Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Side by Side Diff: modules/roundup/templates/schema.py.erb

Issue 4815057535893504: Configured Roundup tracker. (Closed)
Patch Set: Created Feb. 14, 2014, 9:59 a.m.
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View unified diff | Download patch
OLDNEW
(Empty)
1
2 #
3 # TRACKER SCHEMA
4 #
5
6 # Class automatically gets these properties:
7 # creation = Date()
8 # activity = Date()
9 # creator = Link('user')
10 # actor = Link('user')
11
12 # Priorities
13 pri = Class(db, "priority",
14 name=String(),
15 order=Number())
16 pri.setkey("name")
17
18 # Statuses
19 stat = Class(db, "status",
20 name=String(),
21 order=Number())
22 stat.setkey("name")
23
24 # Keywords
25 keyword = Class(db, "keyword",
26 name=String())
27 keyword.setkey("name")
28
29 # User-defined saved searches
30 query = Class(db, "query",
31 klass=String(),
32 name=String(),
33 url=String(),
34 private_for=Link('user'))
35
36 # add any additional database schema configuration here
37
38 user = Class(db, "user",
39 username=String(),
40 password=Password(),
41 address=String(),
42 realname=String(),
43 phone=String(),
44 organisation=String(),
45 alternate_addresses=String(),
46 queries=Multilink('query'),
47 roles=String(), # comma-separated string of Role names
48 timezone=String())
49 user.setkey("username")
50 db.security.addPermission(name='Register', klass='user',
51 description='User is allowed to register new user')
52
53 # FileClass automatically gets this property in addition to the Class ones:
54 # content = String() [saved to disk in <tracker home>/db/files/]
55 # type = String() [MIME type of the content, default 'text/plain']
56 msg = FileClass(db, "msg",
57 author=Link("user", do_journal='no'),
58 recipients=Multilink("user", do_journal='no'),
59 date=Date(),
60 summary=String(),
61 files=Multilink("file"),
62 messageid=String(),
63 inreplyto=String())
64
65 file = FileClass(db, "file",
66 name=String())
67
68 # IssueClass automatically gets these properties in addition to the Class ones:
69 # title = String()
70 # messages = Multilink("msg")
71 # files = Multilink("file")
72 # nosy = Multilink("user")
73 # superseder = Multilink("issue")
74 issue = IssueClass(db, "issue",
75 assignedto=Link("user"),
76 keyword=Multilink("keyword"),
77 priority=Link("priority"),
78 type=Link("type"),
79 module=Multilink("module"),
80 status=Link("status"))
81
82 type = Class(db, "type", name=String())
83 type.setkey("name")
84
85 module = Class(db, "module", name=String())
86 module.setkey("name")
87
88 # list our systems
89 system = Class(db, "system", name=String(), order=Number())
90 system.setkey("name")
91
92 # store issues related to those systems
93 confidential = IssueClass(db, "confidential",
94 assignedto=Link("user"),
95 keyword=Multilink("keyword"),
96 priority=Link("priority"),
97 type=Link("type"),
98 module=Multilink("module"),
99 status=Link("status"))
100
101
102
103
104 #
105 # TRACKER SECURITY SETTINGS
106 #
107 # See the configuration and customisation document for information
108 # about security setup.
109
110 # CUSTOM PERMISSIONS
111
112 #
113 # REGULAR USERS
114 #
115 # Give the regular users access to the web and email interface
116 db.security.addPermissionToRole('User', 'Web Access')
117 db.security.addPermissionToRole('User', 'Email Access')
118
119 # Assign the access and edit Permissions for issue, file and message
120 # to regular users now
121 for cl in 'issue','priority','status','keyword','type','module':
122 db.security.addPermissionToRole('User', 'View', cl)
123
124 def own_issue(db, userid, itemid):
125 '''Determine whether the userid matches the creator of the issue.'''
126 return userid == db.issue.get(itemid, 'creator')
127 p = db.security.addPermission(name='Edit', klass='issue',
128 check=own_issue, description='Can only edit own issues')
129 db.security.addPermissionToRole('User', p)
130
131 db.security.addPermissionToRole('User', 'Create', 'issue')
132
133 #make messages always viewable and creatable
134 db.security.addPermissionToRole('User', 'View', 'msg')
135 db.security.addPermissionToRole('User', 'Create', 'msg')
136
137 #make only own messages editable
138
139
140
141
142 # May users view other user information? Comment these lines out
143 # if you don't want them to
144 #db.security.addPermissionToRole('User', 'View', 'user')
145
146 # Users should be able to edit their own details -- this permission is
147 # limited to only the situation where the Viewed or Edited item is their own.
148 def own_record(db, userid, itemid):
149 '''Determine whether the userid matches the item being accessed.'''
