-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello,
this time I'm bringing a recent discussion about permission checking to your attention. I'm further more asking for advice on how to handle this in the future. Summary: Initially there where two reports related reports against PrivateTicketsPlugin [1][2] and TracHoursPlugin [3][4] about incompatible permission check in TracHoursPlugin that caused an error only if PrivateTicketsPlugin was activated too. This had been meant to be resolved by two successive changesets [5][6] in TracHoursPlugin. But later the same issue surfaced again for the combination of PrivateTicketsPlugin with AnnouncerPlugin [7][8]. This time there was some more discussion about what's actually going on inside. Thanks to Odd Simon Simonsen and Ryan J. Ollos it became clear that recurring issues sprang off from usage of PermissionSystem.check_permission() [9] without `perm` argument. While default policies (DefaultPermissionPolicy, LegacyAttachmentPolicy) don't seem to have a problem with perm=None, PrivateTicketsPolicy does. Proper permission checks should be fine-grained and always query permissions per resource for such realms like tickets and wiki. But this is not obvious when reading current doc-strings in perm.py . So should we propose a documentation improvement, or is there another more appropriate action? After all docs will not prevent more variations of that issue, while a less tolerant API might do. Trying to introduce fine-grained permission checks to AnnouncerPlugin now I'm facing another challenge: How do I detect the resource identifier of an arbitrary resource? I'd be glad to be corrected, if I've overlooked something, but there seems no way to be sure today. While initially it seems common to have resource.name (i.e. resource = ticket) this is not true for wiki pages: resource.id, so in the absence of a common naming convention it seem impossible to code a permission query for arbitrary resources of realm xyz. But this is vital to do such things like generic change announcements that are extensible to resources provided by other plugins, like the screenshots [10] or tags [11]. Any comments and suggestions are welcome. Sincerely, Steffen Hoffmann (hasienda) [1] http://trac-hacks.org/wiki/PrivateTicketsPlugin [2] http://trac-hacks.org/ticket/5825 [3] http://trac-hacks.org/wiki/TracHoursPlugin [4] http://trac-hacks.org/ticket/5826 [5] http://trac-hacks.org/changeset/9569 [6] http://trac-hacks.org/changeset/9570 [7] http://trac-hacks.org/wiki/AnnouncerPlugin [8] http://trac-hacks.org/ticket/8458 [9] http://trac.edgewall.org/browser/trunk/trac/perm.py?rev=10418&marks=436%2C444-445#L436 [10] http://trac-hacks.org/wiki/ScreenshotsPlugin [11] http://trac-hacks.org/wiki/TagsPlugin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAk1Zk+4ACgkQ31DJeiZFuHd8gACfeXcwAIvPpRgkc0AleKCH3csl /EMAn13Rh3PcNWGYi3oZRKKnLK4SgctW =88Mq -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "Trac Development" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/trac-dev?hl=en.
