Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Unified Diff: modules/roundup/templates/schema.py.erb

Issue 4815057535893504: Configured Roundup tracker. (Closed)
Patch Set: Created Feb. 14, 2014, 9:59 a.m.
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « modules/roundup/templates/query.edit.html.erb ('k') | modules/roundup/templates/statusauditor.py.erb » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: modules/roundup/templates/schema.py.erb
===================================================================
new file mode 100644
--- /dev/null
+++ b/modules/roundup/templates/schema.py.erb
@@ -0,0 +1,276 @@
+
+#
+# TRACKER SCHEMA
+#
+
+# Class automatically gets these properties:
+# creation = Date()
+# activity = Date()
+# creator = Link('user')
+# actor = Link('user')
+
+# Priorities
+pri = Class(db, "priority",
+ name=String(),
+ order=Number())
+pri.setkey("name")
+
+# Statuses
+stat = Class(db, "status",
+ name=String(),
+ order=Number())
+stat.setkey("name")
+
+# Keywords
+keyword = Class(db, "keyword",
+ name=String())
+keyword.setkey("name")
+
+# User-defined saved searches
+query = Class(db, "query",
+ klass=String(),
+ name=String(),
+ url=String(),
+ private_for=Link('user'))
+
+# add any additional database schema configuration here
+
+user = Class(db, "user",
+ username=String(),
+ password=Password(),
+ address=String(),
+ realname=String(),
+ phone=String(),
+ organisation=String(),
+ alternate_addresses=String(),
+ queries=Multilink('query'),
+ roles=String(), # comma-separated string of Role names
+ timezone=String())
+user.setkey("username")
+db.security.addPermission(name='Register', klass='user',
+ description='User is allowed to register new user')
+
+# FileClass automatically gets this property in addition to the Class ones:
+# content = String() [saved to disk in <tracker home>/db/files/]
+# type = String() [MIME type of the content, default 'text/plain']
+msg = FileClass(db, "msg",
+ author=Link("user", do_journal='no'),
+ recipients=Multilink("user", do_journal='no'),
+ date=Date(),
+ summary=String(),
+ files=Multilink("file"),
+ messageid=String(),
+ inreplyto=String())
+
+file = FileClass(db, "file",
+ name=String())
+
+# IssueClass automatically gets these properties in addition to the Class ones:
+# title = String()
+# messages = Multilink("msg")
+# files = Multilink("file")
+# nosy = Multilink("user")
+# superseder = Multilink("issue")
+issue = IssueClass(db, "issue",
+ assignedto=Link("user"),
+ keyword=Multilink("keyword"),
+ priority=Link("priority"),
+ type=Link("type"),
+ module=Multilink("module"),
+ status=Link("status"))
+
+type = Class(db, "type", name=String())
+type.setkey("name")
+
+module = Class(db, "module", name=String())
+module.setkey("name")
+
+# list our systems
+system = Class(db, "system", name=String(), order=Number())
+system.setkey("name")
+
+# store issues related to those systems
+confidential = IssueClass(db, "confidential",
+ assignedto=Link("user"),
+ keyword=Multilink("keyword"),
+ priority=Link("priority"),
+ type=Link("type"),
+ module=Multilink("module"),
+ status=Link("status"))
+
+
+
+
+#
+# TRACKER SECURITY SETTINGS
+#
+# See the configuration and customisation document for information
+# about security setup.
+
+# CUSTOM PERMISSIONS
+
+#
+# REGULAR USERS
+#
+# Give the regular users access to the web and email interface
+db.security.addPermissionToRole('User', 'Web Access')
+db.security.addPermissionToRole('User', 'Email Access')
+
+# Assign the access and edit Permissions for issue, file and message
+# to regular users now
+for cl in 'issue','priority','status','keyword','type','module':
+ db.security.addPermissionToRole('User', 'View', cl)
+
+def own_issue(db, userid, itemid):
+ '''Determine whether the userid matches the creator of the issue.'''
+ return userid == db.issue.get(itemid, 'creator')
+p = db.security.addPermission(name='Edit', klass='issue',
+ check=own_issue, description='Can only edit own issues')
+db.security.addPermissionToRole('User', p)
+
+db.security.addPermissionToRole('User', 'Create', 'issue')
+
+#make messages always viewable and creatable
+db.security.addPermissionToRole('User', 'View', 'msg')
+db.security.addPermissionToRole('User', 'Create', 'msg')
+
+#make only own messages editable
+
+
+
+
+# May users view other user information? Comment these lines out
+# if you don't want them to
+#db.security.addPermissionToRole('User', 'View', 'user')
+
+# Users should be able to edit their own details -- this permission is
+# limited to only the situation where the Viewed or Edited item is their own.
+def own_record(db, userid, itemid):
+ '''Determine whether the userid matches the item being accessed.'''
