Hack hack hack...

. Implemented security assertion idea punted to mailing list (pretty easy to
  back out if someone comes up with a better idea) so editing "my details"
  works again. Rationalised and cleaned up the actions in any case.
. fixed some more display issues (stuff appearing when it should and shouldn't)
. trying a nicer colouring scheme for the top level page
. handle no grouping being specified
. fixed journaltag so the logged-in user is journalled, not admin!

Author: Richard Jones

TODO.txt

@@ -49,7 +49,7 @@ New templating TODO:
 . query saving
 . search "refinement" (pre-fill the search page with the current search
   parameters)
-. security on actions (only allows/enforces generic Edit perm on the class :()
+. web registration of new users by anonymous
 
 ongoing: any bugs
 

doc/customizing.txt

@@ -2,7 +2,7 @@
 Customising Roundup
 ===================
 
-:Version: $Revision: 1.15 $
+:Version: $Revision: 1.16 $
 
 .. contents::
 
@@ -926,12 +926,13 @@ The default interfaces define:
 
 - Web Registration
 - Web Access
+- Web Roles
 - Email Registration
 - Email Access
 
 These are hooked into the default Roles:
 
-- Admin (Edit everything, View everything)
+- Admin (Edit everything, View everything, Web Roles)
 - User (Web Access, Email Access)
 - Anonymous (Web Registration, Email Registration)
 
@@ -957,6 +958,19 @@ they register through email.
 You may use the ``roundup-admin`` "``security``" command to display the
 current Role and Permission configuration in your instance.
 
+Adding a new Permission
+~~~~~~~~~~~~~~~~~~~~~~~
+
+When adding a new Permission, you will need to:
+
+1. add it to your instance's dbinit so it is created
+2. enable it for the Roles that should have it (verify with
+   "``roundup-admin security``")
+3. add it to the relevant HTML interface templates
+4. add it to the appropriate xxxPermission methods on in your instance
+   interfaces module
+
+
 
 -----------------