Side by Side Diff: modules/roundup/templates/schema.py.erb
Issue 6033763767156736:
Concept for Roundup as issue tracker. (Closed)
Patch Set:
Created Feb. 25, 2014, 8:34 a.m.
| Left: | ||
| Right: |
Use n/p to move between diff chunks;
N/P to move between comments.
« no previous file with comments
|
« modules/roundup/templates/query.edit.html.erb ('k')
|
modules/roundup/templates/statusauditor.py.erb » ('j')
|
no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
| OLD | NEW |
|---|---|
| (Empty) | |
| 1 | |
| 2 # | |
| 3 # TRACKER SCHEMA | |
| 4 # | |
| 5 | |
| 6 # Class automatically gets these properties: | |
| 7 # creation = Date() | |
| 8 # activity = Date() | |
| 9 # creator = Link('user') | |
| 10 # actor = Link('user') | |
| 11 | |
| 12 # Priorities | |
| 13 pri = Class(db, "priority", | |
| 14 name=String(), | |
| 15 order=Number()) | |
| 16 pri.setkey("name") | |
| 17 | |
| 18 # Statuses | |
| 19 stat = Class(db, "status", | |
| 20 name=String(), | |
| 21 order=Number()) | |
| 22 stat.setkey("name") | |
| 23 | |
| 24 # Keywords | |
| 25 keyword = Class(db, "keyword", | |
| 26 name=String()) | |
| 27 keyword.setkey("name") | |
| 28 | |
| 29 # User-defined saved searches | |
| 30 query = Class(db, "query", | |
| 31 klass=String(), | |
| 32 name=String(), | |
| 33 url=String(), | |
| 34 private_for=Link('user')) | |
| 35 | |
| 36 # add any additional database schema configuration here | |
| 37 | |
| 38 user = Class(db, "user", | |
| 39 username=String(), | |
| 40 password=Password(), | |
| 41 address=String(), | |
| 42 realname=String(), | |
| 43 phone=String(), | |
| 44 organisation=String(), | |
| 45 alternate_addresses=String(), | |
| 46 queries=Multilink('query'), | |
| 47 roles=String(), # comma-separated string of Role names | |
| 48 timezone=String()) | |
| 49 user.setkey("username") | |
| 50 db.security.addPermission(name='Register', klass='user', | |
| 51 description='User is allowed to register new user') | |
| 52 | |
| 53 # FileClass automatically gets this property in addition to the Class ones: | |
| 54 # content = String() [saved to disk in <tracker home>/db/files/] | |
| 55 # type = String() [MIME type of the content, default 'text/plain'] | |
| 56 msg = FileClass(db, "msg", | |
| 57 author=Link("user", do_journal='no'), | |
| 58 recipients=Multilink("user", do_journal='no'), | |
| 59 date=Date(), | |
| 60 summary=String(), | |
| 61 files=Multilink("file"), | |
| 62 messageid=String(), | |
| 63 inreplyto=String()) | |
| 64 | |
| 65 file = FileClass(db, "file", | |
| 66 name=String()) | |
| 67 | |
| 68 # IssueClass automatically gets these properties in addition to the Class ones: | |
| 69 # title = String() | |
| 70 # messages = Multilink("msg") | |
| 71 # files = Multilink("file") | |
| 72 # nosy = Multilink("user") | |
| 73 # superseder = Multilink("issue") | |
| 74 issue = IssueClass(db, "issue", | |
| 75 assignedto=Link("user"), | |
| 76 keyword=Multilink("keyword"), | |
| 77 priority=Link("priority"), | |
| 78 type=Link("type"), | |
| 79 module=Multilink("module"), | |
| 80 status=Link("status")) | |
| 81 | |
| 82 type = Class(db, "type", name=String()) | |
| 83 type.setkey("name") | |
| 84 | |
| 85 module = Class(db, "module", name=String()) | |
| 86 module.setkey("name") | |
| 87 | |
| 88 # list our systems | |
| 89 system = Class(db, "system", name=String(), order=Number()) | |
| 90 system.setkey("name") | |
| 91 | |
| 92 # store issues related to those systems | |
| 93 confidential = IssueClass(db, "confidential", | |
| 94 assignedto=Link("user"), | |
| 95 keyword=Multilink("keyword"), | |
| 96 priority=Link("priority"), | |
| 97 type=Link("type"), | |
| 98 module=Multilink("module"), | |
| 99 status=Link("status")) | |
| 100 | |
| 101 | |
| 102 | |
| 103 | |
| 104 # | |
| 105 # TRACKER SECURITY SETTINGS | |
| 106 # | |
| 107 # See the configuration and customisation document for information | |
| 108 # about security setup. | |
| 109 | |
| 110 # CUSTOM PERMISSIONS | |
| 111 | |
| 112 # | |
| 113 # REGULAR USERS | |
| 114 # | |
| 115 # Give the regular users access to the web and email interface | |
| 116 db.security.addPermissionToRole('User', 'Web Access') | |
| 117 db.security.addPermissionToRole('User', 'Email Access') | |
| 118 | |
| 119 # Assign the access and edit Permissions for issue, file and message | |
| 120 # to regular users now | |
| 121 for cl in 'issue','priority','status','keyword','type','module': | |
| 122 db.security.addPermissionToRole('User', 'View', cl) | |
| 123 | |
| 124 def own_issue(db, userid, itemid): | |
| 125 '''Determine whether the userid matches the creator of the issue.''' | |
| 126 return userid == db.issue.get(itemid, 'creator') | |
| 127 p = db.security.addPermission(name='Edit', klass='issue', | |
| 128 check=own_issue, description='Can only edit own issues') | |
| 129 db.security.addPermissionToRole('User', p) | |
| 130 | |
| 131 db.security.addPermissionToRole('User', 'Create', 'issue') | |
| 132 | |
| 133 #make messages always viewable and creatable | |
| 134 db.security.addPermissionToRole('User', 'View', 'msg') | |
| 135 db.security.addPermissionToRole('User', 'Create', 'msg') | |
| 136 | |
| 137 #make only own messages editable | |
| 138 | |
| 139 | |
| 140 | |
| 141 | |
| 142 # May users view other user information? Comment these lines out | |
| 143 # if you don't want them to | |
| 144 #db.security.addPermissionToRole('User', 'View', 'user') | |
| 145 | |
| 146 # Users should be able to edit their own details -- this permission is | |
| 147 # limited to only the situation where the Viewed or Edited item is their own. | |
| 148 def own_record(db, userid, itemid): | |
| 149 '''Determine whether the userid matches the item being accessed.''' | |
| 150 return userid == itemid | |
| 151 p = db.security.addPermission(name='View', klass='user', check=own_record, | |
| 152 description="User is allowed to view their own user details") | |
| 153 db.security.addPermissionToRole('User', p) | |
| 154 p = db.security.addPermission(name='Edit', klass='user', check=own_record, | |
| 155 properties=('username', 'password', 'address', 'realname', 'phone', | |
| 156 'organisation', 'alternate_addresses', 'queries', 'timezone'), | |
| 157 description="User is allowed to edit their own user details") | |
| 158 db.security.addPermissionToRole('User', p) | |
| 159 | |
| 160 # Users should be able to edit and view their own queries. They should also | |
| 161 # be able to view any marked as not private. They should not be able to | |
| 162 # edit others' queries, even if they're not private | |
| 163 def view_query(db, userid, itemid): | |
| 164 private_for = db.query.get(itemid, 'private_for') | |
| 165 if not private_for: return True | |
| 166 return userid == private_for | |
| 167 def edit_query(db, userid, itemid): | |
| 168 return userid == db.query.get(itemid, 'creator') | |
| 169 p = db.security.addPermission(name='View', klass='query', check=view_query, | |
| 170 description="User is allowed to view their own and public queries") | |
| 171 db.security.addPermissionToRole('User', p) | |
| 172 p = db.security.addPermission(name='Search', klass='query') | |
| 173 db.security.addPermissionToRole('User', p) | |
| 174 p = db.security.addPermission(name='Edit', klass='query', check=edit_query, | |
| 175 description="User is allowed to edit their queries") | |
| 176 db.security.addPermissionToRole('User', p) | |
| 177 p = db.security.addPermission(name='Retire', klass='query', check=edit_query, | |
| 178 description="User is allowed to retire their queries") | |
| 179 db.security.addPermissionToRole('User', p) | |
| 180 p = db.security.addPermission(name='Create', klass='query', | |
| 181 description="User is allowed to create queries") | |
| 182 db.security.addPermissionToRole('User', p) | |
| 183 | |
| 184 | |
| 185 # | |
| 186 # ANONYMOUS USER PERMISSIONS | |
| 187 # | |
| 188 # Let anonymous users access the web interface. Note that almost all | |
| 189 # trackers will need this Permission. The only situation where it's not | |
| 190 # required is in a tracker that uses an HTTP Basic Authenticated front-end. | |
| 191 db.security.addPermissionToRole('Anonymous', 'Web Access') | |
| 192 | |
| 193 # Let anonymous users access the email interface (note that this implies | |
| 194 # that they will be registered automatically, hence they will need the | |
| 195 # "Create" user Permission below) | |
| 196 # This is disabled by default to stop spam from auto-registering users on | |
| 197 # public trackers. | |
| 198 #db.security.addPermissionToRole('Anonymous', 'Email Access') | |
| 199 | |