+ return userid == itemid
+p = db.security.addPermission(name='View', klass='user', check=own_record,
+ description="User is allowed to view their own user details")
+db.security.addPermissionToRole('User', p)
+p = db.security.addPermission(name='Edit', klass='user', check=own_record,
+ properties=('username', 'password', 'address', 'realname', 'phone',
+ 'organisation', 'alternate_addresses', 'queries', 'timezone'),
+ description="User is allowed to edit their own user details")
+db.security.addPermissionToRole('User', p)
+
+# Users should be able to edit and view their own queries. They should also
+# be able to view any marked as not private. They should not be able to
+# edit others' queries, even if they're not private
+def view_query(db, userid, itemid):
+ private_for = db.query.get(itemid, 'private_for')
+ if not private_for: return True
+ return userid == private_for
+def edit_query(db, userid, itemid):
+ return userid == db.query.get(itemid, 'creator')
+p = db.security.addPermission(name='View', klass='query', check=view_query,
+ description="User is allowed to view their own and public queries")
+db.security.addPermissionToRole('User', p)
+p = db.security.addPermission(name='Search', klass='query')
+db.security.addPermissionToRole('User', p)
+p = db.security.addPermission(name='Edit', klass='query', check=edit_query,
+ description="User is allowed to edit their queries")
+db.security.addPermissionToRole('User', p)
+p = db.security.addPermission(name='Retire', klass='query', check=edit_query,
+ description="User is allowed to retire their queries")
+db.security.addPermissionToRole('User', p)
+p = db.security.addPermission(name='Create', klass='query',
+ description="User is allowed to create queries")
+db.security.addPermissionToRole('User', p)
+
+
+#
+# ANONYMOUS USER PERMISSIONS
+#
+# Let anonymous users access the web interface. Note that almost all
+# trackers will need this Permission. The only situation where it's not
+# required is in a tracker that uses an HTTP Basic Authenticated front-end.
+db.security.addPermissionToRole('Anonymous', 'Web Access')
+
+# Let anonymous users access the email interface (note that this implies
+# that they will be registered automatically, hence they will need the
+# "Create" user Permission below)
+# This is disabled by default to stop spam from auto-registering users on
+# public trackers.
+#db.security.addPermissionToRole('Anonymous', 'Email Access')
+
+# Assign the appropriate permissions to the anonymous user's Anonymous
+# Role. Choices here are:
+# - Allow anonymous users to register
+db.security.addPermissionToRole('Anonymous', 'Register', 'user')
+
+# Allow anonymous users access to view issues (and the related, linked
+# information)
+for cl in 'issue', 'file', 'msg', 'keyword', 'priority', 'status','type','module':
+ db.security.addPermissionToRole('Anonymous', 'View', cl)
+
+# [OPTIONAL]
+# Allow anonymous users access to create or edit "issue" items (and the
+# related file and message items)
+#for cl in 'issue', 'file', 'msg':
+# db.security.addPermissionToRole('Anonymous', 'Create', cl)
+# db.security.addPermissionToRole('Anonymous', 'Edit', cl)
+
+# CUSTOM ROLES
+
+db.security.addRole(name='Team', description='Managing users')
+
+#TEAM USER PERMISSIONS
+#
+# Give the team users access to the web and email interface
+db.security.addPermissionToRole('Team', 'Web Access')
+db.security.addPermissionToRole('Team', 'Email Access')
+
+# Assign the access and edit Permissions for issue, file and message
+# to team users now
+for cl in 'issue', 'file', 'msg', 'keyword':
+ db.security.addPermissionToRole('Team', 'View', cl)
+ db.security.addPermissionToRole('Team', 'Edit', cl)
+ db.security.addPermissionToRole('Team', 'Create', cl)
+for cl in 'priority', 'status', 'type','module':
+ db.security.addPermissionToRole('Team', 'View', cl)
+
+# May users view other user information? Comment these lines out
+# if you don't want them to
+db.security.addPermissionToRole('Team', 'View', 'user')
+
+# Users should be able to edit their own details -- this permission is
+# limited to only the situation where the Viewed or Edited item is their own.
+#def own_record(db, userid, itemid):
+# '''Determine whether the userid matches the item being accessed.'''
+# return userid == itemid
+p = db.security.addPermission(name='View', klass='user', check=own_record,
+ description="User is allowed to view their own user details")
+db.security.addPermissionToRole('Team', p)
+p = db.security.addPermission(name='Edit', klass='user', check=own_record,
+ properties=('username', 'password', 'address', 'realname', 'phone',
+ 'organisation', 'alternate_addresses', 'queries', 'timezone'),
+ description="User is allowed to edit their own user details")
+db.security.addPermissionToRole('Team', p)
+
+# Team users should be able to edit and view all queries.
+p = db.security.addPermission(name='View', klass='query',
+ description="User is allowed to view queries")
+db.security.addPermissionToRole('Team', p)
+p = db.security.addPermission(name='Search', klass='query')
+db.security.addPermissionToRole('Team', p)
+p = db.security.addPermission(name='Edit', klass='query',
+ description="User is allowed to edit queries")
+db.security.addPermissionToRole('Team', p)
+p = db.security.addPermission(name='Retire', klass='query',
+ description="User is allowed to retire queries")
+db.security.addPermissionToRole('Team', p)
+p = db.security.addPermission(name='Create', klass='query',
+ description="User is allowed to create queries")
+db.security.addPermissionToRole('Team', p)
+
+#Team users shall have full access to confidential issues
+db.security.addPermissionToRole('team', 'View', 'confidential')
+db.security.addPermissionToRole('team', 'Create', 'confidential')
+db.security.addPermissionToRole('team', 'Edit', 'confidential')
+
+# vim: set filetype=python sts=4 sw=4 et si :
+#SHA: 8d44604d8a1bcfe746a26ccd3a36c51667ed39a0
« no previous file with comments | « modules/roundup/templates/query.edit.html.erb ('k') | modules/roundup/templates/statusauditor.py.erb » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld