On Thu, May 04, 2006 at 10:57:47PM +0200, Christian Boos wrote: > I added some links in that page to help for reviewing the code (*)
Excellent, thanks. > I haven't make use of those features, and I don't think I'll need them > anytime soon, however I think the approach is sound and flexible enough > for most of the security concerns already expressed so far, in particular > the privacy concerns for tickets that would relate to security issues > (e.g. from the example you provided, one clearly see how to write a policy > for making a '[security]' ticket accessible only to developers and to > the original authenticated author, until the ticket is made public). Yes, from the test cases I've tried it seems to be pretty flexible. > I also acknowledge that by using the IResourceIdentifier you provide > a framework which is not only more general than using only TracObjects > but which can easily take benefit of the TracObjects once they become used > (one IResourceIdentifier to identify them all :) ). Exactly! If/when we move to TracObjects, we can either use a IResourceIdentifier, or modify PermissionSystem.identify_resource() to use the TracObject type and ID directly. > I'll reiterate what I already said earlier, I don't see any need to > post-pone this to 0.11, as the changes are low risk. I'd vote for the > inclusion of this now. Me too. > (*) As a side note, this shows that you missed one revision during the > merge from trunk, namely r3177. > This is a "boundary" problem, I think: in r3191, you state that you did > a merge of the [3177:3190] > range, but for that you certainly used a command like 'svn merge > -r3177:3190 <trunk> <security>' > It should have been 'svn merge -r3176:3190 ...' in order to contain the > r3177 changes as well. Righto, I've merged that, and the current trunk changes (We need SVN blame support in the browser/changeset views ;)) -- Evolution: Taking care of those too stupid to take care of themselves. _______________________________________________ Trac-dev mailing list [email protected] http://lists.edgewall.com/mailman/listinfo/trac-dev
