Changeset 388
- Timestamp:
- 01/20/06 13:41:21 (3 years ago)
- Files:
-
- wikirbacpatch/0.9/rbac.patch (modified) (16 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
wikirbacpatch/0.9/rbac.patch
r382 r388 24 24 version = req.args.get('version') 25 25 26 + self.authz.assert_authorization(req , req.authname, pagename, 'WIKI_VIEW')26 + self.authz.assert_authorization(req.perm, req.authname, pagename, 'WIKI_VIEW') 27 27 db = self.env.get_db_cnx() 28 28 page = WikiPage(self.env, pagename, version, db) … … 37 37 + self.log.debug("PERMISSION: %s", permission) 38 38 + req.hdf['trac.acl.' + permission] =\ 39 + self.authz.has_authorization(req , req.authname, page.name, permission)39 + self.authz.has_authorization(req.perm, req.authname, page.name, permission) 40 40 return 'wiki.cs', None 41 41 … … 56 56 - shorten=True) 57 57 - yield 'wiki', href, title, t, author, comment 58 + if self.authz.has_authorization(req , req.authname, name, 'WIKI_VIEW'):58 + if self.authz.has_authorization(req.perm, req.authname, name, 'WIKI_VIEW'): 59 59 + title = '<em>%s</em> edited by %s' % ( 60 60 + escape(name), escape(author)) … … 79 79 else: 80 80 req.perm.assert_permission('WIKI_DELETE') 81 + self.authz.assert_authorization(req , req.authname, page.name, 'WIKI_DELETE')81 + self.authz.assert_authorization(req.perm, req.authname, page.name, 'WIKI_DELETE') 82 82 83 83 if req.args.has_key('cancel'): … … 87 87 elif not page.exists: 88 88 req.perm.assert_permission('WIKI_CREATE') 89 + self.authz.assert_authorization(req , req.authname, page.name, 'WIKI_CREATE')89 + self.authz.assert_authorization(req.perm, req.authname, page.name, 'WIKI_CREATE') 90 90 else: 91 91 req.perm.assert_permission('WIKI_MODIFY') 92 + self.authz.assert_authorization(req , req.authname, page.name, 'WIKI_MODIFY')92 + self.authz.assert_authorization(req.perm, req.authname, page.name, 'WIKI_MODIFY') 93 93 94 94 page.text = req.args.get('text') … … 98 98 else: 99 99 req.perm.assert_permission('WIKI_DELETE') 100 + self.authz.assert_authorization(req , req.authname, page.name, 'WIKI_DELETE')100 + self.authz.assert_authorization(req.perm, req.authname, page.name, 'WIKI_DELETE') 101 101 102 102 version = None … … 106 106 def _render_diff(self, req, db, page): 107 107 req.perm.assert_permission('WIKI_VIEW') 108 + self.authz.assert_authorization(req , req.authname, page.name, 'WIKI_VIEW')108 + self.authz.assert_authorization(req.perm, req.authname, page.name, 'WIKI_VIEW') 109 109 110 110 if not page.exists: … … 114 114 def _render_editor(self, req, db, page, preview=False): 115 115 req.perm.assert_permission('WIKI_MODIFY') 116 + self.authz.assert_authorization(req , req.authname, page.name, 'WIKI_MODIFY')116 + self.authz.assert_authorization(req.perm, req.authname, page.name, 'WIKI_MODIFY') 117 117 118 118 if req.args.has_key('text'): … … 122 122 """ 123 123 req.perm.assert_permission('WIKI_VIEW') 124 + self.authz.assert_authorization(req , req.authname, page.name, 'WIKI_VIEW')124 + self.authz.assert_authorization(req.perm, req.authname, page.name, 'WIKI_VIEW') 125 125 126 126 if not page.exists: … … 130 130 def _render_view(self, req, db, page): 131 131 req.perm.assert_permission('WIKI_VIEW') 132 + self.authz.assert_authorization(req , req.authname, page.name, 'WIKI_VIEW')132 + self.authz.assert_authorization(req.perm, req.authname, page.name, 'WIKI_VIEW') 133 133 134 134 if page.name == 'WikiStart': … … 140 140 - if not req.perm.has_permission('WIKI_CREATE'): 141 141 + if not req.perm.has_permission('WIKI_CREATE') and\ 142 + self.authz.has_authorization(req , req.authname, page.name, 'WIKI_CREATE'):142 + self.authz.has_authorization(req.perm, req.authname, page.name, 'WIKI_CREATE'): 143 143 raise TracError('Page %s not found' % page.name) 144 144 req.hdf['wiki.page_html'] = '<p>Describe "%s" here</p>' % page.name … … 150 150 - if req.perm.has_permission('WIKI_MODIFY'): 151 151 + if req.perm.has_permission('WIKI_MODIFY') and\ 152 + self.authz.has_authorization(req , req.authname, page.name, 'WIKI_MODIFY'):152 + self.authz.has_authorization(req.perm, req.authname, page.name, 'WIKI_MODIFY'): 153 153 attach_href = self.env.href.attachment('wiki', page.name) 154 154 req.hdf['wiki.attach_href'] = attach_href … … 162 162 - date, author, 163 163 - escape(shorten_result(text, query.split()))) 164 + if self.authz.has_authorization(req , name, 'WIKI_VIEW'):164 + if self.authz.has_authorization(req.perm, name, 'WIKI_VIEW'): 165 165 + yield (self.env.href.wiki(name), 166 166 + '%s: %s' % (name, escape(shorten_line(text))), … … 170 170 =================================================================== 171 171 --- rbac.py (revision 0) 172 +++ rbac.py (revision 8 5)172 +++ rbac.py (revision 88) 173 173 @@ -0,0 +1,82 @@ 174 174 +from trac.core import * … … 209 209 + return True 210 210 + 211 + def has_authorization(self, req, user, path, operation):212 + if not req.perm.has_permission('WIKI_VIEW'):211 + def has_authorization(self, perm, user, path, operation): 212 + if not perm.has_permission('WIKI_VIEW'): 213 213 + return False 214 214 + … … 216 216 + for provider in self.providers: 217 217 + authzed = self._accumulate(authzed, provider.has_authorization(user, path, operation)) 218 + return authzed or req.perm.has_permission('TRAC_ADMIN')219 + 220 + def assert_authorization(self, req, user, path, operation):221 + if not self.has_authorization( req, user, path, operation):218 + return authzed or perm.has_permission('TRAC_ADMIN') 219 + 220 + def assert_authorization(self, perm, user, path, operation): 221 + if not self.has_authorization(perm, user, path, operation): 222 222 + raise PermissionDenied,\ 223 223 + '%s authorization on %s is necessary to perform this operation.' % (operation, 'wiki:' + path)