| 200 # Assign the appropriate permissions to the anonymous user's Anonymous | |
| 201 # Role. Choices here are: | |
| 202 # - Allow anonymous users to register | |
| 203 db.security.addPermissionToRole('Anonymous', 'Register', 'user') | |
| 204 | |
| 205 # Allow anonymous users access to view issues (and the related, linked | |
| 206 # information) | |
| 207 for cl in 'issue', 'file', 'msg', 'keyword', 'priority', 'status','type','module ': | |
| 208 db.security.addPermissionToRole('Anonymous', 'View', cl) | |
| 209 | |
| 210 # [OPTIONAL] | |
| 211 # Allow anonymous users access to create or edit "issue" items (and the | |
| 212 # related file and message items) | |
| 213 #for cl in 'issue', 'file', 'msg': | |
| 214 # db.security.addPermissionToRole('Anonymous', 'Create', cl) | |
| 215 # db.security.addPermissionToRole('Anonymous', 'Edit', cl) | |
| 216 | |
| 217 # CUSTOM ROLES | |
| 218 | |
| 219 db.security.addRole(name='Team', description='Managing users') | |
| 220 | |
| 221 #TEAM USER PERMISSIONS | |
| 222 # | |
| 223 # Give the team users access to the web and email interface | |
| 224 db.security.addPermissionToRole('Team', 'Web Access') | |
| 225 db.security.addPermissionToRole('Team', 'Email Access') | |
| 226 | |
| 227 # Assign the access and edit Permissions for issue, file and message | |
| 228 # to team users now | |
| 229 for cl in 'issue', 'file', 'msg', 'keyword': | |
| 230 db.security.addPermissionToRole('Team', 'View', cl) | |
| 231 db.security.addPermissionToRole('Team', 'Edit', cl) | |
| 232 db.security.addPermissionToRole('Team', 'Create', cl) | |
| 233 for cl in 'priority', 'status', 'type','module': | |
| 234 db.security.addPermissionToRole('Team', 'View', cl) | |
| 235 | |
| 236 # May users view other user information? Comment these lines out | |
| 237 # if you don't want them to | |
| 238 db.security.addPermissionToRole('Team', 'View', 'user') | |
| 239 | |
| 240 # Users should be able to edit their own details -- this permission is | |
| 241 # limited to only the situation where the Viewed or Edited item is their own. | |
| 242 #def own_record(db, userid, itemid): | |
| 243 # '''Determine whether the userid matches the item being accessed.''' | |
| 244 # return userid == itemid | |
| 245 p = db.security.addPermission(name='View', klass='user', check=own_record, | |
| 246 description="User is allowed to view their own user details") | |
| 247 db.security.addPermissionToRole('Team', p) | |
| 248 p = db.security.addPermission(name='Edit', klass='user', check=own_record, | |
| 249 properties=('username', 'password', 'address', 'realname', 'phone', | |
| 250 'organisation', 'alternate_addresses', 'queries', 'timezone'), | |
| 251 description="User is allowed to edit their own user details") | |
| 252 db.security.addPermissionToRole('Team', p) | |
| 253 | |
| 254 # Team users should be able to edit and view all queries. | |
| 255 p = db.security.addPermission(name='View', klass='query', | |
| 256 description="User is allowed to view queries") | |
| 257 db.security.addPermissionToRole('Team', p) | |
| 258 p = db.security.addPermission(name='Search', klass='query') | |
| 259 db.security.addPermissionToRole('Team', p) | |
| 260 p = db.security.addPermission(name='Edit', klass='query', | |
| 261 description="User is allowed to edit queries") | |
| 262 db.security.addPermissionToRole('Team', p) | |
| 263 p = db.security.addPermission(name='Retire', klass='query', | |
| 264 description="User is allowed to retire queries") | |
| 265 db.security.addPermissionToRole('Team', p) | |
| 266 p = db.security.addPermission(name='Create', klass='query', | |
| 267 description="User is allowed to create queries") | |
| 268 db.security.addPermissionToRole('Team', p) | |
| 269 | |
| 270 #Team users shall have full access to confidential issues | |
| 271 db.security.addPermissionToRole('team', 'View', 'confidential') | |
| 272 db.security.addPermissionToRole('team', 'Create', 'confidential') | |
| 273 db.security.addPermissionToRole('team', 'Edit', 'confidential') | |
| 274 | |
| 275 # vim: set filetype=python sts=4 sw=4 et si : | |
| 276 #SHA: 8d44604d8a1bcfe746a26ccd3a36c51667ed39a0 | |
| OLD | NEW |
« no previous file with comments
|
« modules/roundup/templates/query.edit.html.erb ('k')
|
modules/roundup/templates/statusauditor.py.erb » ('j')
|
no next file with comments »
