Ticket #756 (assigned enhancement)

Opened 2 years ago

Last modified 1 month ago

RFE: Forum Based Permission

Reported by: anonymous Assigned to: Blackhex (accepted)
Priority: normal Component: DiscussionPlugin
Severity: trivial Keywords:
Cc: chtaylo3@gmail.com Trac Release: 0.9

Description

It would be great if you could expand the permission system so that we can set permissions based on the Forum. For example, I may want to have a developers forum that is seperate from the users ... we may not want users reading the developers forum.

One possible way of doing this is to append the forum permission with a number that corresponds to the forum number. Forum# 0 could be a blanket "all forums". All Forum specific permissions would overwrite Forum# 0 permissions.

Just a thought, other than that .. GREAT PLUGIN!

Attachments

Change History

10/02/06 14:14:39 changed by chtaylo3@gmail.com

  • summary changed from Forum Based Permission to RFE: Forum Based Permission.

Attaching e-mail address to this RFE.

10/02/06 14:17:23 changed by chtaylo3@gmail.com

  • cc set to chtaylo3@gmail.com.

whoops, forgot to add to cc

10/02/06 14:18:25 changed by coderanger

This should probably wait until Alec's new permission model ends up in Trac.

10/02/06 14:27:06 changed by Blackhex

  • status changed from new to assigned.

To achieve dynamicly defined premissions in current Trac it would be necessary to append table with pairs (permission, forum) a make it configurable via WebAdmin or read pairs from config file. (pair could be single value as you suggested, but it still have to be stored somewhere). I don'ลง know how would new permission system look like but I can wait for it, since I don't have much time to work on trac's plugins now.

10/02/06 20:39:11 changed by coderanger

The permission model includes subject-based checks, which is exactly what is needed for this.

02/03/08 16:17:58 changed by prz

ok, here's a minimal 'hack' to get the forum permissions on authz_policy.c working, just added to api.py 

--- api.py      2008-02-03 23:07:15.000000000 +0100
+++ api.py~     2008-01-30 10:04:52.000000000 +0100
@@ -3,7 +3,6 @@
 from datetime import *

 from trac.core import *
-from trac.resource import Resource
 from trac.mimeview import Context
 from trac.perm import PermissionError
 from trac.web.chrome import add_stylesheet, add_script, add_ctxtnav
@@ -969,9 +968,7 @@
             row['topics'] = row['topics'] or 0
             row['replies'] = row['replies'] and int(row['replies']) or 0
             row['time'] = format_datetime(row['time'])
-
-            if context.req.perm.has_permission('DISCUSSION_VIEW',Resource('forum',id=row['id'])):
-                forums.append(row)
+            forums.append(row)

         # Compute count of new replies and topics.
         for forum in forums:

That's 'nuff. For a better solution, the resource has to be maintained across the API properly and the permissions not only asserted on operations but checked upfront with the resource specified.

10/28/08 07:13:38 changed by fluzz

Sorry, I'm quite new to Trac and I don't understand how to use your proposed hack... With your modification, where and how do I define the per-forum permissions ?

Thanks for your great plugin !

10/28/08 17:44:18 changed by Blackhex

Uff, that's a really old ticket here :-). I should start doing something about it. I'm not sure how the patch will actually work now but it has someting to do with TracFineGrainedPermissions. BTW: I noticed that pach has inverted + and - signs.

Add/Change #756 (RFE: Forum Based Permission)




Change Properties
Action