allura
リビジョン | 97e006e69f52318307e88ebaa66a2d4b9c772b07 (tree) |
---|---|
日時 | 2012-06-06 21:04:56 |
作者 | bolkimen <bolkimen@yaho...> |
コミッター | bolkimen |
[#3892] ticket:76 write = create + update
@@ -143,7 +143,7 @@ | ||
143 | 143 | {% endblock %} |
144 | 144 | |
145 | 145 | {% block extra_js %} |
146 | - {% if h.has_access(ticket, 'write')() %} | |
146 | + {% if h.has_access(ticket, 'update')() %} | |
147 | 147 | <script type="text/javascript"> |
148 | 148 | $(document).ready(function () { |
149 | 149 | // show/hide form |
@@ -173,7 +173,7 @@ class TestFunctionalController(TrackerTestController): | ||
173 | 173 | index_view = self.app.get('/bugs/') |
174 | 174 | assert 'No open tickets found.' in index_view |
175 | 175 | assert 'Create Ticket' in index_view |
176 | - # No 'Create Ticket' button for user without 'write' perm | |
176 | + # No 'Create Ticket' button for user without 'create' perm | |
177 | 177 | r = self.app.get('/bugs/', extra_environ=dict(username='*anonymous')) |
178 | 178 | assert 'Create Ticket' not in r |
179 | 179 |
@@ -879,7 +879,8 @@ class TestMilestoneAdmin(TrackerTestController): | ||
879 | 879 | def post_install_hook(app): |
880 | 880 | role_anon = M.ProjectRole.by_name('*anonymous')._id |
881 | 881 | app.config.acl.append(M.ACE.allow(role_anon, 'post')) |
882 | - app.config.acl.append(M.ACE.allow(role_anon, 'write')) | |
882 | + app.config.acl.append(M.ACE.allow(role_anon, 'create')) | |
883 | + app.config.acl.append(M.ACE.allow(role_anon, 'update')) | |
883 | 884 | |
884 | 885 | class TestEmailMonitoring(TrackerTestController): |
885 | 886 | def __init__(self): |
@@ -23,7 +23,8 @@ def test_role_assignments(): | ||
23 | 23 | return pred(user=admin), pred(user=user), pred(user=anon) |
24 | 24 | assert check_access('configure') == (True, False, False) |
25 | 25 | assert check_access('read') == (True, True, True) |
26 | - assert check_access('write') == (True, False, False) | |
26 | + assert check_access('update') == (True, False, False) | |
27 | + assert check_access('create') == (True, False, False) | |
27 | 28 | assert check_access('unmoderated_post') == (True, True, False) |
28 | 29 | assert check_access('post') == (True, True, False) |
29 | 30 | assert check_access('moderate') == (True, False, False) |
@@ -80,24 +80,32 @@ class TestTicketModel(TrackerTestWithModel): | ||
80 | 80 | ACE.allow(role_creator, ALL_PERMISSIONS), |
81 | 81 | DENY_ALL] |
82 | 82 | assert has_access(t, 'read', user=admin)() |
83 | - assert has_access(t, 'write', user=admin)() | |
83 | + assert has_access(t, 'create', user=admin)() | |
84 | + assert has_access(t, 'update', user=admin)() | |
84 | 85 | assert has_access(t, 'read', user=creator)() |
85 | - assert has_access(t, 'write', user=creator)() | |
86 | + assert has_access(t, 'create', user=creator)() | |
87 | + assert has_access(t, 'update', user=creator)() | |
86 | 88 | assert has_access(t, 'read', user=developer)() |
87 | - assert has_access(t, 'write', user=developer)() | |
89 | + assert has_access(t, 'create', user=developer)() | |
90 | + assert has_access(t, 'update', user=developer)() | |
88 | 91 | assert not has_access(t, 'read', user=observer)() |
89 | - assert not has_access(t, 'write', user=observer)() | |
