[Python-checkins] r56595 - in tracker/instances/meta: html/file.item.html html/issue.item.html html/msg.item.html schema.py

erik.forsberg python-checkins at python.org
Fri Jul 27 22:48:27 CEST 2007 

Author: erik.forsberg
Date: Fri Jul 27 22:48:26 2007
New Revision: 56595

Modified:
   tracker/instances/meta/html/file.item.html
   tracker/instances/meta/html/issue.item.html
   tracker/instances/meta/html/msg.item.html
   tracker/instances/meta/schema.py
Log:

Use roundup's security system for spambayes integration security.


Modified: tracker/instances/meta/html/file.item.html
==============================================================================
--- tracker/instances/meta/html/file.item.html	(original)
+++ tracker/instances/meta/html/file.item.html	Fri Jul 27 22:48:26 2007
@@ -55,11 +55,11 @@
 <p tal:condition="python:utils.sb_is_spam(context)" class="error-message">
    File has been classified as spam.</p>
 
-<a tal:condition="python:context.id and utils.sb_is_view_ok(context)"
+<a tal:condition="python:context.id and context.content.is_view_ok()"
  tal:attributes="href string:file${context/id}/${context/name}"
  i18n:translate="">download</a>
 
-<p tal:condition="python:context.id and not utils.sb_is_view_ok(context)">
+<p tal:condition="python:context.id and not context.content.is_view_ok()">
    Files classified as spam are not available for download by
    unathorized users. If you think the file has been misclassified,
    please login and click on the button for reclassification.
@@ -69,7 +69,7 @@
      <form method="POST" onSubmit="return submit_once()"
        enctype="multipart/form-data"
        tal:attributes="action context/designator"
-       tal:condition="python:utils.sb_may_classify(context)">
+       tal:condition="python:request.user.hasPermission('SB: May Classify')">
  
       <input type="hidden" name="@action" value="spambayes_classify">
       <input type="submit" name="trainspam" value="Mark as SPAM" i18n:attributes="value">

Modified: tracker/instances/meta/html/issue.item.html
==============================================================================
--- tracker/instances/meta/html/issue.item.html	(original)
+++ tracker/instances/meta/html/issue.item.html	Fri Jul 27 22:48:26 2007
@@ -186,7 +186,7 @@
        tal:condition="python:utils.sb_is_spam(msg)">
        Message has been classified as spam.
     </p>
-    <pre tal:condition="python:utils.sb_is_view_ok(msg)"
+    <pre tal:condition="python:msg.content.is_view_ok()"
          tal:content="structure msg/content/hyperlinked">content</pre>
    </td>
   </tr>

Modified: tracker/instances/meta/html/msg.item.html
==============================================================================
--- tracker/instances/meta/html/msg.item.html	(original)
+++ tracker/instances/meta/html/msg.item.html	Fri Jul 27 22:48:26 2007
@@ -66,7 +66,7 @@
 
 <table class="messages">
  <tr><th colspan=2 class="header" i18n:translate="">Content</th></tr>
-   <th class="header" tal:condition="python:utils.sb_may_classify(context)">
+   <th class="header" tal:condition="python:request.user.hasPermission('SB: May Classify')">
      <form method="POST" onSubmit="return submit_once()"
        enctype="multipart/form-data"
        tal:attributes="action context/designator">
@@ -78,10 +78,10 @@
    </th>
  <tr>
   <td class="content" colspan=2
-   tal:condition="python:utils.sb_is_view_ok(context)"><pre
+   tal:condition="python:context.content.is_view_ok()"><pre
    tal:content="structure context/content/hyperlinked"></pre></td>
   <td class="content" colspan=2
-      tal:condition="python:not utils.sb_is_view_ok(context)">
+      tal:condition="python:not context.content.is_view_ok()">
             Message has been classified as spam and is therefore not
       available to unathorized users. If you think this is
       incorrect, please login and report the message as being

Modified: tracker/instances/meta/schema.py
==============================================================================
--- tracker/instances/meta/schema.py	(original)
+++ tracker/instances/meta/schema.py	Fri Jul 27 22:48:26 2007
@@ -87,6 +87,11 @@
 
 db.security.addRole(name='Coordinator', description='A coordinator')
 
+db.security.addPermission(name="SB: May Classify")
+db.security.addPermission(name="SB: May Report Misclassified")
+
+db.security.addPermissionToRole('Coordinator', 'SB: May Classify')
+
 #
 # REGULAR USERS
 #
@@ -178,9 +183,7 @@
             return True
 
         if score > cutoff_score:
-            roles = set(db.user.get(userid, "roles").lower().split(","))
-            allowed = set(db.config.detectors['SPAMBAYES_MAY_VIEW_SPAM'].lower().split(","))
-            return bool(roles.intersection(allowed))
+            return False
 
         return True
 
@@ -198,6 +201,13 @@
                                               ))
 
     db.security.addPermissionToRole('Anonymous', p)
+    db.security.addPermissionToRole('User', p)
+
+    p = db.security.addPermission(name='View', klass=cl,
+                                  description="Allowed to see content of object regardless of spam status",
+                                  properties = ('content', 'summary'))
+    
+    db.security.addPermissionToRole('User', p)    
     
     spamcheck = db.security.addPermission(name='View', klass=cl,
                                           description="allowed to see metadata of file object regardless of spam status",

More information about the Python-checkins mailing list