Very close now. The cgi and mailgw now use the new security API.

The two templates have been migrated to that setup. Lots of unit
tests. Still some issue in the web form for editing Roles assigned to
users.

Author: Richard Jones

COPYING.txt

@@ -1,7 +1,26 @@
 
-Copyright (c) 2001 Bizar Software Pty Ltd (http://www.bizarsoftware.com.au/)
 Copyright (c) 2002 eKit.com Inc (http://www.ekit.com/)
 
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+  The above copyright notice and this permission notice shall be included in
+  all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+Copyright (c) 2001 Bizar Software Pty Ltd (http://www.bizarsoftware.com.au/)
+
 This module is free software, and you may redistribute it and/or modify
 under the same terms as Python, so long as this copyright message and
 disclaimer are retained in their original form.
@@ -17,7 +36,6 @@ FOR A PARTICULAR PURPOSE.  THE CODE PROVIDED HEREUNDER IS ON AN "AS IS"
 BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
 SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
 
-
 The stylesheet included with this package has been copied from the Zope
 management interface and presumably belongs to Digital Creations.
 

doc/security.txt

@@ -2,7 +2,7 @@
 Security Mechanisms
 ===================
 
-:Version: $Revision: 1.12 $
+:Version: $Revision: 1.13 $
 
 Current situation
 =================
@@ -184,7 +184,7 @@ A security module defines::
                 base roles (for admin user).
             '''
 
-        def hasClassPermission(self, db, classname, permission, userid):
+        def hasPermission(self, db, classname, permission, userid):
             ''' Look through all the Roles, and hence Permissions, and see if
                 "permission" is there for the specified classname.
 
@@ -241,26 +241,24 @@ The instance dbinit module then has in ``open()``::
     ei = db.security.addPermission(name="Edit", klass="issue",
                     description="User is allowed to edit issues")
     db.security.addPermissionToRole('User', ei)
-    ai = db.security.addPermission(name="Assign", klass="issue",
-                    description="User may be assigned to issues")
-    db.security.addPermissionToRole('User', ei)
+    ai = db.security.addPermission(name="View", klass="issue",
+                    description="User is allowed to access issues")
+    db.security.addPermissionToRole('User', ai)
 
 In the dbinit ``init()``::
 
+    # create the two default users
     r = db.getclass('role').lookup('Admin')
     user.create(username="admin", password=Password(adminpw),
-                address=instance_config.ADMIN_EMAIL, roles=[r])
-
-    # choose your anonymous user access permission here
-    #r = db.getclass('role').lookup('No Rego')
-    r = db.getclass('role').lookup('User')
-    user.create(username="anonymous", roles=[r])
+                address=instance_config.ADMIN_EMAIL, roles='Admin')
+    r = db.getclass('role').lookup('Anonymous')
+    user.create(username="anonymous", roles='Anonymous')
 
-Then in the code that matters, calls to ``hasClassPermission`` and
+Then in the code that matters, calls to ``hasPermission`` and
 ``hasNodePermission`` are made to determine if the user has permission
 to perform some action::
 
-    if db.security.hasClassPermission('issue', 'Edit', userid):
+    if db.security.hasPermission('issue', 'Edit', userid):
         # all ok
 
     if db.security.hasNodePermission('issue', nodeid, assignedto=userid):
@@ -279,7 +277,7 @@ which has the form::
 where:
 
 - the permission attribute gives a comma-separated list of permission names.
-  These are checked in turn using ``hasClassPermission`` and requires one to
+  These are checked in turn using ``hasPermission`` and requires one to
   be OK.
 - the other attributes are lookups on the node using ``hasNodePermission``. If
   the attribute value is "$userid" then the current user's userid is tested.
@@ -293,8 +291,7 @@ Implementation as shipped
 A set of Permissions are built in to the security module by default:
 
 - Edit (everything)
-- Access (everything)
-- Assign (everything)
+- View (everything)
 
 The default interfaces define:
 
@@ -303,18 +300,24 @@ The default interfaces define:
 
 These are hooked into the default Roles:
 
-- Admin (Edit everything, Access everything, Assign everything)
+- Admin (Edit everything, View everything)
 - User ()
 - Anonymous (Web Registration, Email Registration)
 
 And finally, the "admin" user gets the "Admin" Role, and the "anonymous" user
 gets the "Anonymous" assigned when the database is initialised on installation.
 The two default schemas then define:
 
-- Edit issue, Access issue (both)
-- Edit support, Access support (extended only)
+- Edit issue, View issue (both)
+- Edit file, View file (both)
+- Edit msg, View msg (both)
+- Edit support, View support (extended only)
+
+and assign those Permissions to the "User" Role. New users are assigned the
+Roles defined in the config file as:
 
-and assign those Permissions to the "User" Role.
+- NEW_WEB_USER_ROLES
+- NEW_EMAIL_USER_ROLES
 
 
 Authentication of Users
@@ -354,6 +357,7 @@ The CGI interface must be changed to:
   - implement htmltemplate tests on permissions
   - switch all code over from using config vars for permission checks to using
     permissions
+  - change all explicit admin user checks for Role checks
   - include config vars for initial Roles for anonymous web, new web and new
     email users
 

doc/upgrading.txt

@@ -18,6 +18,7 @@ TODO: mention that the dbinit needs the db.post_init() method call for
 reindexing
 TODO: dbinit now imports classes from selct_db
 TODO: select_db needs fixing to include Class, FileClass and IssueClass
+TODO: migration of security settings
 
 
 Migrating from 0.4.1 to 0.4.2

roundup/backends/back_anydbm.py

@@ -15,7 +15,7 @@
 # BASIS, AND THERE IS NO OBLIGATION WHATSOEVER TO PROVIDE MAINTENANCE,
 # SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
 # 
-#$Id: back_anydbm.py,v 1.53 2002-07-25 07:14:06 richard Exp $
+#$Id: back_anydbm.py,v 1.54 2002-07-26 08:26:59 richard Exp $
 '''
 This module defines a backend that saves the hyperdatabase in a database
 chosen by anydbm. It is guaranteed to always be available in python
@@ -1333,7 +1333,7 @@ def stringFind(self, **requirements):
                 if node.has_key(self.db.RETIRED_FLAG):
                     continue
                 for key, value in requirements.items():
-                    if node[key] and node[key].lower() != value:
+                    if node[key] is None or node[key].lower() != value:
                         break
                 else:
                     l.append(nodeid)
@@ -1776,6 +1776,14 @@ def __init__(self, db, classname, **properties):
 
 #
 #$Log: not supported by cvs2svn $
+#Revision 1.53  2002/07/25 07:14:06  richard
+#Bugger it. Here's the current shape of the new security implementation.
+#Still to do:
+# . call the security funcs from cgi and mailgw
+# . change shipped templates to include correct initialisation and remove
+#   the old config vars
+#... that seems like a lot. The bulk of the work has been done though. Honest :)
+#
 #Revision 1.52  2002/07/19 03:36:34  richard
 #Implemented the destroy() method needed by the session database (and possibly
 #others). At the same time, I removed the leading underscores from the hyperdb