150 return userid == itemid
151 p = db.security.addPermission(name='View', klass='user', check=own_record,
152 description="User is allowed to view their own user details")
153 db.security.addPermissionToRole('User', p)
154 p = db.security.addPermission(name='Edit', klass='user', check=own_record,
155 properties=('username', 'password', 'address', 'realname', 'phone',
156 'organisation', 'alternate_addresses', 'queries', 'timezone'),
157 description="User is allowed to edit their own user details")
158 db.security.addPermissionToRole('User', p)
159
160 # Users should be able to edit and view their own queries. They should also
161 # be able to view any marked as not private. They should not be able to
162 # edit others' queries, even if they're not private
163 def view_query(db, userid, itemid):
164 private_for = db.query.get(itemid, 'private_for')
165 if not private_for: return True
166 return userid == private_for
167 def edit_query(db, userid, itemid):
168 return userid == db.query.get(itemid, 'creator')
169 p = db.security.addPermission(name='View', klass='query', check=view_query,
170 description="User is allowed to view their own and public queries")
171 db.security.addPermissionToRole('User', p)
172 p = db.security.addPermission(name='Search', klass='query')
173 db.security.addPermissionToRole('User', p)
174 p = db.security.addPermission(name='Edit', klass='query', check=edit_query,
175 description="User is allowed to edit their queries")
176 db.security.addPermissionToRole('User', p)
177 p = db.security.addPermission(name='Retire', klass='query', check=edit_query,
178 description="User is allowed to retire their queries")
179 db.security.addPermissionToRole('User', p)
180 p = db.security.addPermission(name='Create', klass='query',
181 description="User is allowed to create queries")
182 db.security.addPermissionToRole('User', p)
183
184
185 #
186 # ANONYMOUS USER PERMISSIONS
187 #
188 # Let anonymous users access the web interface. Note that almost all
189 # trackers will need this Permission. The only situation where it's not
190 # required is in a tracker that uses an HTTP Basic Authenticated front-end.
191 db.security.addPermissionToRole('Anonymous', 'Web Access')
192
193 # Let anonymous users access the email interface (note that this implies
194 # that they will be registered automatically, hence they will need the
195 # "Create" user Permission below)
196 # This is disabled by default to stop spam from auto-registering users on
197 # public trackers.
198 #db.security.addPermissionToRole('Anonymous', 'Email Access')
199
200 # Assign the appropriate permissions to the anonymous user's Anonymous
201 # Role. Choices here are:
202 # - Allow anonymous users to register
203 db.security.addPermissionToRole('Anonymous', 'Register', 'user')
204
205 # Allow anonymous users access to view issues (and the related, linked
206 # information)
207 for cl in 'issue', 'file', 'msg', 'keyword', 'priority', 'status','type','module ':
208 db.security.addPermissionToRole('Anonymous', 'View', cl)
209
210 # [OPTIONAL]
211 # Allow anonymous users access to create or edit "issue" items (and the
212 # related file and message items)
213 #for cl in 'issue', 'file', 'msg':
214 # db.security.addPermissionToRole('Anonymous', 'Create', cl)
215 # db.security.addPermissionToRole('Anonymous', 'Edit', cl)
216
217 # CUSTOM ROLES
218
219 db.security.addRole(name='Team', description='Managing users')
220
221 #TEAM USER PERMISSIONS
222 #
223 # Give the team users access to the web and email interface
224 db.security.addPermissionToRole('Team', 'Web Access')
225 db.security.addPermissionToRole('Team', 'Email Access')
226
227 # Assign the access and edit Permissions for issue, file and message
228 # to team users now
229 for cl in 'issue', 'file', 'msg', 'keyword':
230 db.security.addPermissionToRole('Team', 'View', cl)
231 db.security.addPermissionToRole('Team', 'Edit', cl)
232 db.security.addPermissionToRole('Team', 'Create', cl)
233 for cl in 'priority', 'status', 'type','module':
234 db.security.addPermissionToRole('Team', 'View', cl)
235
236 # May users view other user information? Comment these lines out
237 # if you don't want them to
238 db.security.addPermissionToRole('Team', 'View', 'user')
239
240 # Users should be able to edit their own details -- this permission is
241 # limited to only the situation where the Viewed or Edited item is their own.
242 #def own_record(db, userid, itemid):
243 # '''Determine whether the userid matches the item being accessed.'''
244 # return userid == itemid
245 p = db.security.addPermission(name='View', klass='user', check=own_record,
246 description="User is allowed to view their own user details")
247 db.security.addPermissionToRole('Team', p)
248 p = db.security.addPermission(name='Edit', klass='user', check=own_record,
249 properties=('username', 'password', 'address', 'realname', 'phone',
250 'organisation', 'alternate_addresses', 'queries', 'timezone'),
251 description="User is allowed to edit their own user details")
252 db.security.addPermissionToRole('Team', p)
253
254 # Team users should be able to edit and view all queries.
255 p = db.security.addPermission(name='View', klass='query',
256 description="User is allowed to view queries")
257 db.security.addPermissionToRole('Team', p)
258 p = db.security.addPermission(name='Search', klass='query')
259 db.security.addPermissionToRole('Team', p)
260 p = db.security.addPermission(name='Edit', klass='query',
261 description="User is allowed to edit queries")
262 db.security.addPermissionToRole('Team', p)
263 p = db.security.addPermission(name='Retire', klass='query',
264 description="User is allowed to retire queries")
265 db.security.addPermissionToRole('Team', p)
266 p = db.security.addPermission(name='Create', klass='query',
267 description="User is allowed to create queries")
268 db.security.addPermissionToRole('Team', p)
269
270 #Team users shall have full access to confidential issues
271 db.security.addPermissionToRole('team', 'View', 'confidential')
272 db.security.addPermissionToRole('team', 'Create', 'confidential')
273 db.security.addPermissionToRole('team', 'Edit', 'confidential')
274
275 # vim: set filetype=python sts=4 sw=4 et si :
276 #SHA: 8d44604d8a1bcfe746a26ccd3a36c51667ed39a0
OLDNEW
« no previous file with comments | « modules/roundup/templates/query.edit.html.erb ('k') | modules/roundup/templates/statusauditor.py.erb » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld