| | 1 | |
|---|
| | 2 | = Theory of Operations = |
|---|
| | 3 | |
|---|
| | 4 | I am writing this page to help others understand the use, operations and limitations of this plugin. |
|---|
| | 5 | |
|---|
| | 6 | == Groups == |
|---|
| | 7 | - One can specify a group which users must be a member of in order to log in. |
|---|
| | 8 | - Additionally, one may specify an ''admin'' group. If a user is a member of the ''admin'' group, then they will automatically be granted the `TRAC_ADMIN` permission. |
|---|
| | 9 | - Finally, Directory groups are extended into the trac namespace. They can be used to extend permissions by group. |
|---|
| | 10 | - directory groups are prefixed by @ |
|---|
| | 11 | - group names are lowercase and spaces are replaced with underscores. |
|---|
| | 12 | |
|---|
| | 13 | See [DirectoryAuthPlugin/GroupManagement GroupManagement] for more details. |
|---|
| | 14 | |
|---|
| | 15 | == Caching == |
|---|
| | 16 | |
|---|
| | 17 | Given the expense of traversing the network for authorizations, a two-stage cache has been implemented. |
|---|
| | 18 | |
|---|
| | 19 | 1. Data is cached into memory for quick lookups on repeat operations. |
|---|
| | 20 | 1. Data is also cached in the database so that lookups can pass between instances of python w/o requiring going to the network. |
|---|
| | 21 | |
|---|
| | 22 | See: [DirectoryAuthPlugin/CacheManagement CacheManagement] for details. |
|---|
