#10635 closed defect (fixed)
Plugin is not working with Trac 1.1.1dev
Reported by: | Ryan J Ollos | Owned by: | Nathan Lewis |
---|---|---|---|
Priority: | normal | Component: | PrivateWikiPlugin |
Severity: | normal | Keywords: | |
Cc: | Peter Suter | Trac Release: | 1.2 |
Description
As mentioned in #10634, the plugin isn't working for me with Trac 1.1.1dev. I'll provide some tests and patches in this ticket to try and determine what the issue is.
Attachments (0)
Change History (6)
comment:1 follow-up: 2 Changed 12 years ago by
comment:2 follow-up: 3 Changed 12 years ago by
Cc: | Peter Suter added; anonymous removed |
---|
Replying to rjollos:
Another issue I've found is that the plugin doesn't do fine-grained checks for the
WIKI_CREATE
action.
I appreciate if anyone else is able to confirm this defect. It should be fairly simple to reproduce. Just login as a user with PRIVATE_VIEW_<page>
and try to create a non-existent page below page/
.
comment:3 Changed 11 years ago by
Replying to rjollos:
Replying to rjollos:
Another issue I've found is that the plugin doesn't do fine-grained checks for the
WIKI_CREATE
action.I appreciate if anyone else is able to confirm this defect. It should be fairly simple to reproduce. Just login as a user with
PRIVATE_VIEW_<page>
and try to create a non-existent page belowpage/
.
I can confirm this defect.
comment:4 Changed 11 years ago by
Addressed WIKI_CREATE
issue with svn commit: changeset:13372/privatewikiplugin
Now you need Edit privileges to create a private wiki. I am new to trac but the changes seems to work for me on the lasted development version (1.1.2). If you don't have the privilege, it will say the page doesn't exist.
comment:5 Changed 11 years ago by
Resolution: | → fixed |
---|---|
Status: | new → closed |
Thanks for the fix. I tested and it seems to be working well.
Btw, I think we can probably implement private wikis using TracFineGrainedPermissions. TracFineGrainedPermissions provides the ability to restrict the users that can access any resource id. PrivateWikiPlugin could then just provide a nice interface for creating private wikis. The interface would be useful since the TracFineGrainedPermissions authz file is not too user-friendly, and could quickly become difficult to manage even for someone that is familiar with the syntax. See #11049 and PrivateReportsPlugin for similar suggestions with regard to that plugin.
My mistake. I had overlooked this line on the main page: Enter the pages in all upper case and replace /'s with _. What is really confusing is that the default value for
private_wikis
is not all uppercase (default='Private'
). It seems like we can avoid that constraint with some simple changes though.Another issue I've found is that the plugin doesn't do fine-grained checks for the
WIKI_CREATE
action. If the user has view but not edit permission for a private page, then they will be able to create the page, or any subpage. The user won't be able to edit the page after creation though.I have unit tests wired up now, so I'll start applying fixes tomorrow and push the changes to my BitBucket branch, requesting your review.