92 | + assert not has_access(t, 'create', user=observer)() | |
93 | + assert not has_access(t, 'update', user=observer)() | |
90 | 94 | assert not has_access(t, 'read', user=anon)() |
91 | - assert not has_access(t, 'write', user=anon)() | |
95 | + assert not has_access(t, 'create', user=anon)() | |
96 | + assert not has_access(t, 'update', user=anon)() | |
92 | 97 | |
93 | 98 | t.private = False |
94 | 99 | assert t.acl == [] |
95 | 100 | assert has_access(t, 'read', user=admin)() |
96 | - assert has_access(t, 'write', user=admin)() | |
101 | + assert has_access(t, 'create', user=admin)() | |
102 | + assert has_access(t, 'update', user=admin)() | |
97 | 103 | assert has_access(t, 'read', user=developer)() |
98 | - assert has_access(t, 'write', user=developer)() | |
104 | + assert has_access(t, 'create', user=developer)() | |
105 | + assert has_access(t, 'update', user=developer)() | |
99 | 106 | assert has_access(t, 'read', user=creator)() |
100 | 107 | assert has_access(t, 'unmoderated_post', user=creator)() |
101 | - assert not has_access(t, 'write', user=creator)() | |
108 | + assert not has_access(t, 'create', user=creator)() | |
109 | + assert not has_access(t, 'update', user=creator)() | |
102 | 110 | assert has_access(t, 'read', user=observer)() |
103 | 111 | assert has_access(t, 'read', user=anon)() |
@@ -100,7 +100,7 @@ class W: | ||
100 | 100 | |
101 | 101 | class ForgeTrackerApp(Application): |
102 | 102 | __version__ = version.__version__ |
103 | - permissions = ['configure', 'read', 'write', 'save_searches', | |
103 | + permissions = ['configure', 'read', 'update', 'create', 'save_searches', | |
104 | 104 | 'unmoderated_post', 'post', 'moderate', 'admin'] |
105 | 105 | config_options = Application.config_options + [ |
106 | 106 | ConfigOption('TicketMonitoringEmail', str, ''), |
@@ -190,7 +190,7 @@ class ForgeTrackerApp(Application): | ||
190 | 190 | ticket = None |
191 | 191 | |
192 | 192 | links = [] |
193 | - if has_access(self, 'write')(): | |
193 | + if has_access(self, 'create')(): | |
194 | 194 | links.append(SitemapEntry('Create Ticket', |
195 | 195 | self.config.url() + 'new/', ui_icon=g.icons['plus'])) |
196 | 196 | if has_access(self, 'configure')(): |
@@ -260,7 +260,8 @@ class ForgeTrackerApp(Application): | ||
260 | 260 | M.ACE.allow(role_anon, 'read'), |
261 | 261 | M.ACE.allow(role_auth, 'post'), |
262 | 262 | M.ACE.allow(role_auth, 'unmoderated_post'), |
263 | - M.ACE.allow(role_developer, 'write'), | |
263 | + M.ACE.allow(role_developer, 'update'), | |
264 | + M.ACE.allow(role_developer, 'create'), | |
264 | 265 | M.ACE.allow(role_developer, 'moderate'), |
265 | 266 | M.ACE.allow(role_developer, 'save_searches'), |
266 | 267 | M.ACE.allow(role_admin, 'configure'), |
@@ -404,7 +405,7 @@ class RootController(BaseController): | ||
404 | 405 | columns=columns, page=page, **kw) |
405 | 406 | c.subscribe_form = W.subscribe_form |
406 | 407 | result['subscribed'] = M.Mailbox.subscribed() |
407 | - result['allow_edit'] = has_access(c.app, 'write')() | |
408 | + result['allow_edit'] = has_access(c.app, 'update')() | |
408 | 409 | result['help_msg'] = c.app.config.options.get('TicketHelpSearch') |
409 | 410 | result['url_q'] = c.app.globals.not_closed_query |
410 | 411 | result['url_sort'] = '' |
