Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Trac: Users

Fine grained permissions

  

 
Trac users RSS feed   Index | Next | Previous | View Threaded


r.s.hatcher at reading

Sep 16, 2009, 2:21 AM

Post #1 of 2 (690 views)
Permalink
Fine grained permissions
Hi

I'm having trouble getting the Trac Fine Grained Permissions to work to
protect sections of the wiki.

I'm using Trac 0.11.2.1 and Python 2.5

I've followed the instructions at:
http://trac.edgewall.org/wiki/TracFineGrainedPermissions

- Installed ConfigObj
- Copied authz_policy.py to /trac/env/plugins directory
- Created a authzpolicy.conf file now only contains

[wiki:WikiStart@*]
* =

which if I understand correctly should block access to the WikiStart
page for everyone.

- Updated trac.ini to add

[trac]
...
permsission_policies = AuthzPolicy, DefaultPermissionPolicy,
LegacyAttachmentPolicy

Added the [authz_policy] section and enabled the authz_policy plugin.


But whatever combination of settings I put in the authzpolicy.conf file
I'm able to see all the wiki pages. I've looked at the log file and it
is loading the plugins/authz_policy.py file. What am I doing wrong? Any
help would be much appreciated.

Thanks in advance.
Rosalyn.

P.S.

FYI the log file says....

2009-09-16 10:17:40,478 Trac[main] DEBUG: Dispatching <Request "GET
u'/wiki'">
2009-09-16 10:17:40,536 Trac[svn_fs] DEBUG: Subversion bindings imported
2009-09-16 10:17:40,548 Trac[api] DEBUG: action controllers for ticket
workflow: ['ConfigurableTicketWorkflow']
2009-09-16 10:17:40,553 Trac[chrome] DEBUG: Prepare chrome data for request
2009-09-16 10:17:40,554 Trac[perm] DEBUG: No policy allowed anonymous
performing TICKET_CREATE on None
2009-09-16 10:17:40,555 Trac[perm] DEBUG: No policy allowed anonymous
performing BROWSER_VIEW on None
2009-09-16 10:17:40,564 Trac[perm] DEBUG: No policy allowed anonymous
performing TRAC_ADMIN on None
2009-09-16 10:17:40,564 Trac[perm] DEBUG: No policy allowed anonymous
performing PERMISSION_GRANT on None
2009-09-16 10:17:40,564 Trac[perm] DEBUG: No policy allowed anonymous
performing PERMISSION_REVOKE on None
2009-09-16 10:17:40,564 Trac[perm] DEBUG: No policy allowed anonymous
performing TICKET_ADMIN on None
2009-09-16 10:17:40,565 Trac[perm] DEBUG: No policy allowed anonymous
performing TIMELINE_VIEW on None
2009-09-16 10:17:40,565 Trac[perm] DEBUG: No policy allowed anonymous
performing ROADMAP_VIEW on None
2009-09-16 10:17:40,572 Trac[api] DEBUG: Updating wiki page index
2009-09-16 10:17:40,580 Trac[perm] DEBUG: No policy allowed anonymous
performing WIKI_MODIFY on <Resource u'wiki:WikiStart, attachment'>
2009-09-16 10:17:40,581 Trac[attachment] DEBUG: LegacyAttachmentPolicy
denied anonymous access to <Resource u'wiki:WikiStart, attachment'>.
User needs WIKI_MODIFY
2009-09-16 10:17:40,581 Trac[perm] DEBUG: LegacyAttachmentPolicy denies
anonymous performing ATTACHMENT_CREATE on <Resource u'wiki:WikiStart,
attachment'>
2009-09-16 10:17:40,920 Trac[perm] DEBUG: No policy allowed anonymous
performing EMAIL_VIEW on None
2009-09-16 10:17:40,920 Trac[session] DEBUG: Retrieving session for ID
'be47d23494bf07168c46e2f6'
2009-09-16 10:17:41,054 Trac[perm] DEBUG: No policy allowed anonymous
performing WIKI_MODIFY on <Resource u'wiki:WikiStart'>
2009-09-16 10:17:41,054 Trac[perm] DEBUG: No policy allowed anonymous
performing WIKI_DELETE on <Resource u'wiki:WikiStart'>
2009-09-16 10:17:41,054 Trac[perm] DEBUG: No policy allowed anonymous
performing WIKI_ADMIN on <Resource u'wiki:WikiStart'>

--
------------------------------------------------------------------------
Rosalyn Hatcher
NCAS Computational Modelling Services
Dept. of Meteorology, University of Reading,
Earley Gate, Reading. RG6 6BB
Email: r.s.hatcher [at] reading Tel: +44 (0) 118 378 6016


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Trac Users" group.
To post to this group, send email to trac-users [at] googlegroups
To unsubscribe from this group, send email to trac-users+unsubscribe [at] googlegroups
For more options, visit this group at http://groups.google.com/group/trac-users?hl=en
-~----------~----~----~----~------~----~------~--~---


r.s.hatcher at reading

Sep 16, 2009, 2:50 AM

Post #2 of 2 (668 views)
Permalink
Re: Fine grained permissions [In reply to]
Ok, so I've gone boss-eyed. All solved I had AuthPolicy instead of
AuthzPolicy. :-(


