#1585 closed defect (fixed)
Calender Plugin should somehow honor Cal_Permissions
| Reported by: | Owned by: | Petr Machata | |
|---|---|---|---|
| Priority: | highest | Component: | CalendarPlugin |
| Severity: | normal | Keywords: | security, permission |
| Cc: | Trac Release: | 0.10 |
Description
I've set no permission to anonymous, but anonymous is able to see the calendar. And also to edit the thing...
But cool plugin.
PS: where to switch off the Image while working (and is it needed anyway?)
Attachments (1)
Change History (7)
comment:1 Changed 18 years ago by
| Component: | TracHacks → CalendarPlugin |
|---|---|
| Owner: | changed from Alec Thomas to Petr Machata |
comment:2 Changed 17 years ago by
| Status: | new → assigned |
|---|
comment:3 Changed 17 years ago by
| Keywords: | security permission added |
|---|---|
| Priority: | normal → highest |
is there anybody still working on this permission issue or do I have to disable this nice plugin?
pls let me know cheers totti
comment:4 Changed 17 years ago by
I did it. (hopefully) So I added the permissions and it seems to work. But I'm not THAT familiar with the Trac Style ;) so maybe I did it completely wrong... but seems to work.
The Diff is attached.
comment:5 Changed 17 years ago by
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Thanks, I applied the patch (r2515).
I'd like to consider it a first stab at solving the problem, because there are some issues that need to be resolved, e.g. how does ticket ownership enter into the picture, if there should be CC lists akin to bugzilla, user groups, etc. But that's for proposal on its own.
comment:6 Changed 17 years ago by
Oh, and one more note, if/when you send more patches, please try to keep the indentations in python files at four spaces :)
Indeed it should. I agree it's very feature-incomplete security-wise at the moment.