@@ -501,7 +502,7 @@ class RootController(BaseController): | ||
501 | 502 | if project: |
502 | 503 | redirect(c.project.url() + 'search?' + urlencode(dict(q=q, history=kw.get('history')))) |
503 | 504 | result = self.paged_query(q, page=page, sort=sort, columns=columns, **kw) |
504 | - result['allow_edit'] = has_access(c.app, 'write')() | |
505 | + result['allow_edit'] = has_access(c.app, 'update')() | |
505 | 506 | result['bin'] = bin |
506 | 507 | result['help_msg'] = c.app.config.options.get('TicketHelpSearch') |
507 | 508 | c.ticket_search_results = W.ticket_search_results |
@@ -544,7 +545,7 @@ class RootController(BaseController): | ||
544 | 545 | @with_trailing_slash |
545 | 546 | @expose('jinja:forgetracker:templates/tracker/new_ticket.html') |
546 | 547 | def new(self, super_id=None, **kw): |
547 | - require_access(c.app, 'write') | |
548 | + require_access(c.app, 'create') | |
548 | 549 | c.ticket_form = W.ticket_form |
549 | 550 | help_msg = c.app.config.options.get('TicketHelpNew') |
550 | 551 | return dict(action=c.app.config.url()+'save_ticket', |
@@ -599,9 +600,9 @@ class RootController(BaseController): | ||
599 | 600 | ticket_num=ticket_num) |
600 | 601 | if not ticket: |
601 | 602 | raise Exception('Ticket number not found.') |
602 | - require_access(ticket, 'write') | |
603 | + require_access(ticket, 'update') | |
603 | 604 | else: |
604 | - require_access(c.app, 'write') | |
605 | + require_access(c.app, 'create') | |
605 | 606 | ticket = TM.Ticket.new() |
606 | 607 | ticket.update(ticket_form) |
607 | 608 | redirect(str(ticket.ticket_num)+'/') |
@@ -613,7 +614,7 @@ class RootController(BaseController): | ||
613 | 614 | page=validators.Int(if_empty=0), |
614 | 615 | sort=validators.UnicodeString(if_empty='ticket_num_i asc'))) |
615 | 616 | def edit(self, q=None, limit=None, page=None, sort=None, **kw): |
616 | - require_access(c.app, 'write') | |
617 | + require_access(c.app, 'update') | |
617 | 618 | result = self.paged_query(q, sort=sort, limit=limit, page=page, **kw) |
618 | 619 | # if c.app.globals.milestone_names is None: |
619 | 620 | # c.app.globals.milestone_names = '' |
@@ -634,7 +635,7 @@ class RootController(BaseController): | ||
634 | 635 | _id={'$in':[ObjectId(id) for id in post_data['selected'].split(',')]}, |
635 | 636 | app_config_id=c.app.config._id)).all() |
636 | 637 | for ticket in tickets: |
637 | - require_access(ticket, 'write') | |
638 | + require_access(ticket, 'update') | |
638 | 639 | |
639 | 640 | fields = set(['status']) |
640 | 641 | values = {} |
@@ -1012,7 +1013,7 @@ class TicketController(BaseController): | ||
1012 | 1013 | post_count = self.ticket.discussion_thread.post_count |
1013 | 1014 | limit, page = h.paging_sanitizer(limit, page, post_count) |
1014 | 1015 | return dict(ticket=self.ticket, globals=c.app.globals, |
1015 | - allow_edit=has_access(self.ticket, 'write')(), | |
1016 | + allow_edit=has_access(self.ticket, 'update')(), | |
1016 | 1017 | tool_subscribed=tool_subscribed, |
1017 | 1018 | subscribed=subscribed, |
1018 | 1019 | page=page, limit=limit, count=post_count) |
@@ -1073,7 +1074,7 @@ class TicketController(BaseController): | ||
1073 | 1074 | |
1074 | 1075 | @require_post() |
1075 | 1076 | def _update_ticket(self, post_data): |
