-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 28.07.2014 08:55, RjOllos wrote: > Btw, in vulnerable_tickets.py, should the check be changed?: > if 'VULNERABILITY_VIEW' not in perm: > -> > > if 'VULNERABILITY_VIEW' not in perm(resource):
It depends on the intention. From earlier discussion I remember, that recommended, performance conscious practice of Trac permission checking involves a rather cheep pre-check, if the required permission is assigned to the SID at all. That's what the first line would be good for. The suggested replacement does the fine-grained check, that required the resource object. I've been testing with 'only' 30.000+ tickets in my Trac development environment to learn, that constructing resource objects IS a costly task that shall be avoided, if possible. Just my 2 cents. Steffen Hoffmann -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Icedove - http://www.enigmail.net/ iEYEARECAAYFAlPWcDoACgkQ31DJeiZFuHfkdgCg1mOSo/WP+SIhnFbOQgAoomac GpsAnA3jTWSLj6fkz5E+3+6IrnwQqBVd =UsxY -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to trac-users+unsubscr...@googlegroups.com. To post to this group, send email to trac-users@googlegroups.com. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/d/optout.
