Fix issue2550553.

Author: stefanseefeld

roundup/cgi/actions.py

@@ -820,7 +820,7 @@ def handle(self):
 
 class RegisterAction(RegoCommon, EditCommon):
     name = 'register'
-    permissionType = 'Create'
+    permissionType = 'Register'
 
     def handle(self):
         """Attempt to create a new user based on the contents of the form

roundup/cgi/templating.py

@@ -1268,7 +1268,9 @@ def is_edit_ok(self):
             return self._db.security.hasPermission('Edit', self._client.userid,
                 self._classname, self._name, self._nodeid)
         return self._db.security.hasPermission('Create', self._client.userid,
-            self._classname, self._name)
+            self._classname, self._name) or \
+            self._db.security.hasPermission('Register', self._client.userid,
+                                            self._classname, self._name)
 
     def is_view_ok(self):
         """ Is the user allowed to View the current class?

share/roundup/templates/classic/html/page.html

@@ -136,7 +136,7 @@ <h2><span metal:define-slot="body_title">body title</span></h2>
     <input type="hidden" name="__came_from" tal:attributes="value string:${request/base}${request/env/PATH_INFO}">
     <span tal:replace="structure request/indexargs_form" />
     <a href="user?@template=register"
-       tal:condition="python:request.user.hasPermission('Create', 'user')"
+       tal:condition="python:request.user.hasPermission('Register', 'user')"
      i18n:translate="">Register</a><br>
     <a href="user?@template=forgotten" i18n:translate="">Lost&nbsp;your&nbsp;login?</a><br>
    </p>

share/roundup/templates/classic/schema.py

@@ -47,6 +47,8 @@
                 roles=String(),     # comma-separated string of Role names
                 timezone=String())
 user.setkey("username")
+db.security.addPermission(name='Register', klass='user',
+                          description='User is allowed to register new user')
 
 # FileClass automatically gets this property in addition to the Class ones:
 #   content = String()    [saved to disk in <tracker home>/db/files/]
@@ -154,7 +156,7 @@ def edit_query(db, userid, itemid):
 # Assign the appropriate permissions to the anonymous user's Anonymous
 # Role. Choices here are:
 # - Allow anonymous users to register
-db.security.addPermissionToRole('Anonymous', 'Create', 'user')
+db.security.addPermissionToRole('Anonymous', 'Register', 'user')
 
 # Allow anonymous users access to view issues (and the related, linked
 # information)

share/roundup/templates/minimal/html/page.html

@@ -135,7 +135,7 @@ <h2><span metal:define-slot="body_title">body title</span></h2>
     <input type="hidden" name="__came_from" tal:attributes="value string:${request/base}${request/env/PATH_INFO}">
     <span tal:replace="structure request/indexargs_form" />
     <a href="user?@template=register"
-       tal:condition="python:request.user.hasPermission('Create', 'user')"
+       tal:condition="python:request.user.hasPermission('Register', 'user')"
      i18n:translate="">Register</a><br>
     <a href="user?@template=forgotten" i18n:translate="">Lost&nbsp;your&nbsp;login?</a><br>
    </p>

share/roundup/templates/minimal/schema.py

@@ -60,6 +60,6 @@ def own_record(db, userid, itemid):
 # Assign the appropriate permissions to the anonymous user's
 # Anonymous Role. Choices here are:
 # - Allow anonymous users to register
-db.security.addPermissionToRole('Anonymous', 'Create', 'user')
+db.security.addPermissionToRole('Anonymous', 'Register', 'user')
 
 # vim: set et sts=4 sw=4 :