:58:26,847 Trac[env] WARNING: Component
> requires environment
> upgrade
>
> 2014-07-28 14:58:26,847 Trac[env] INFO: Trac database schema version is
> 26, should be 29
>
> 2014-07-28 14:58:26,847 Trac[env] WARNING: Component
> requires environment
> upgrade
>
> 2014-07-28 14:58:26,848 Trac[env] INFO: Trac database schema version is
> 26, should be 29
>
> 2014-07-28 14:58:26,848 Trac[model] ERROR: DatabaseError: no such table:
> wiki_namespace
>
> 2014-07-28 14:58:26,850 Trac[console] ERROR: Exception in trac-admin
> command:
>
> Traceback (most recent call last):
>
>
> File "/usr/lib/python2.7/dist-packages/trac/admin/console.py", line 109,
> in onecmd
>
> rv = cmd.Cmd.onecmd(self, line) or 0
>
>
> File "/usr/lib/python2.7/cmd.py", line 220, in onecmd
>
>
> return self.default(line)
>
>
> File "/usr/lib/python2.7/dist-packages/trac/admin/console.py", line 285,
> in default
>
> return cmd_mgr.execute_command(*args)
>
>
Re: [Trac] Read only ticket according to custom resolution type
I'm receiving the same error. It can be reproduced by navigating to the any ticket *Stack trace:* https://gist.github.com/anonymous/c00aadd7d9a807d8b371 On Sun, Jul 27, 2014 at 11:55 PM, RjOllos wrote: > > > On Sunday, July 27, 2014 10:49:18 PM UTC-7, Peter Suter wrote: >> >> On 28.07.2014 01:01, Jared Bownds wrote: >> > Thanks for the feedback, i'm now confident ReadonlySignedTickets.py is >> > enabled as a plugin. >> > >> > I've run a few tests on the code below. I created a user called temp1 >> > that does not have TRAC_ADMIN privileges. Also, I created a request >> > (#1968) and resolved it as signed. While the permissions feedback >> > provided by the trac log indicates the user does not have the necessary >> > permissions to comment on the ticket, I am still able to modify the >> > request as user temp1. I would appreciate feedback on >> > ReadonlySignedTickets.py to try and identify why the desired behavior >> is >> > not functioning. >> >> Permission policy plugins also need to be listed in the trac.ini config >> file under [trac] permission_policies. For example if you previously >> only had the current default policies, add ReadonlySignedTickets to the >> front of the list: >> >> [trac] >> permission_policies = ReadonlySignedTickets, ReadonlyWikiPolicy, >> DefaultPermissionPolicy, LegacyAttachmentPolicy >> >> (Note that the order can be important!) >> >> Hope this helps. >> > > I'm encountering the dreaded issue: RuntimeError: maximum recursion depth > exceeded while calling a Python object > > The issue seems to be with the check: 'TRAC_ADMIN' in perm. > > I tried reworking the conditional checks in various ways, such as making > it look as close as possible to SecurityTicketsPolicy: > > http://trac.edgewall.org/browser/trunk/sample-plugins/permissions/vulnerability_tickets.py > > Btw, in vulnerable_tickets.py, should the check be changed?: > if 'VULNERABILITY_VIEW' not in perm: > -> > > if 'VULNERABILITY_VIEW' not in perm(resource): > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Trac Users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/trac-users/1GNDHTObQKg/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > trac-users+unsubscr...@googlegroups.com. > To post to this group, send email to trac-users@googlegroups.com. > Visit this group at http://groups.google.com/group/trac-users. > For more options, visit https://groups.google.com/d/optout. > -- Jared Bownds c. 916-224-2324 e. Jared.Bownds@g mail.com -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