Rosalyn Hatcher wrote:
> Hi
>
> I'm having trouble getting the Trac Fine Grained Permissions to work to
> protect sections of the wiki.
>
> I'm using Trac 0.11.2.1 and Python 2.5
>
> I've followed the instructions at:
> http://trac.edgewall.org/wiki/TracFineGrainedPermissions
>
> - Installed ConfigObj
> - Copied authz_policy.py to /trac/env/plugins directory
> - Created a authzpolicy.conf file now only contains
>
> [wiki:WikiStart@*]
> * =
>
> which if I understand correctly should block access to the WikiStart
> page for everyone.
>
> - Updated trac.ini to add
>
> [trac]
> ...
> permsission_policies = AuthzPolicy, DefaultPermissionPolicy,
> LegacyAttachmentPolicy
>
> Added the [authz_policy] section and enabled the authz_policy plugin.
>
>
> But whatever combination of settings I put in the authzpolicy.conf file
> I'm able to see all the wiki pages. I've looked at the log file and it
> is loading the plugins/authz_policy.py file. What am I doing wrong? Any
> help would be much appreciated.
>
> Thanks in advance.
> Rosalyn.
>
> P.S.
>
> FYI the log file says....
>
> 2009-09-16 10:17:40,478 Trac[main] DEBUG: Dispatching <Request "GET
> u'/wiki'">
> 2009-09-16 10:17:40,536 Trac[svn_fs] DEBUG: Subversion bindings imported
> 2009-09-16 10:17:40,548 Trac[api] DEBUG: action controllers for ticket
> workflow: ['ConfigurableTicketWorkflow']
> 2009-09-16 10:17:40,553 Trac[chrome] DEBUG: Prepare chrome data for request
> 2009-09-16 10:17:40,554 Trac[perm] DEBUG: No policy allowed anonymous
> performing TICKET_CREATE on None
> 2009-09-16 10:17:40,555 Trac[perm] DEBUG: No policy allowed anonymous
> performing BROWSER_VIEW on None
> 2009-09-16 10:17:40,564 Trac[perm] DEBUG: No policy allowed anonymous
> performing TRAC_ADMIN on None
> 2009-09-16 10:17:40,564 Trac[perm] DEBUG: No policy allowed anonymous
> performing PERMISSION_GRANT on None
> 2009-09-16 10:17:40,564 Trac[perm] DEBUG: No policy allowed anonymous
> performing PERMISSION_REVOKE on None
> 2009-09-16 10:17:40,564 Trac[perm] DEBUG: No policy allowed anonymous
> performing TICKET_ADMIN on None
> 2009-09-16 10:17:40,565 Trac[perm] DEBUG: No policy allowed anonymous
> performing TIMELINE_VIEW on None
> 2009-09-16 10:17:40,565 Trac[perm] DEBUG: No policy allowed anonymous
> performing ROADMAP_VIEW on None
> 2009-09-16 10:17:40,572 Trac[api] DEBUG: Updating wiki page index
> 2009-09-16 10:17:40,580 Trac[perm] DEBUG: No policy allowed anonymous
> performing WIKI_MODIFY on <Resource u'wiki:WikiStart, attachment'>
> 2009-09-16 10:17:40,581 Trac[attachment] DEBUG: LegacyAttachmentPolicy
> denied anonymous access to <Resource u'wiki:WikiStart, attachment'>.
> User needs WIKI_MODIFY
> 2009-09-16 10:17:40,581 Trac[perm] DEBUG: LegacyAttachmentPolicy denies
> anonymous performing ATTACHMENT_CREATE on <Resource u'wiki:WikiStart,
> attachment'>
> 2009-09-16 10:17:40,920 Trac[perm] DEBUG: No policy allowed anonymous
> performing EMAIL_VIEW on None
> 2009-09-16 10:17:40,920 Trac[session] DEBUG: Retrieving session for ID
> 'be47d23494bf07168c46e2f6'
> 2009-09-16 10:17:41,054 Trac[perm] DEBUG: No policy allowed anonymous
> performing WIKI_MODIFY on <Resource u'wiki:WikiStart'>
> 2009-09-16 10:17:41,054 Trac[perm] DEBUG: No policy allowed anonymous
> performing WIKI_DELETE on <Resource u'wiki:WikiStart'>
> 2009-09-16 10:17:41,054 Trac[perm] DEBUG: No policy allowed anonymous
> performing WIKI_ADMIN on <Resource u'wiki:WikiStart'>
>
>


--
------------------------------------------------------------------------
Rosalyn Hatcher
NCAS Computational Modelling Services
Dept. of Meteorology, University of Reading,
Earley Gate, Reading. RG6 6BB
Email: r.s.hatcher [at] reading Tel: +44 (0) 118 378 6016


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Trac Users" group.
To post to this group, send email to trac-users [at] googlegroups
To unsubscribe from this group, send email to trac-users+unsubscribe [at] googlegroups
For more options, visit this group at http://groups.google.com/group/trac-users?hl=en
-~----------~----~----~----~------~----~------~--~---

Trac users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.