Ticket #1585 (closed defect: fixed)

Opened 6 years ago

Last modified 6 years ago

Calender Plugin should somehow honor Cal_Permissions

Reported by: jc@vfnet.de Assigned to: ant_39
Priority: highest Component: CalendarPlugin
Severity: normal Keywords: security, permission
Cc: Trac Release: 0.10

Description

I've set no permission to anonymous, but anonymous is able to see the calendar. And also to edit the thing...

But cool plugin.

PS: where to switch off the Image while working (and is it needed anyway?)

Attachments

Calendar.diff (3.3 kB) - added by jc@vfnet.de on 07/23/07 08:02:25.
Calendar Diff for azcalendar

Change History

05/30/07 08:31:15 changed by anonymous

  • owner changed from athomas to ant_39.
  • component changed from TracHacks to CalendarPlugin.

06/07/07 16:04:56 changed by ant_39

  • status changed from new to assigned.

Indeed it should. I agree it's very feature-incomplete security-wise at the moment.

07/23/07 04:25:40 changed by totti

  • keywords set to security, permission.
  • priority changed from normal to highest.

is there anybody still working on this permission issue or do I have to disable this nice plugin?

pls let me know cheers totti

07/23/07 08:01:57 changed by jc@vfnet.de

I did it. (hopefully) So I added the permissions and it seems to work. But I'm not THAT familiar with the Trac Style ;) so maybe I did it completely wrong... but seems to work.

The Diff is attached.

07/23/07 08:02:25 changed by jc@vfnet.de

  • attachment Calendar.diff added.

Calendar Diff for azcalendar

07/23/07 21:19:13 changed by ant_39

  • status changed from assigned to closed.
  • resolution set to fixed.

Thanks, I applied the patch (r2515).

I'd like to consider it a first stab at solving the problem, because there are some issues that need to be resolved, e.g. how does ticket ownership enter into the picture, if there should be CC lists akin to bugzilla, user groups, etc. But that's for proposal on its own.

07/23/07 21:21:05 changed by ant_39

Oh, and one more note, if/when you send more patches, please try to keep the indentations in python files at four spaces :)

Add/Change #1585 (Calender Plugin should somehow honor Cal_Permissions)




Change Properties
Action