slitaz-forge annotate bugs/templates/slitaz/schema.py @ rev 359

Fix qrcode.js path
author Pascal Bellard <pascal.bellard@slitaz.org>
date Wed Mar 27 12:13:25 2013 +0100 (2013-03-27)
parents
children
rev   line source
pankso@64 1
pankso@64 2 #
pankso@64 3 # TRACKER SCHEMA
pankso@64 4 #
pankso@64 5
pankso@64 6 # Class automatically gets these properties:
pankso@64 7 # creation = Date()
pankso@64 8 # activity = Date()
pankso@64 9 # creator = Link('user')
pankso@64 10 # actor = Link('user')
pankso@64 11
pankso@64 12 # Priorities
pankso@64 13 pri = Class(db, "priority",
pankso@64 14 name=String(),
pankso@64 15 order=Number())
pankso@64 16 pri.setkey("name")
pankso@64 17
pankso@64 18 # Statuses
pankso@64 19 stat = Class(db, "status",
pankso@64 20 name=String(),
pankso@64 21 order=Number())
pankso@64 22 stat.setkey("name")
pankso@64 23
pankso@64 24 # Keywords
pankso@64 25 keyword = Class(db, "keyword",
pankso@64 26 name=String())
pankso@64 27 keyword.setkey("name")
pankso@64 28
pankso@64 29 # User-defined saved searches
pankso@64 30 query = Class(db, "query",
pankso@64 31 klass=String(),
pankso@64 32 name=String(),
pankso@64 33 url=String(),
pankso@64 34 private_for=Link('user'))
pankso@64 35
pankso@64 36 # add any additional database schema configuration here
pankso@64 37
pankso@64 38 user = Class(db, "user",
pankso@64 39 username=String(),
pankso@64 40 password=Password(),
pankso@64 41 address=String(),
pankso@64 42 realname=String(),
pankso@64 43 website=String(),
pankso@64 44 alternate_addresses=String(),
pankso@64 45 queries=Multilink('query'),
pankso@64 46 roles=String(), # comma-separated string of Role names
pankso@64 47 timezone=String())
pankso@64 48 user.setkey("username")
pankso@64 49 db.security.addPermission(name='Register', klass='user',
pankso@64 50 description='User is allowed to register new user')
pankso@64 51
pankso@64 52 # FileClass automatically gets this property in addition to the Class ones:
pankso@64 53 # content = String() [saved to disk in <tracker home>/db/files/]
pankso@64 54 # type = String() [MIME type of the content, default 'text/plain']
pankso@64 55 msg = FileClass(db, "msg",
pankso@64 56 author=Link("user", do_journal='no'),
pankso@64 57 recipients=Multilink("user", do_journal='no'),
pankso@64 58 date=Date(),
pankso@64 59 summary=String(),
pankso@64 60 files=Multilink("file"),
pankso@64 61 messageid=String(),
pankso@64 62 inreplyto=String())
pankso@64 63
pankso@64 64 file = FileClass(db, "file",
pankso@64 65 name=String())
pankso@64 66
pankso@64 67 # IssueClass automatically gets these properties in addition to the Class ones:
pankso@64 68 # title = String()
pankso@64 69 # messages = Multilink("msg")
pankso@64 70 # files = Multilink("file")
pankso@64 71 # nosy = Multilink("user")
pankso@64 72 # superseder = Multilink("issue")
pankso@64 73 issue = IssueClass(db, "issue",
pankso@64 74 assignedto=Link("user"),
pankso@64 75 keyword=Multilink("keyword"),
pankso@64 76 priority=Link("priority"),
pankso@64 77 status=Link("status"))
pankso@64 78
pankso@64 79 #
pankso@64 80 # TRACKER SECURITY SETTINGS
pankso@64 81 #
pankso@64 82 # See the configuration and customisation document for information
pankso@64 83 # about security setup.
pankso@64 84
pankso@64 85 #
pankso@64 86 # REGULAR USERS
pankso@64 87 #
pankso@64 88 # Give the regular users access to the web and email interface
pankso@64 89 db.security.addPermissionToRole('User', 'Web Access')
pankso@64 90 db.security.addPermissionToRole('User', 'Email Access')
pankso@64 91
pankso@64 92 # Assign the access and edit Permissions for issue, file and message
pankso@64 93 # to regular users now
pankso@64 94 for cl in 'issue', 'file', 'msg', 'keyword':
pankso@64 95 db.security.addPermissionToRole('User', 'View', cl)
pankso@64 96 db.security.addPermissionToRole('User', 'Edit', cl)
pankso@64 97 db.security.addPermissionToRole('User', 'Create', cl)
pankso@64 98 for cl in 'priority', 'status':
pankso@64 99 db.security.addPermissionToRole('User', 'View', cl)
pankso@64 100
pankso@64 101 # May users view other user information? Comment these lines out
pankso@64 102 # if you don't want them to
pankso@64 103 db.security.addPermissionToRole('User', 'View', 'user')
pankso@64 104
pankso@64 105 # Users should be able to edit their own details -- this permission is
pankso@64 106 # limited to only the situation where the Viewed or Edited item is their own.
