Index: tracpaste/__init__.py =================================================================== --- tracpaste/__init__.py (revision 372) +++ tracpaste/__init__.py (working copy) @@ -80,8 +80,15 @@ # IPermissionHandler methods def get_permission_actions(self): - actions = ['PASTEBIN_VIEW'] - return actions + [('PASTEBIN_ADMIN', actions)] + """ Permissions supported by the plugin. + PASTEBIN_CREATE and PASTEBIN_REPLY both include PASTEBIN_VIEW, but + PASTEBIN_REPLY does not include PASTEBIN_CREATE and vice versa. """ + actions = ['PASTEBIN_VIEW', + ('PASTEBIN_CREATE', ['PASTEBIN_VIEW']), + ('PASTEBIN_REPLY', ['PASTEBIN_VIEW']), + ('PASTEBIN_ADMIN', ['PASTEBIN_VIEW', 'PASTEBIN_CREATE', 'PASTEBIN_REPLY']), + ] + return actions # IRequestHandler methods def match_request(self, req): @@ -122,15 +129,22 @@ # check if we reply to a paste if 'reply' in req.args and req.args['reply'].isdigit(): - paste = Paste(self.env, req.args['reply']) + req.perm.assert_permission('PASTEBIN_REPLY') + + replyto = req.args['reply'] + paste = Paste(self.env, replyto) if paste: title = paste.title if not title.startswith('Re:'): title = 'Re: ' + title data = paste.data mimetype = paste.mimetype + else: + replyto = '0' if req.method == 'POST': + req.perm.assert_permission('PASTEBIN_CREATE') + if not data.strip(): error = True else: @@ -145,6 +159,7 @@ data = { 'mode': 'new', + 'replyto': replyto, 'mimetypes': self._get_mimetypes(), 'mimetype': mimetype, 'title': title, Index: tracpaste/templates/pastebin.html =================================================================== --- tracpaste/templates/pastebin.html (revision 372) +++ tracpaste/templates/pastebin.html (working copy) @@ -24,27 +24,35 @@ -