1076 | - require_access(self.ticket, 'write') | |
1077 | + require_access(self.ticket, 'update') | |
1077 | 1078 | changes = changelog() |
1078 | 1079 | comment = post_data.pop('comment', None) |
1079 | 1080 | labels = post_data.pop('labels', None) or [] |
@@ -1180,7 +1181,7 @@ class TicketController(BaseController): | ||
1180 | 1181 | |
1181 | 1182 | class AttachmentController(ac.AttachmentController): |
1182 | 1183 | AttachmentClass = TM.TicketAttachment |
1183 | - edit_perm = 'write' | |
1184 | + edit_perm = 'update' | |
1184 | 1185 | |
1185 | 1186 | class AttachmentsController(ac.AttachmentsController): |
1186 | 1187 | AttachmentControllerClass = AttachmentController |
@@ -1340,7 +1341,7 @@ class RootRestController(BaseController): | ||
1340 | 1341 | @require_post() |
1341 | 1342 | @validate(W.ticket_form, error_handler=h.json_validation_error) |
1342 | 1343 | def new(self, ticket_form=None, **post_data): |
1343 | - require_access(c.app, 'write') | |
1344 | + require_access(c.app, 'create') | |
1344 | 1345 | c.app.globals.invalidate_bin_counts() |
1345 | 1346 | if c.app.globals.milestone_names is None: |
1346 | 1347 | c.app.globals.milestone_names = '' |
@@ -1403,7 +1404,7 @@ class TicketRestController(BaseController): | ||
1403 | 1404 | @require_post() |
1404 | 1405 | @validate(W.ticket_form, error_handler=h.json_validation_error) |
1405 | 1406 | def save(self, ticket_form=None, **post_data): |
1406 | - require_access(self.ticket, 'write') | |
1407 | + require_access(self.ticket, 'update') | |
1407 | 1408 | c.app.globals.invalidate_bin_counts() |
1408 | 1409 | # if c.app.globals.milestone_names is None: |
1409 | 1410 | # c.app.globals.milestone_names = '' |
@@ -1439,7 +1440,7 @@ class MilestoneController(BaseController): | ||
1439 | 1440 | require(has_access(c.app, 'read')) |
1440 | 1441 | result = TM.Ticket.paged_query( |
1441 | 1442 | self.mongo_query, page=page, sort=sort, columns=columns, **kw) |
1442 | - result['allow_edit'] = has_access(c.app, 'write')() | |
1443 | + result['allow_edit'] = has_access(c.app, 'update')() | |
1443 | 1444 | result['help_msg'] = c.app.config.options.get('TicketHelpSearch') |
1444 | 1445 | progress = c.app.globals.milestone_count(self.progress_key) |
1445 | 1446 | result.pop('q') |
@@ -1465,7 +1466,7 @@ class MilestoneController(BaseController): | ||
1465 | 1466 | page=validators.Int(if_empty=0), |
1466 | 1467 | sort=validators.UnicodeString(if_empty='ticket_num_i asc'))) |
1467 | 1468 | def edit(self, q=None, limit=None, page=None, sort=None, columns=None, **kw): |
1468 | - require_access(c.app, 'write') | |
1469 | + require_access(c.app, 'update') | |
1469 | 1470 | result = TM.Ticket.paged_query( |
1470 | 1471 | self.mongo_query, page=page, sort=sort, columns=columns, **kw) |
1471 | 1472 | # if c.app.globals.milestone_names is None: |
@@ -1486,7 +1487,7 @@ class MilestoneController(BaseController): | ||
1486 | 1487 | _id={'$in':[ObjectId(id) for id in post_data['selected'].split(',')]}, |
1487 | 1488 | app_config_id=c.app.config._id)).all() |
1488 | 1489 | for ticket in tickets: |
1489 | - require_access(ticket, 'write') | |
1490 | + require_access(ticket, 'update') | |
1490 | 1491 | |
1491 | 1492 | fields = set(['status']) |
1492 | 1493 | values = {} |