pankso@64 107 def own_record(db, userid, itemid):
pankso@64 108 '''Determine whether the userid matches the item being accessed.'''
pankso@64 109 return userid == itemid
pankso@64 110 p = db.security.addPermission(name='View', klass='user', check=own_record,
pankso@64 111 description="User is allowed to view their own user details")
pankso@64 112 db.security.addPermissionToRole('User', p)
pankso@64 113 p = db.security.addPermission(name='Edit', klass='user', check=own_record,
pankso@64 114 properties=('username', 'password', 'address', 'realname', 'website',
pankso@64 115 'alternate_addresses', 'queries', 'timezone'),
pankso@64 116 description="User is allowed to edit their own user details")
pankso@64 117 db.security.addPermissionToRole('User', p)
pankso@64 118
pankso@64 119 # Users should be able to edit and view their own queries. They should also
pankso@64 120 # be able to view any marked as not private. They should not be able to
pankso@64 121 # edit others' queries, even if they're not private
pankso@64 122 def view_query(db, userid, itemid):
pankso@64 123 private_for = db.query.get(itemid, 'private_for')
pankso@64 124 if not private_for: return True
pankso@64 125 return userid == private_for
pankso@64 126 def edit_query(db, userid, itemid):
pankso@64 127 return userid == db.query.get(itemid, 'creator')
pankso@64 128 p = db.security.addPermission(name='View', klass='query', check=view_query,
pankso@64 129 description="User is allowed to view their own and public queries")
pankso@64 130 db.security.addPermissionToRole('User', p)
pankso@64 131 p = db.security.addPermission(name='Edit', klass='query', check=edit_query,
pankso@64 132 description="User is allowed to edit their queries")
pankso@64 133 db.security.addPermissionToRole('User', p)
pankso@64 134 p = db.security.addPermission(name='Retire', klass='query', check=edit_query,
pankso@64 135 description="User is allowed to retire their queries")
pankso@64 136 db.security.addPermissionToRole('User', p)
pankso@64 137 p = db.security.addPermission(name='Create', klass='query',
pankso@64 138 description="User is allowed to create queries")
pankso@64 139 db.security.addPermissionToRole('User', p)
pankso@64 140
pankso@64 141
pankso@64 142 #
pankso@64 143 # ANONYMOUS USER PERMISSIONS
pankso@64 144 #
pankso@64 145 # Let anonymous users access the web interface. Note that almost all
pankso@64 146 # trackers will need this Permission. The only situation where it's not
pankso@64 147 # required is in a tracker that uses an HTTP Basic Authenticated front-end.
pankso@64 148 db.security.addPermissionToRole('Anonymous', 'Web Access')
pankso@64 149
pankso@64 150 # Let anonymous users access the email interface (note that this implies
pankso@64 151 # that they will be registered automatically, hence they will need the
pankso@64 152 # "Create" user Permission below)
pankso@64 153 # This is disabled by default to stop spam from auto-registering users on
pankso@64 154 # public trackers.
pankso@64 155 #db.security.addPermissionToRole('Anonymous', 'Email Access')
pankso@64 156
pankso@64 157 # Assign the appropriate permissions to the anonymous user's Anonymous
pankso@64 158 # Role. Choices here are:
pankso@64 159 # - Allow anonymous users to register
pankso@64 160 db.security.addPermissionToRole('Anonymous', 'Register', 'user')
pankso@64 161
pankso@64 162 # Allow anonymous users access to view issues (and the related, linked
pankso@64 163 # information)
pankso@64 164 for cl in 'issue', 'file', 'msg', 'keyword', 'priority', 'status':
pankso@64 165 db.security.addPermissionToRole('Anonymous', 'View', cl)
pankso@64 166
pankso@64 167 # [OPTIONAL]
pankso@64 168 # Allow anonymous users access to create or edit "issue" items (and the
pankso@64 169 # related file and message items)
pankso@64 170 #for cl in 'issue', 'file', 'msg':
pankso@64 171 # db.security.addPermissionToRole('Anonymous', 'Create', cl)
pankso@64 172 # db.security.addPermissionToRole('Anonymous', 'Edit', cl)
pankso@64 173
pankso@64 174
pankso@64 175 # vim: set filetype=python sts=4 sw=4 et si :
pankso@64 176 #SHA: d935a2b51c5922fb4e7a5fefc5ed70ef5fcbcac8