Fri Feb 1 21:09:55 GMT 2013 Duncan Coutts <dun...@well-typed.com> * Tidy up the user authorisation code Ignore-this: 81f003c21c2edf3ad563faf5a86ec004 Instead of authorisation functions that take user groups by value, take them by reference which reduces the code at call sites considerably. Also extend the options for priviledge checking: allow multiple alternatives (e.g. either maintainer or trustee) and allow checks against particular user ids. This is clearer (and faster) than merging multiple groups and passing them by value. Finally, add convenience functions in the UserFeature so we don't have to call queryGetUserDb at every call site. Old: users <- queryGetUserDb pkgms <- queryState maintainersState (GetPackageMaintainers pkgname) trustee <- queryState trusteesState GetTrusteesList _ <- guardAuthorised hackageRealm users (Group.union trustee pkgms) New: guardAuthorised_ [InGroup (maintainerGroup pkgname), InGroup trusteeGroup]
M ./Distribution/Server.hs -2 +3 M ./Distribution/Server/Features.hs +2 M ./Distribution/Server/Features/BuildReports.hs -15 +13 M ./Distribution/Server/Features/Documentation.hs -1 +1 M ./Distribution/Server/Features/Html.hs -7 +6 M ./Distribution/Server/Features/Mirror.hs -10 +4 M ./Distribution/Server/Features/PackageCandidates.hs -4 +4 M ./Distribution/Server/Features/PreferredVersions.hs -3 +3 M ./Distribution/Server/Features/Tags.hs -6 +7 M ./Distribution/Server/Features/Upload.hs -31 +22 M ./Distribution/Server/Features/Users.hs -59 +48 M ./Distribution/Server/Framework.hs -1 +1 M ./Distribution/Server/Framework/Auth.hs -10 +27 Fri Feb 1 21:15:08 GMT 2013 Duncan Coutts <dun...@well-typed.com> * Add some framework support for Aeson and Text types Ignore-this: ce22d992495c260e09c4c241c58d37e1 We should use Text more generally, rather than String. And similarly, we should switch from the json package to aeson. It's faster and has better generic support. M ./Distribution/Server/Framework/MemSize.hs +5 M ./Distribution/Server/Framework/RequestContentTypes.hs -6 +15 M ./Distribution/Server/Framework/ResponseContentTypes.hs +5 M ./hackage-server.cabal -4 +7 Fri Feb 1 21:18:51 GMT 2013 Duncan Coutts <dun...@well-typed.com> * Add a feature to store and manage extra info about user accounts Ignore-this: d97feb7ba0ba4a03a7370da3f396e38d In particular the real name for human users, and contact email addresses. To help admins, distinguish real human user accounts from ones for bots etc and store private notes for the admins. Extend the import client to set this info from the old hackage info. A ./Distribution/Client/UserAddressesDb.hs M ./Distribution/Server/Features.hs +7 M ./Distribution/Server/Features/Html.hs -8 +14 A ./Distribution/Server/Features/UserDetails.hs M ./ImportClient.hs -14 +58 _______________________________________________ cabal-devel mailing list cabal-devel@haskell.org http://www.haskell.org/mailman/listinfo/cabal-devel