Changeset 3600
- Timestamp:
- 05/05/08 02:09:06 (8 months ago)
- Files:
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
privateticketsplugin/0.11/privatetickets/policy.py
r3598 r3600 21 21 doc='Groups that do not affect the common membership check.') 22 22 23 ignore_permissions = set([ 24 'TRAC_ADMIN', 25 'TICKET_VIEW_REPORTER', 26 'TICKET_VIEW_OWNER', 27 'TICKET_VIEW_CC', 28 'TICKET_VIEW_REPORTER_GROUP', 29 'TICKET_VIEW_OWNER_GROUP', 30 'TICKET_VIEW_CC_GROUP', 31 ]) 32 23 33 # IPermissionPolicy(Interface) 24 34 def check_permission(self, action, username, resource, perm): 25 if 'TRAC_ADMIN' in perm: 26 return None 27 if username == 'anonymous' or resource is None: 28 return None 29 if resource.realm == 'ticket' and action == 'TICKET_VIEW': 35 if username != 'anonymous' and \ 36 resource is not None and \ 37 resource.realm == 'ticket' and \ 38 resource.id is not None and \ 39 action not in self.ignore_permissions and \ 40 'TRAC_ADMIN' not in perm: 30 41 return self.check_ticket_access(perm, resource) 31 42 return None … … 46 57 return False # Ticket doesn't exist 47 58 48 # TODO: These should be checking in the context of the ticket. <NPK>49 59 if perm.has_permission('TICKET_VIEW_REPORTER') and \ 50 60 tkt['reporter'] == perm.username:
